Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2026-31429 (GCVE-0-2026-31429)
Vulnerability from cvelistv5 – Published: 2026-04-20 09:43 – Updated: 2026-05-11 22:08| Vendor | Product | Version | |
|---|---|---|---|
| Linux | Linux |
Affected:
bf9f1baa279f0758dc2297080360c5a616843927 , < 128b03ccb2582a643983a48a37fda58df80edbde
(git)
Affected: bf9f1baa279f0758dc2297080360c5a616843927 , < 60313768a8edc7094435975587c00c2d7b834083 (git) Affected: bf9f1baa279f0758dc2297080360c5a616843927 , < 2d64618ea846d8d033477311f805ca487d6a6696 (git) Affected: bf9f1baa279f0758dc2297080360c5a616843927 , < 474e00b935db250cac320d10c1d3cf4e44b46721 (git) Affected: bf9f1baa279f0758dc2297080360c5a616843927 , < 0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516 (git) |
|
| Linux | Linux |
Affected:
6.3
Unaffected: 0 , < 6.3 (semver) Unaffected: 6.6.136 , ≤ 6.6.* (semver) Unaffected: 6.12.82 , ≤ 6.12.* (semver) Unaffected: 6.18.23 , ≤ 6.18.* (semver) Unaffected: 6.19.13 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix) |
{
"containers": {
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/core/skbuff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "128b03ccb2582a643983a48a37fda58df80edbde",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "60313768a8edc7094435975587c00c2d7b834083",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "2d64618ea846d8d033477311f805ca487d6a6696",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "474e00b935db250cac320d10c1d3cf4e44b46721",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/core/skbuff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.82",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.6.136",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.12.82",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.18.23",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "6.19.13",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "7.0",
"versionStartIncluding": "6.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects."
}
],
"providerMetadata": {
"dateUpdated": "2026-05-11T22:08:32.321Z",
"orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"shortName": "Linux"
},
"references": [
{
"url": "https://git.kernel.org/stable/c/128b03ccb2582a643983a48a37fda58df80edbde"
},
{
"url": "https://git.kernel.org/stable/c/60313768a8edc7094435975587c00c2d7b834083"
},
{
"url": "https://git.kernel.org/stable/c/2d64618ea846d8d033477311f805ca487d6a6696"
},
{
"url": "https://git.kernel.org/stable/c/474e00b935db250cac320d10c1d3cf4e44b46721"
},
{
"url": "https://git.kernel.org/stable/c/0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516"
}
],
"title": "net: skb: fix cross-cache free of KFENCE-allocated skb head",
"x_generator": {
"engine": "bippy-1.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"assignerShortName": "Linux",
"cveId": "CVE-2026-31429",
"datePublished": "2026-04-20T09:43:03.194Z",
"dateReserved": "2026-03-09T15:48:24.089Z",
"dateUpdated": "2026-05-11T22:08:32.321Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2",
"vulnerability-lookup:meta": {
"epss": {
"cve": "CVE-2026-31429",
"date": "2026-07-03",
"epss": "0.00259",
"percentile": "0.17287"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2026-31429\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-04-20T10:16:16.737\",\"lastModified\":\"2026-06-17T10:33:42.150\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\\n\\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\\nbucket sizes. This ensures that skb_kfree_head() can reliably use\\nskb_end_offset to distinguish skb heads allocated from\\nskb_small_head_cache vs. generic kmalloc caches.\\n\\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\\nrequested allocation size instead of the slab bucket size. If a caller\\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\\nskb_shared_info overhead, skb_end_offset ends up matching\\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\\nthe object to skb_small_head_cache instead of back to the original\\nkmalloc cache, resulting in a slab cross-cache free:\\n\\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\\n skbuff_small_head but got kmalloc-1k\\n\\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\\nthe free path generic and avoids allocator-specific misclassification\\nfor KFENCE objects.\"}],\"affected\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"affectedData\":[{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"unaffected\",\"programFiles\":[\"net/core/skbuff.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"bf9f1baa279f0758dc2297080360c5a616843927\",\"lessThan\":\"128b03ccb2582a643983a48a37fda58df80edbde\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bf9f1baa279f0758dc2297080360c5a616843927\",\"lessThan\":\"60313768a8edc7094435975587c00c2d7b834083\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bf9f1baa279f0758dc2297080360c5a616843927\",\"lessThan\":\"2d64618ea846d8d033477311f805ca487d6a6696\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bf9f1baa279f0758dc2297080360c5a616843927\",\"lessThan\":\"474e00b935db250cac320d10c1d3cf4e44b46721\",\"versionType\":\"git\",\"status\":\"affected\"},{\"version\":\"bf9f1baa279f0758dc2297080360c5a616843927\",\"lessThan\":\"0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516\",\"versionType\":\"git\",\"status\":\"affected\"}]},{\"vendor\":\"Linux\",\"product\":\"Linux\",\"defaultStatus\":\"affected\",\"programFiles\":[\"net/core/skbuff.c\"],\"repo\":\"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\",\"versions\":[{\"version\":\"6.3\",\"status\":\"affected\"},{\"version\":\"0\",\"lessThan\":\"6.3\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.6.136\",\"lessThanOrEqual\":\"6.6.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.12.82\",\"lessThanOrEqual\":\"6.12.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.18.23\",\"lessThanOrEqual\":\"6.18.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"6.19.13\",\"lessThanOrEqual\":\"6.19.*\",\"versionType\":\"semver\",\"status\":\"unaffected\"},{\"version\":\"7.0\",\"lessThanOrEqual\":\"*\",\"versionType\":\"original_commit_for_fix\",\"status\":\"unaffected\"}]}]}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H\",\"baseScore\":5.5,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":3.6}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-401\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.3\",\"versionEndExcluding\":\"6.6.136\",\"matchCriteriaId\":\"CEC191DD-B9E5-4BBF-87F3-133C249BE806\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.82\",\"matchCriteriaId\":\"02904CAE-71D2-45B3-9EC3-F6A9D18B6307\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.23\",\"matchCriteriaId\":\"E9E09FDD-9EE3-4A56-92E2-2B30AFD0072F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.13\",\"matchCriteriaId\":\"1490EF9B-9080-481C-8D22-1306AAE664E4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*\",\"matchCriteriaId\":\"F253B622-8837-4245-BCE5-A7BF8FC76A16\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*\",\"matchCriteriaId\":\"F666C8D8-6538-46D4-B318-87610DE64C34\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*\",\"matchCriteriaId\":\"02259FDA-961B-47BC-AE7F-93D7EC6E90C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*\",\"matchCriteriaId\":\"58A9FEFF-C040-420D-8F0A-BFDAAA1DF258\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*\",\"matchCriteriaId\":\"1D2315C0-D46F-4F85-9754-F9E5E11374A6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*\",\"matchCriteriaId\":\"512EE3A8-A590-4501-9A94-5D4B268D6138\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/128b03ccb2582a643983a48a37fda58df80edbde\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/2d64618ea846d8d033477311f805ca487d6a6696\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/474e00b935db250cac320d10c1d3cf4e44b46721\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/60313768a8edc7094435975587c00c2d7b834083\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}"
}
}
CERTFR-2026-AVI-0548
Vulnerability from certfr_avis - Published: 2026-05-07 - Updated: 2026-05-07
De multiples vulnérabilités ont été découvertes dans le noyau Linux de Debian. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et un déni de service.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 6.12.85-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
},
{
"description": "Debian trixie versions ant\u00e9rieures \u00e0 version 6.1.170-1",
"product": {
"name": "Debian",
"vendor": {
"name": "Debian",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-31559",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31559"
},
{
"name": "CVE-2026-31623",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31623"
},
{
"name": "CVE-2026-31483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31483"
},
{
"name": "CVE-2026-31409",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31409"
},
{
"name": "CVE-2026-31522",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31522"
},
{
"name": "CVE-2026-31770",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31770"
},
{
"name": "CVE-2026-23447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23447"
},
{
"name": "CVE-2026-31582",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31582"
},
{
"name": "CVE-2026-23387",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23387"
},
{
"name": "CVE-2026-31619",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31619"
},
{
"name": "CVE-2026-31658",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31658"
},
{
"name": "CVE-2026-31618",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31618"
},
{
"name": "CVE-2025-21682",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21682"
},
{
"name": "CVE-2026-31756",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31756"
},
{
"name": "CVE-2026-31467",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31467"
},
{
"name": "CVE-2026-23318",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23318"
},
{
"name": "CVE-2026-23368",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23368"
},
{
"name": "CVE-2026-31485",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31485"
},
{
"name": "CVE-2026-23475",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23475"
},
{
"name": "CVE-2026-31578",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31578"
},
{
"name": "CVE-2025-40147",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40147"
},
{
"name": "CVE-2026-31754",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31754"
},
{
"name": "CVE-2026-31402",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31402"
},
{
"name": "CVE-2025-40219",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40219"
},
{
"name": "CVE-2026-23426",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23426"
},
{
"name": "CVE-2026-31758",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31758"
},
{
"name": "CVE-2025-68736",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68736"
},
{
"name": "CVE-2025-71265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71265"
},
{
"name": "CVE-2026-23450",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23450"
},
{
"name": "CVE-2026-23281",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23281"
},
{
"name": "CVE-2026-31530",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31530"
},
{
"name": "CVE-2025-71221",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71221"
},
{
"name": "CVE-2026-31685",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31685"
},
{
"name": "CVE-2026-31416",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31416"
},
{
"name": "CVE-2026-31656",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31656"
},
{
"name": "CVE-2025-39764",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39764"
},
{
"name": "CVE-2026-31453",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31453"
},
{
"name": "CVE-2026-23004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23004"
},
{
"name": "CVE-2026-31593",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31593"
},
{
"name": "CVE-2026-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23438"
},
{
"name": "CVE-2026-23293",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23293"
},
{
"name": "CVE-2026-23463",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23463"
},
{
"name": "CVE-2026-23227",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23227"
},
{
"name": "CVE-2026-23454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23454"
},
{
"name": "CVE-2026-31405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31405"
},
{
"name": "CVE-2026-43054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43054"
},
{
"name": "CVE-2026-23465",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23465"
},
{
"name": "CVE-2026-31664",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31664"
},
{
"name": "CVE-2026-31542",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31542"
},
{
"name": "CVE-2026-31473",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31473"
},
{
"name": "CVE-2026-23297",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23297"
},
{
"name": "CVE-2026-31556",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31556"
},
{
"name": "CVE-2026-31528",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31528"
},
{
"name": "CVE-2026-31448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31448"
},
{
"name": "CVE-2026-31597",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31597"
},
{
"name": "CVE-2025-21709",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21709"
},
{
"name": "CVE-2026-22981",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22981"
},
{
"name": "CVE-2026-31550",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31550"
},
{
"name": "CVE-2026-31487",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31487"
},
{
"name": "CVE-2026-23290",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23290"
},
{
"name": "CVE-2026-31549",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31549"
},
{
"name": "CVE-2026-31752",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31752"
},
{
"name": "CVE-2025-40016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40016"
},
{
"name": "CVE-2026-31787",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31787"
},
{
"name": "CVE-2025-38626",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38626"
},
{
"name": "CVE-2026-23303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
},
{
"name": "CVE-2026-43011",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43011"
},
{
"name": "CVE-2025-68175",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68175"
},
{
"name": "CVE-2026-31396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31396"
},
{
"name": "CVE-2026-23461",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23461"
},
{
"name": "CVE-2026-31680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31680"
},
{
"name": "CVE-2026-31586",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31586"
},
{
"name": "CVE-2026-23340",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23340"
},
{
"name": "CVE-2026-43046",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43046"
},
{
"name": "CVE-2025-68334",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68334"
},
{
"name": "CVE-2026-31738",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31738"
},
{
"name": "CVE-2026-23441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23441"
},
{
"name": "CVE-2026-23210",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23210"
},
{
"name": "CVE-2025-40005",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40005"
},
{
"name": "CVE-2026-31751",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31751"
},
{
"name": "CVE-2026-23380",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23380"
},
{
"name": "CVE-2026-23383",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23383"
},
{
"name": "CVE-2026-31462",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31462"
},
{
"name": "CVE-2026-23412",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23412"
},
{
"name": "CVE-2026-23439",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23439"
},
{
"name": "CVE-2026-23253",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23253"
},
{
"name": "CVE-2026-43025",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43025"
},
{
"name": "CVE-2026-31581",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31581"
},
{
"name": "CVE-2026-31721",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31721"
},
{
"name": "CVE-2026-31617",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31617"
},
{
"name": "CVE-2026-23271",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23271"
},
{
"name": "CVE-2025-68265",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68265"
},
{
"name": "CVE-2026-23434",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23434"
},
{
"name": "CVE-2026-31655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31655"
},
{
"name": "CVE-2026-31611",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31611"
},
{
"name": "CVE-2026-31502",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31502"
},
{
"name": "CVE-2026-31531",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31531"
},
{
"name": "CVE-2026-43018",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43018"
},
{
"name": "CVE-2026-43014",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43014"
},
{
"name": "CVE-2026-31447",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31447"
},
{
"name": "CVE-2025-22116",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22116"
},
{
"name": "CVE-2026-23226",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23226"
},
{
"name": "CVE-2026-23285",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23285"
},
{
"name": "CVE-2026-31431",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31431"
},
{
"name": "CVE-2026-31645",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31645"
},
{
"name": "CVE-2026-23470",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23470"
},
{
"name": "CVE-2026-31599",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31599"
},
{
"name": "CVE-2026-43028",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43028"
},
{
"name": "CVE-2026-31511",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31511"
},
{
"name": "CVE-2026-31614",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31614"
},
{
"name": "CVE-2026-23422",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23422"
},
{
"name": "CVE-2026-31482",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31482"
},
{
"name": "CVE-2026-31548",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31548"
},
{
"name": "CVE-2026-23304",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23304"
},
{
"name": "CVE-2026-31683",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31683"
},
{
"name": "CVE-2026-23357",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23357"
},
{
"name": "CVE-2026-31408",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31408"
},
{
"name": "CVE-2025-38105",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38105"
},
{
"name": "CVE-2026-31524",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31524"
},
{
"name": "CVE-2026-31505",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31505"
},
{
"name": "CVE-2026-31668",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31668"
},
{
"name": "CVE-2026-23250",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23250"
},
{
"name": "CVE-2026-23066",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23066"
},
{
"name": "CVE-2026-31478",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31478"
},
{
"name": "CVE-2026-31546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31546"
},
{
"name": "CVE-2025-38426",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38426"
},
{
"name": "CVE-2025-38436",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38436"
},
{
"name": "CVE-2026-31583",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31583"
},
{
"name": "CVE-2025-22117",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-22117"
},
{
"name": "CVE-2026-31605",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31605"
},
{
"name": "CVE-2026-23324",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23324"
},
{
"name": "CVE-2026-23347",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23347"
},
{
"name": "CVE-2026-23373",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23373"
},
{
"name": "CVE-2026-31516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31516"
},
{
"name": "CVE-2024-50298",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-50298"
},
{
"name": "CVE-2026-23317",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23317"
},
{
"name": "CVE-2026-43047",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43047"
},
{
"name": "CVE-2026-31389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31389"
},
{
"name": "CVE-2026-31394",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31394"
},
{
"name": "CVE-2026-31786",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31786"
},
{
"name": "CVE-2026-31545",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31545"
},
{
"name": "CVE-2026-31681",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31681"
},
{
"name": "CVE-2026-31598",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31598"
},
{
"name": "CVE-2026-23456",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23456"
},
{
"name": "CVE-2026-43033",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43033"
},
{
"name": "CVE-2026-43023",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43023"
},
{
"name": "CVE-2026-23287",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23287"
},
{
"name": "CVE-2026-31510",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31510"
},
{
"name": "CVE-2026-31622",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31622"
},
{
"name": "CVE-2026-23457",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23457"
},
{
"name": "CVE-2026-31595",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31595"
},
{
"name": "CVE-2026-31496",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31496"
},
{
"name": "CVE-2026-31642",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31642"
},
{
"name": "CVE-2026-23399",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23399"
},
{
"name": "CVE-2026-23334",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23334"
},
{
"name": "CVE-2025-40242",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40242"
},
{
"name": "CVE-2026-31659",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31659"
},
{
"name": "CVE-2026-23401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23401"
},
{
"name": "CVE-2025-71239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71239"
},
{
"name": "CVE-2026-23207",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23207"
},
{
"name": "CVE-2026-43057",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43057"
},
{
"name": "CVE-2026-43030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43030"
},
{
"name": "CVE-2026-23138",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23138"
},
{
"name": "CVE-2025-38250",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38250"
},
{
"name": "CVE-2026-31525",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31525"
},
{
"name": "CVE-2026-31638",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31638"
},
{
"name": "CVE-2026-31588",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31588"
},
{
"name": "CVE-2026-23391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23391"
},
{
"name": "CVE-2026-31415",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31415"
},
{
"name": "CVE-2026-31647",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31647"
},
{
"name": "CVE-2024-47809",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47809"
},
{
"name": "CVE-2026-23204",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23204"
},
{
"name": "CVE-2026-23462",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23462"
},
{
"name": "CVE-2026-31563",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31563"
},
{
"name": "CVE-2026-23273",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23273"
},
{
"name": "CVE-2026-23372",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23372"
},
{
"name": "CVE-2026-31693",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31693"
},
{
"name": "CVE-2026-31689",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31689"
},
{
"name": "CVE-2026-23319",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23319"
},
{
"name": "CVE-2024-56719",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-56719"
},
{
"name": "CVE-2026-31566",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31566"
},
{
"name": "CVE-2026-31494",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31494"
},
{
"name": "CVE-2026-31565",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31565"
},
{
"name": "CVE-2026-23270",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23270"
},
{
"name": "CVE-2026-31763",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31763"
},
{
"name": "CVE-2026-23279",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23279"
},
{
"name": "CVE-2026-23466",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23466"
},
{
"name": "CVE-2026-31616",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31616"
},
{
"name": "CVE-2026-31670",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31670"
},
{
"name": "CVE-2026-23240",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23240"
},
{
"name": "CVE-2026-23244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23244"
},
{
"name": "CVE-2026-23246",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23246"
},
{
"name": "CVE-2026-31422",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31422"
},
{
"name": "CVE-2026-23286",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23286"
},
{
"name": "CVE-2026-23359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
},
{
"name": "CVE-2026-31533",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31533"
},
{
"name": "CVE-2026-23298",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23298"
},
{
"name": "CVE-2026-31469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31469"
},
{
"name": "CVE-2026-31498",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31498"
},
{
"name": "CVE-2026-31615",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31615"
},
{
"name": "CVE-2026-31520",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31520"
},
{
"name": "CVE-2026-31449",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31449"
},
{
"name": "CVE-2026-31418",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31418"
},
{
"name": "CVE-2026-23296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23296"
},
{
"name": "CVE-2026-31427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31427"
},
{
"name": "CVE-2026-31555",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31555"
},
{
"name": "CVE-2026-31594",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31594"
},
{
"name": "CVE-2026-31392",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31392"
},
{
"name": "CVE-2026-23360",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23360"
},
{
"name": "CVE-2025-40150",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40150"
},
{
"name": "CVE-2026-31580",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31580"
},
{
"name": "CVE-2026-31515",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31515"
},
{
"name": "CVE-2026-31661",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31661"
},
{
"name": "CVE-2026-31737",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31737"
},
{
"name": "CVE-2025-38627",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38627"
},
{
"name": "CVE-2026-31606",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31606"
},
{
"name": "CVE-2026-43017",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43017"
},
{
"name": "CVE-2024-14027",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-14027"
},
{
"name": "CVE-2025-71267",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71267"
},
{
"name": "CVE-2026-43043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43043"
},
{
"name": "CVE-2025-37945",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37945"
},
{
"name": "CVE-2026-23308",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23308"
},
{
"name": "CVE-2026-31684",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31684"
},
{
"name": "CVE-2026-23396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23396"
},
{
"name": "CVE-2026-31423",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31423"
},
{
"name": "CVE-2026-31625",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31625"
},
{
"name": "CVE-2026-43051",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43051"
},
{
"name": "CVE-2026-31759",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31759"
},
{
"name": "CVE-2026-31432",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31432"
},
{
"name": "CVE-2026-23370",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23370"
},
{
"name": "CVE-2025-38303",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38303"
},
{
"name": "CVE-2026-23302",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23302"
},
{
"name": "CVE-2026-23414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23414"
},
{
"name": "CVE-2026-31781",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31781"
},
{
"name": "CVE-2026-23315",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23315"
},
{
"name": "CVE-2026-31523",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31523"
},
{
"name": "CVE-2026-31669",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31669"
},
{
"name": "CVE-2026-31450",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31450"
},
{
"name": "CVE-2026-31671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31671"
},
{
"name": "CVE-2026-31749",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31749"
},
{
"name": "CVE-2026-43024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43024"
},
{
"name": "CVE-2026-23239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23239"
},
{
"name": "CVE-2026-23352",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23352"
},
{
"name": "CVE-2026-31720",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31720"
},
{
"name": "CVE-2026-31554",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31554"
},
{
"name": "CVE-2026-31748",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31748"
},
{
"name": "CVE-2026-23367",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23367"
},
{
"name": "CVE-2026-31628",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31628"
},
{
"name": "CVE-2026-23427",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23427"
},
{
"name": "CVE-2026-31662",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31662"
},
{
"name": "CVE-2025-71067",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71067"
},
{
"name": "CVE-2026-31768",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31768"
},
{
"name": "CVE-2026-43026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43026"
},
{
"name": "CVE-2026-31480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31480"
},
{
"name": "CVE-2026-23255",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23255"
},
{
"name": "CVE-2026-23446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23446"
},
{
"name": "CVE-2026-23417",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23417"
},
{
"name": "CVE-2026-43035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43035"
},
{
"name": "CVE-2026-31561",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31561"
},
{
"name": "CVE-2026-31627",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31627"
},
{
"name": "CVE-2025-71269",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71269"
},
{
"name": "CVE-2026-31429",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31429"
},
{
"name": "CVE-2026-31665",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31665"
},
{
"name": "CVE-2025-40358",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40358"
},
{
"name": "CVE-2026-23300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23300"
},
{
"name": "CVE-2026-23444",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23444"
},
{
"name": "CVE-2026-31391",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31391"
},
{
"name": "CVE-2026-31406",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31406"
},
{
"name": "CVE-2026-31672",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31672"
},
{
"name": "CVE-2026-31401",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31401"
},
{
"name": "CVE-2026-31780",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31780"
},
{
"name": "CVE-2026-23243",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23243"
},
{
"name": "CVE-2026-31479",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31479"
},
{
"name": "CVE-2023-53510",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53510"
},
{
"name": "CVE-2026-31675",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31675"
},
{
"name": "CVE-2026-31521",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31521"
},
{
"name": "CVE-2026-23363",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23363"
},
{
"name": "CVE-2026-31626",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31626"
},
{
"name": "CVE-2026-23445",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23445"
},
{
"name": "CVE-2026-31634",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31634"
},
{
"name": "CVE-2026-31610",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31610"
},
{
"name": "CVE-2024-47736",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47736"
},
{
"name": "CVE-2026-31412",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31412"
},
{
"name": "CVE-2026-43032",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43032"
},
{
"name": "CVE-2026-23362",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23362"
},
{
"name": "CVE-2026-23379",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23379"
},
{
"name": "CVE-2026-31648",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31648"
},
{
"name": "CVE-2026-31421",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31421"
},
{
"name": "CVE-2026-31677",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31677"
},
{
"name": "CVE-2023-53545",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53545"
},
{
"name": "CVE-2026-23381",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23381"
},
{
"name": "CVE-2026-31518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31518"
},
{
"name": "CVE-2026-31470",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31470"
},
{
"name": "CVE-2026-31686",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31686"
},
{
"name": "CVE-2026-31660",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31660"
},
{
"name": "CVE-2026-23392",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
},
{
"name": "CVE-2026-23245",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23245"
},
{
"name": "CVE-2026-31728",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31728"
},
{
"name": "CVE-2024-49998",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49998"
},
{
"name": "CVE-2026-31403",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31403"
},
{
"name": "CVE-2026-31400",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31400"
},
{
"name": "CVE-2026-31512",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31512"
},
{
"name": "CVE-2026-23330",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23330"
},
{
"name": "CVE-2026-31726",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31726"
},
{
"name": "CVE-2026-31504",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31504"
},
{
"name": "CVE-2026-31773",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31773"
},
{
"name": "CVE-2026-23364",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23364"
},
{
"name": "CVE-2026-31607",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31607"
},
{
"name": "CVE-2026-23242",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23242"
},
{
"name": "CVE-2026-43015",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43015"
},
{
"name": "CVE-2026-31509",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31509"
},
{
"name": "CVE-2026-31679",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31679"
},
{
"name": "CVE-2025-40135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40135"
},
{
"name": "CVE-2026-31637",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31637"
},
{
"name": "CVE-2026-31779",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31779"
},
{
"name": "CVE-2026-31612",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31612"
},
{
"name": "CVE-2026-23428",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23428"
},
{
"name": "CVE-2026-23274",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23274"
},
{
"name": "CVE-2026-31590",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31590"
},
{
"name": "CVE-2026-22993",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22993"
},
{
"name": "CVE-2026-23361",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23361"
},
{
"name": "CVE-2025-38192",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38192"
},
{
"name": "CVE-2026-43020",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43020"
},
{
"name": "CVE-2026-31417",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31417"
},
{
"name": "CVE-2026-43041",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43041"
},
{
"name": "CVE-2026-31761",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31761"
},
{
"name": "CVE-2026-31466",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31466"
},
{
"name": "CVE-2026-31527",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31527"
},
{
"name": "CVE-2026-31604",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31604"
},
{
"name": "CVE-2026-23448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23448"
},
{
"name": "CVE-2026-22985",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22985"
},
{
"name": "CVE-2025-71152",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71152"
},
{
"name": "CVE-2026-31414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31414"
},
{
"name": "CVE-2026-31584",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31584"
},
{
"name": "CVE-2026-31778",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31778"
},
{
"name": "CVE-2025-38704",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38704"
},
{
"name": "CVE-2026-31557",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31557"
},
{
"name": "CVE-2026-31426",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31426"
},
{
"name": "CVE-2026-23354",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23354"
},
{
"name": "CVE-2026-23325",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23325"
},
{
"name": "CVE-2025-21676",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-21676"
},
{
"name": "CVE-2026-43040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43040"
},
{
"name": "CVE-2026-23440",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23440"
},
{
"name": "CVE-2026-31552",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31552"
},
{
"name": "CVE-2026-23284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23284"
},
{
"name": "CVE-2026-31488",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31488"
},
{
"name": "CVE-2026-23278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23278"
},
{
"name": "CVE-2026-31532",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31532"
},
{
"name": "CVE-2026-23397",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23397"
},
{
"name": "CVE-2026-23452",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23452"
},
{
"name": "CVE-2026-23474",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23474"
},
{
"name": "CVE-2026-31434",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31434"
},
{
"name": "CVE-2026-23343",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23343"
},
{
"name": "CVE-2026-31430",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31430"
},
{
"name": "CVE-2026-23336",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23336"
},
{
"name": "CVE-2026-31497",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31497"
},
{
"name": "CVE-2026-31682",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31682"
},
{
"name": "CVE-2026-31570",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31570"
},
{
"name": "CVE-2026-23289",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23289"
},
{
"name": "CVE-2026-31755",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31755"
},
{
"name": "CVE-2026-23292",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23292"
},
{
"name": "CVE-2026-23141",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23141"
},
{
"name": "CVE-2026-31451",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31451"
},
{
"name": "CVE-2026-23277",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23277"
},
{
"name": "CVE-2026-31399",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31399"
},
{
"name": "CVE-2026-22986",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-22986"
},
{
"name": "CVE-2026-31489",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31489"
},
{
"name": "CVE-2026-31441",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31441"
},
{
"name": "CVE-2026-23455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23455"
},
{
"name": "CVE-2026-23316",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23316"
},
{
"name": "CVE-2026-23251",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23251"
},
{
"name": "CVE-2026-23335",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23335"
},
{
"name": "CVE-2026-31551",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31551"
},
{
"name": "CVE-2026-31495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31495"
},
{
"name": "CVE-2026-23252",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23252"
},
{
"name": "CVE-2026-23369",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23369"
},
{
"name": "CVE-2026-31507",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31507"
},
{
"name": "CVE-2026-23389",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23389"
},
{
"name": "CVE-2026-31762",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31762"
},
{
"name": "CVE-2026-31788",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31788"
},
{
"name": "CVE-2026-31411",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31411"
},
{
"name": "CVE-2026-31428",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31428"
},
{
"name": "CVE-2026-23420",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23420"
},
{
"name": "CVE-2026-23388",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23388"
},
{
"name": "CVE-2025-39748",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39748"
},
{
"name": "CVE-2026-23449",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23449"
},
{
"name": "CVE-2025-39863",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-39863"
},
{
"name": "CVE-2025-71266",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71266"
},
{
"name": "CVE-2026-31492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31492"
},
{
"name": "CVE-2026-43037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43037"
},
{
"name": "CVE-2026-23070",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23070"
},
{
"name": "CVE-2026-31596",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31596"
},
{
"name": "CVE-2026-31666",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31666"
},
{
"name": "CVE-2026-31676",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31676"
},
{
"name": "CVE-2026-23442",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23442"
},
{
"name": "CVE-2026-31476",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31476"
},
{
"name": "CVE-2026-31603",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31603"
},
{
"name": "CVE-2026-23104",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23104"
},
{
"name": "CVE-2026-23393",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23393"
},
{
"name": "CVE-2026-23458",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23458"
},
{
"name": "CVE-2026-23313",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23313"
},
{
"name": "CVE-2026-31649",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31649"
},
{
"name": "CVE-2026-31674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31674"
},
{
"name": "CVE-2026-31393",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31393"
},
{
"name": "CVE-2026-23310",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23310"
},
{
"name": "CVE-2026-31577",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31577"
},
{
"name": "CVE-2026-43027",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43027"
},
{
"name": "CVE-2025-68206",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68206"
},
{
"name": "CVE-2026-31576",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31576"
},
{
"name": "CVE-2026-31506",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31506"
},
{
"name": "CVE-2026-23339",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23339"
},
{
"name": "CVE-2026-31433",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31433"
},
{
"name": "CVE-2026-31458",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31458"
},
{
"name": "CVE-2026-31776",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31776"
},
{
"name": "CVE-2026-31575",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31575"
},
{
"name": "CVE-2026-23321",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23321"
},
{
"name": "CVE-2026-23460",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23460"
},
{
"name": "CVE-2026-31678",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31678"
},
{
"name": "CVE-2026-31587",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31587"
},
{
"name": "CVE-2025-71161",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-71161"
},
{
"name": "CVE-2026-31540",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31540"
},
{
"name": "CVE-2026-23395",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23395"
},
{
"name": "CVE-2026-31651",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31651"
},
{
"name": "CVE-2023-53228",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-53228"
},
{
"name": "CVE-2026-23100",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23100"
},
{
"name": "CVE-2026-31503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31503"
},
{
"name": "CVE-2026-31657",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31657"
},
{
"name": "CVE-2026-31747",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31747"
},
{
"name": "CVE-2026-31455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31455"
},
{
"name": "CVE-2026-31624",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31624"
},
{
"name": "CVE-2026-23306",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23306"
},
{
"name": "CVE-2026-31585",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31585"
},
{
"name": "CVE-2026-31474",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31474"
},
{
"name": "CVE-2026-23374",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23374"
},
{
"name": "CVE-2026-23378",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23378"
},
{
"name": "CVE-2026-31646",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31646"
},
{
"name": "CVE-2026-31519",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31519"
},
{
"name": "CVE-2026-23464",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23464"
},
{
"name": "CVE-2026-31439",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31439"
},
{
"name": "CVE-2026-23291",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23291"
},
{
"name": "CVE-2026-23413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23413"
},
{
"name": "CVE-2026-31436",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31436"
},
{
"name": "CVE-2025-68239",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68239"
},
{
"name": "CVE-2026-23382",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23382"
},
{
"name": "CVE-2026-31410",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31410"
},
{
"name": "CVE-2026-31446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31446"
},
{
"name": "CVE-2026-31644",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31644"
},
{
"name": "CVE-2026-23113",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23113"
},
{
"name": "CVE-2026-23157",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23157"
},
{
"name": "CVE-2026-31464",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31464"
},
{
"name": "CVE-2026-31500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31500"
},
{
"name": "CVE-2026-31695",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31695"
},
{
"name": "CVE-2025-37980",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37980"
},
{
"name": "CVE-2026-23231",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23231"
},
{
"name": "CVE-2025-40261",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-40261"
},
{
"name": "CVE-2026-31558",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31558"
},
{
"name": "CVE-2026-23312",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23312"
},
{
"name": "CVE-2026-31639",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31639"
},
{
"name": "CVE-2026-31508",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31508"
},
{
"name": "CVE-2026-23365",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23365"
},
{
"name": "CVE-2026-23419",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23419"
},
{
"name": "CVE-2026-31424",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31424"
},
{
"name": "CVE-2026-23375",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23375"
},
{
"name": "CVE-2026-23356",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23356"
},
{
"name": "CVE-2026-23307",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23307"
},
{
"name": "CVE-2025-38162",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38162"
},
{
"name": "CVE-2026-31477",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31477"
},
{
"name": "CVE-2026-23249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23249"
},
{
"name": "CVE-2026-43038",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43038"
},
{
"name": "CVE-2026-43013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43013"
},
{
"name": "CVE-2026-31454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31454"
},
{
"name": "CVE-2025-38659",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38659"
},
{
"name": "CVE-2026-23386",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23386"
},
{
"name": "CVE-2026-31452",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31452"
},
{
"name": "CVE-2026-31407",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31407"
},
{
"name": "CVE-2026-23398",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23398"
},
{
"name": "CVE-2026-31602",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31602"
},
{
"name": "CVE-2026-31425",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31425"
},
{
"name": "CVE-2026-31440",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31440"
},
{
"name": "CVE-2026-23276",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23276"
},
{
"name": "CVE-2026-31629",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31629"
},
{
"name": "CVE-2026-23351",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23351"
},
{
"name": "CVE-2026-43050",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43050"
},
{
"name": "CVE-2026-31438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31438"
},
{
"name": "CVE-2026-23154",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23154"
},
{
"name": "CVE-2026-31673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31673"
},
{
"name": "CVE-2026-31667",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31667"
}
],
"initial_release_date": "2026-05-07T00:00:00",
"last_revision_date": "2026-05-07T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0548",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-05-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de Debian. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et un d\u00e9ni de service.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de Debian",
"vendor_advisories": [
{
"published_at": "2026-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Debian msg00154",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00154.html"
},
{
"published_at": "2026-04-30",
"title": "Bulletin de s\u00e9curit\u00e9 Debian msg00148",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00148.html"
}
]
}
CERTFR-2026-AVI-0833
Vulnerability from certfr_avis - Published: 2026-07-03 - Updated: 2026-07-03
De multiples vulnérabilités ont été découvertes dans le noyau Linux de SUSE. Certaines d'entre elles permettent à un attaquant de provoquer une élévation de privilèges, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| SUSE | Public Cloud Module | Public Cloud Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.5 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP5 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 16.0 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing 15 SP4 | ||
| SUSE | SUSE Manager Retail Branch Server | SUSE Manager Retail Branch Server 4.3 | ||
| SUSE | openSUSE Leap | openSUSE Leap 15.4 | ||
| SUSE | SUSE Linux Enterprise Desktop | SUSE Linux Enterprise Desktop 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 LTSS | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.4 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP5 | ||
| SUSE | SUSE Linux Enterprise High Performance Computing | SUSE Linux Enterprise High Performance Computing LTSS 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.3 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP applications 16.0 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro for Rancher 5.3 | ||
| SUSE | SUSE Linux Enterprise Workstation Extension | SUSE Linux Enterprise Workstation Extension 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Real Time | SUSE Linux Enterprise Real Time 15 SP4 | ||
| SUSE | SUSE Manager Proxy | SUSE Manager Proxy 4.3 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server for SAP Applications 15 SP4 | ||
| SUSE | Basesystem Module | Basesystem Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise High Availability Extension | SUSE Linux Enterprise High Availability Extension 15 SP7 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.2 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.5 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP4 | ||
| SUSE | Legacy Module | Legacy Module 15-SP7 | ||
| SUSE | SUSE Linux Micro | SUSE Linux Micro 6.0 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP7 | ||
| SUSE | SUSE Linux Enterprise Server | SUSE Linux Enterprise Server 15 SP5 LTSS | ||
| SUSE | SUSE Manager Server | SUSE Manager Server 4.3 | ||
| SUSE | Development Tools Module | Development Tools Module 15-SP7 | ||
| SUSE | SUSE Linux Enterprise Micro | SUSE Linux Enterprise Micro 5.4 | ||
| SUSE | SUSE Linux Enterprise Live Patching | SUSE Linux Enterprise Live Patching 15-SP4 | ||
| SUSE | SUSE Linux Micro Extras | SUSE Linux Micro Extras 6.0 |
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Public Cloud Module 15-SP7",
"product": {
"name": "Public Cloud Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.5",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP5",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 16.0",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Retail Branch Server 4.3",
"product": {
"name": "SUSE Manager Retail Branch Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "openSUSE Leap 15.4",
"product": {
"name": "openSUSE Leap",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Desktop 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Desktop",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP7",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing ESPOS 15 SP4",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Performance Computing LTSS 15 SP5",
"product": {
"name": "SUSE Linux Enterprise High Performance Computing",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP5",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP applications 16.0",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro for Rancher 5.3",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Workstation Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Workstation Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Real Time 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Real Time",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Proxy 4.3",
"product": {
"name": "SUSE Manager Proxy",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server for SAP Applications 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Basesystem Module 15-SP7",
"product": {
"name": "Basesystem Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise High Availability Extension 15 SP7",
"product": {
"name": "SUSE Linux Enterprise High Availability Extension",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.2",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.5",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP4",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Legacy Module 15-SP7",
"product": {
"name": "Legacy Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP7",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Server 15 SP5 LTSS",
"product": {
"name": "SUSE Linux Enterprise Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Manager Server 4.3",
"product": {
"name": "SUSE Manager Server",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "Development Tools Module 15-SP7",
"product": {
"name": "Development Tools Module",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Micro 5.4",
"product": {
"name": "SUSE Linux Enterprise Micro",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Enterprise Live Patching 15-SP4",
"product": {
"name": "SUSE Linux Enterprise Live Patching",
"vendor": {
"name": "SUSE",
"scada": false
}
}
},
{
"description": "SUSE Linux Micro Extras 6.0",
"product": {
"name": "SUSE Linux Micro Extras",
"vendor": {
"name": "SUSE",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-43198",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43198"
},
{
"name": "CVE-2026-45842",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45842"
},
{
"name": "CVE-2025-68324",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68324"
},
{
"name": "CVE-2026-43366",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43366"
},
{
"name": "CVE-2026-43068",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43068"
},
{
"name": "CVE-2026-46119",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46119"
},
{
"name": "CVE-2026-43414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43414"
},
{
"name": "CVE-2026-31493",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31493"
},
{
"name": "CVE-2026-43413",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43413"
},
{
"name": "CVE-2026-31402",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31402"
},
{
"name": "CVE-2026-45852",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45852"
},
{
"name": "CVE-2026-43483",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43483"
},
{
"name": "CVE-2026-31758",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31758"
},
{
"name": "CVE-2026-45856",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45856"
},
{
"name": "CVE-2026-43119",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43119"
},
{
"name": "CVE-2026-43470",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43470"
},
{
"name": "CVE-2026-46227",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46227"
},
{
"name": "CVE-2026-43455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43455"
},
{
"name": "CVE-2026-31453",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31453"
},
{
"name": "CVE-2026-31593",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31593"
},
{
"name": "CVE-2026-23438",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23438"
},
{
"name": "CVE-2026-45910",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45910"
},
{
"name": "CVE-2026-31405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31405"
},
{
"name": "CVE-2026-43339",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43339"
},
{
"name": "CVE-2026-43054",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43054"
},
{
"name": "CVE-2026-31698",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31698"
},
{
"name": "CVE-2026-31664",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31664"
},
{
"name": "CVE-2026-31473",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31473"
},
{
"name": "CVE-2026-31448",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31448"
},
{
"name": "CVE-2026-31752",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31752"
},
{
"name": "CVE-2026-23303",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23303"
},
{
"name": "CVE-2026-31396",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31396"
},
{
"name": "CVE-2026-31680",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31680"
},
{
"name": "CVE-2026-31613",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31613"
},
{
"name": "CVE-2026-46114",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46114"
},
{
"name": "CVE-2026-43411",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43411"
},
{
"name": "CVE-2026-43284",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43284"
},
{
"name": "CVE-2026-43362",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43362"
},
{
"name": "CVE-2026-43052",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43052"
},
{
"name": "CVE-2026-43053",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43053"
},
{
"name": "CVE-2026-31655",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31655"
},
{
"name": "CVE-2026-45870",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45870"
},
{
"name": "CVE-2026-43028",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43028"
},
{
"name": "CVE-2026-31614",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31614"
},
{
"name": "CVE-2026-46113",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46113"
},
{
"name": "CVE-2026-3150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-3150"
},
{
"name": "CVE-2026-45841",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45841"
},
{
"name": "CVE-2026-46159",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46159"
},
{
"name": "CVE-2026-31546",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31546"
},
{
"name": "CVE-2026-46209",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46209"
},
{
"name": "CVE-2026-31516",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31516"
},
{
"name": "CVE-2026-43023",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43023"
},
{
"name": "CVE-2026-43345",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43345"
},
{
"name": "CVE-2026-43503",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43503"
},
{
"name": "CVE-2026-46101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46101"
},
{
"name": "CVE-2026-46024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46024"
},
{
"name": "CVE-2025-68822",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68822"
},
{
"name": "CVE-2026-46037",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46037"
},
{
"name": "CVE-2026-46116",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46116"
},
{
"name": "CVE-2026-46083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46083"
},
{
"name": "CVE-2026-43030",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43030"
},
{
"name": "CVE-2026-43074",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43074"
},
{
"name": "CVE-2026-46259",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46259"
},
{
"name": "CVE-2026-31703",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31703"
},
{
"name": "CVE-2026-46176",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46176"
},
{
"name": "CVE-2026-31693",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31693"
},
{
"name": "CVE-2026-45846",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45846"
},
{
"name": "CVE-2026-43499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43499"
},
{
"name": "CVE-2026-45862",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45862"
},
{
"name": "CVE-2026-43036",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43036"
},
{
"name": "CVE-2026-46005",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46005"
},
{
"name": "CVE-2026-31697",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31697"
},
{
"name": "CVE-2026-45894",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45894"
},
{
"name": "CVE-2026-23359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23359"
},
{
"name": "CVE-2026-46323",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46323"
},
{
"name": "CVE-2026-46181",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46181"
},
{
"name": "CVE-2026-31469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31469"
},
{
"name": "CVE-2026-46043",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46043"
},
{
"name": "CVE-2026-46120",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46120"
},
{
"name": "CVE-2026-31555",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31555"
},
{
"name": "CVE-2026-43491",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43491"
},
{
"name": "CVE-2026-46197",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46197"
},
{
"name": "CVE-2026-43249",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43249"
},
{
"name": "CVE-2026-43252",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43252"
},
{
"name": "CVE-2026-31759",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31759"
},
{
"name": "CVE-2026-43360",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43360"
},
{
"name": "CVE-2026-45878",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45878"
},
{
"name": "CVE-2026-45932",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45932"
},
{
"name": "CVE-2026-45940",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45940"
},
{
"name": "CVE-2025-10263",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-10263"
},
{
"name": "CVE-2026-31671",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31671"
},
{
"name": "CVE-2026-43024",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43024"
},
{
"name": "CVE-2026-31694",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31694"
},
{
"name": "CVE-2026-31554",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31554"
},
{
"name": "CVE-2026-31699",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31699"
},
{
"name": "CVE-2026-43077",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43077"
},
{
"name": "CVE-2026-43407",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43407"
},
{
"name": "CVE-2026-43026",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43026"
},
{
"name": "CVE-2026-31480",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31480"
},
{
"name": "CVE-2026-43405",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43405"
},
{
"name": "CVE-2026-46150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46150"
},
{
"name": "CVE-2026-46090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46090"
},
{
"name": "CVE-2026-45840",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45840"
},
{
"name": "CVE-2026-46300",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46300"
},
{
"name": "CVE-2026-43361",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43361"
},
{
"name": "CVE-2026-43035",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43035"
},
{
"name": "CVE-2026-46172",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46172"
},
{
"name": "CVE-2026-31429",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31429"
},
{
"name": "CVE-2026-31665",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31665"
},
{
"name": "CVE-2026-43261",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43261"
},
{
"name": "CVE-2026-23444",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23444"
},
{
"name": "CVE-2026-45886",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45886"
},
{
"name": "CVE-2026-45961",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45961"
},
{
"name": "CVE-2026-46110",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46110"
},
{
"name": "CVE-2026-43158",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43158"
},
{
"name": "CVE-2026-43501",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43501"
},
{
"name": "CVE-2026-43059",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43059"
},
{
"name": "CVE-2026-46111",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46111"
},
{
"name": "CVE-2026-31592",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31592"
},
{
"name": "CVE-2026-45984",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45984"
},
{
"name": "CVE-2026-31518",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31518"
},
{
"name": "CVE-2026-43296",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43296"
},
{
"name": "CVE-2026-23392",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23392"
},
{
"name": "CVE-2026-31771",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31771"
},
{
"name": "CVE-2026-31504",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31504"
},
{
"name": "CVE-2026-43066",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43066"
},
{
"name": "CVE-2026-45970",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45970"
},
{
"name": "CVE-2026-43469",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43469"
},
{
"name": "CVE-2026-31590",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31590"
},
{
"name": "CVE-2026-31767",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31767"
},
{
"name": "CVE-2025-38549",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-38549"
},
{
"name": "CVE-2025-54518",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54518"
},
{
"name": "CVE-2026-31414",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31414"
},
{
"name": "CVE-2026-46244",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46244"
},
{
"name": "CVE-2026-43040",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43040"
},
{
"name": "CVE-2026-23278",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23278"
},
{
"name": "CVE-2026-43206",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43206"
},
{
"name": "CVE-2026-43065",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43065"
},
{
"name": "CVE-2026-45843",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45843"
},
{
"name": "CVE-2026-43406",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43406"
},
{
"name": "CVE-2026-45964",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45964"
},
{
"name": "CVE-2026-46004",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46004"
},
{
"name": "CVE-2026-46094",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46094"
},
{
"name": "CVE-2026-43187",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43187"
},
{
"name": "CVE-2026-43341",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43341"
},
{
"name": "CVE-2026-43239",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43239"
},
{
"name": "CVE-2026-31495",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31495"
},
{
"name": "CVE-2026-46160",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46160"
},
{
"name": "CVE-2026-46079",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46079"
},
{
"name": "CVE-2026-46333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46333"
},
{
"name": "CVE-2026-31492",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31492"
},
{
"name": "CVE-2026-46021",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46021"
},
{
"name": "CVE-2026-46162",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46162"
},
{
"name": "CVE-2026-31596",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31596"
},
{
"name": "CVE-2026-43112",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43112"
},
{
"name": "CVE-2026-43083",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43083"
},
{
"name": "CVE-2026-46273",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46273"
},
{
"name": "CVE-2026-31674",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31674"
},
{
"name": "CVE-2026-43109",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43109"
},
{
"name": "CVE-2026-31560",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31560"
},
{
"name": "CVE-2026-43101",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43101"
},
{
"name": "CVE-2026-31678",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31678"
},
{
"name": "CVE-2026-43338",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43338"
},
{
"name": "CVE-2026-43234",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43234"
},
{
"name": "CVE-2026-43359",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43359"
},
{
"name": "CVE-2026-31455",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31455"
},
{
"name": "CVE-2026-23327",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-23327"
},
{
"name": "CVE-2026-31446",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31446"
},
{
"name": "CVE-2026-31464",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31464"
},
{
"name": "CVE-2026-31500",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31500"
},
{
"name": "CVE-2026-43171",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43171"
},
{
"name": "CVE-2026-43333",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43333"
},
{
"name": "CVE-2026-43049",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43049"
},
{
"name": "CVE-2026-45983",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45983"
},
{
"name": "CVE-2026-46123",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46123"
},
{
"name": "CVE-2026-46157",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-46157"
},
{
"name": "CVE-2026-43325",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43325"
},
{
"name": "CVE-2026-45974",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45974"
},
{
"name": "CVE-2026-45965",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-45965"
},
{
"name": "CVE-2026-43013",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-43013"
},
{
"name": "CVE-2026-31454",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31454"
},
{
"name": "CVE-2026-31452",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31452"
},
{
"name": "CVE-2026-31499",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31499"
},
{
"name": "CVE-2026-31629",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31629"
},
{
"name": "CVE-2026-31673",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-31673"
}
],
"initial_release_date": "2026-07-03T00:00:00",
"last_revision_date": "2026-07-03T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0833",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-03T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Non sp\u00e9cifi\u00e9 par l\u0027\u00e9diteur"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans le noyau Linux de SUSE. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans le noyau Linux de SUSE",
"vendor_advisories": [
{
"published_at": "2026-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22436-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622436-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22283-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622283-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22280-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622280-1"
},
{
"published_at": "2026-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22288-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622288-1"
},
{
"published_at": "2026-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22433-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622433-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22389-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622389-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22426-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622426-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22428-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622428-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22388-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622388-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22390-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622390-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22386-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622386-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22385-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622385-1"
},
{
"published_at": "2026-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2638-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262638-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22278-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622278-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22387-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622387-1"
},
{
"published_at": "2026-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22393-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622393-1"
},
{
"published_at": "2026-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22391-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622391-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22276-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622276-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22427-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622427-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22383-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622383-1"
},
{
"published_at": "2026-06-30",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22394-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622394-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22279-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622279-1"
},
{
"published_at": "2026-06-26",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2658-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262658-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22384-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622384-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22282-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622282-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22425-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622425-1"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:2722-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-20262722-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22281-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622281-1"
},
{
"published_at": "2026-06-25",
"title": "Bulletin de s\u00e9curit\u00e9 SUSE SUSE-SU-2026:22277-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622277-1"
}
]
}
FKIE_CVE-2026-31429
Vulnerability from fkie_nvd - Published: 2026-04-20 10:16 - Updated: 2026-06-17 10:33| URL | Tags | ||
|---|---|---|---|
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/128b03ccb2582a643983a48a37fda58df80edbde | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/2d64618ea846d8d033477311f805ca487d6a6696 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/474e00b935db250cac320d10c1d3cf4e44b46721 | Patch | |
| 416baaa9-dc9f-4396-8d5f-8c081fb06d67 | https://git.kernel.org/stable/c/60313768a8edc7094435975587c00c2d7b834083 | Patch |
| Vendor | Product | Version | |
|---|---|---|---|
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | * | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 | |
| linux | linux_kernel | 7.0 |
{
"affected": [
{
"affectedData": [
{
"defaultStatus": "unaffected",
"product": "Linux",
"programFiles": [
"net/core/skbuff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"lessThan": "128b03ccb2582a643983a48a37fda58df80edbde",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "60313768a8edc7094435975587c00c2d7b834083",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "2d64618ea846d8d033477311f805ca487d6a6696",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "474e00b935db250cac320d10c1d3cf4e44b46721",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
},
{
"lessThan": "0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516",
"status": "affected",
"version": "bf9f1baa279f0758dc2297080360c5a616843927",
"versionType": "git"
}
]
},
{
"defaultStatus": "affected",
"product": "Linux",
"programFiles": [
"net/core/skbuff.c"
],
"repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
"vendor": "Linux",
"versions": [
{
"status": "affected",
"version": "6.3"
},
{
"lessThan": "6.3",
"status": "unaffected",
"version": "0",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.6.*",
"status": "unaffected",
"version": "6.6.136",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.12.*",
"status": "unaffected",
"version": "6.12.82",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.18.*",
"status": "unaffected",
"version": "6.18.23",
"versionType": "semver"
},
{
"lessThanOrEqual": "6.19.*",
"status": "unaffected",
"version": "6.19.13",
"versionType": "semver"
},
{
"lessThanOrEqual": "*",
"status": "unaffected",
"version": "7.0",
"versionType": "original_commit_for_fix"
}
]
}
],
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67"
}
],
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "CEC191DD-B9E5-4BBF-87F3-133C249BE806",
"versionEndExcluding": "6.6.136",
"versionStartIncluding": "6.3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "02904CAE-71D2-45B3-9EC3-F6A9D18B6307",
"versionEndExcluding": "6.12.82",
"versionStartIncluding": "6.7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "E9E09FDD-9EE3-4A56-92E2-2B30AFD0072F",
"versionEndExcluding": "6.18.23",
"versionStartIncluding": "6.13",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1490EF9B-9080-481C-8D22-1306AAE664E4",
"versionEndExcluding": "6.19.13",
"versionStartIncluding": "6.19",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc1:*:*:*:*:*:*",
"matchCriteriaId": "F253B622-8837-4245-BCE5-A7BF8FC76A16",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc2:*:*:*:*:*:*",
"matchCriteriaId": "4AE85AD8-4641-4E7C-A2F4-305E2CD9EE64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc3:*:*:*:*:*:*",
"matchCriteriaId": "F666C8D8-6538-46D4-B318-87610DE64C34",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc4:*:*:*:*:*:*",
"matchCriteriaId": "02259FDA-961B-47BC-AE7F-93D7EC6E90C2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc5:*:*:*:*:*:*",
"matchCriteriaId": "58A9FEFF-C040-420D-8F0A-BFDAAA1DF258",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc6:*:*:*:*:*:*",
"matchCriteriaId": "1D2315C0-D46F-4F85-9754-F9E5E11374A6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:o:linux:linux_kernel:7.0:rc7:*:*:*:*:*:*",
"matchCriteriaId": "512EE3A8-A590-4501-9A94-5D4B268D6138",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects."
}
],
"id": "CVE-2026-31429",
"lastModified": "2026-06-17T10:33:42.150",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 3.6,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2026-04-20T10:16:16.737",
"references": [
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/128b03ccb2582a643983a48a37fda58df80edbde"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/2d64618ea846d8d033477311f805ca487d6a6696"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/474e00b935db250cac320d10c1d3cf4e44b46721"
},
{
"source": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"tags": [
"Patch"
],
"url": "https://git.kernel.org/stable/c/60313768a8edc7094435975587c00c2d7b834083"
}
],
"sourceIdentifier": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-401"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
GHSA-VQJC-M5XH-JHX3
Vulnerability from github – Published: 2026-04-20 12:32 – Updated: 2026-05-20 21:31In the Linux kernel, the following vulnerability has been resolved:
net: skb: fix cross-cache free of KFENCE-allocated skb head
SKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2 value (e.g. 704 on x86_64) to avoid collisions with generic kmalloc bucket sizes. This ensures that skb_kfree_head() can reliably use skb_end_offset to distinguish skb heads allocated from skb_small_head_cache vs. generic kmalloc caches.
However, when KFENCE is enabled, kfence_ksize() returns the exact requested allocation size instead of the slab bucket size. If a caller (e.g. bpf_test_init) allocates skb head data via kzalloc() and the requested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then slab_build_skb() -> ksize() returns that exact value. After subtracting skb_shared_info overhead, skb_end_offset ends up matching SKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free the object to skb_small_head_cache instead of back to the original kmalloc cache, resulting in a slab cross-cache free:
kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected skbuff_small_head but got kmalloc-1k
Fix this by always calling kfree(head) in skb_kfree_head(). This keeps the free path generic and avoids allocator-specific misclassification for KFENCE objects.
{
"affected": [],
"aliases": [
"CVE-2026-31429"
],
"database_specific": {
"cwe_ids": [
"CWE-401"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2026-04-20T10:16:16Z",
"severity": "MODERATE"
},
"details": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"id": "GHSA-vqjc-m5xh-jhx3",
"modified": "2026-05-20T21:31:28Z",
"published": "2026-04-20T12:32:00Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2026-31429"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/0f42e3f4fe2a58394e37241d02d9ca6ab7b7d516"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/128b03ccb2582a643983a48a37fda58df80edbde"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/2d64618ea846d8d033477311f805ca487d6a6696"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/474e00b935db250cac320d10c1d3cf4e44b46721"
},
{
"type": "WEB",
"url": "https://git.kernel.org/stable/c/60313768a8edc7094435975587c00c2d7b834083"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"type": "CVSS_V3"
}
]
}
MSRC_CVE-2026-31429
Vulnerability from csaf_microsoft - Published: 2026-04-02 00:00 - Updated: 2026-04-30 01:41| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-2 | — |
None Available
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: 17084-1 | — |
| URL | Category |
|---|---|
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
| https://support.microsoft.com/lifecycle | external |
| https://www.first.org/cvss | external |
| https://msrc.microsoft.com/csaf/vex/2026/msrc_cve… | self |
{
"document": {
"category": "csaf_vex",
"csaf_version": "2.0",
"distribution": {
"text": "Public",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-US",
"notes": [
{
"category": "general",
"text": "To determine the support lifecycle for your software, see the Microsoft Support Lifecycle: https://support.microsoft.com/lifecycle",
"title": "Additional Resources"
},
{
"category": "legal_disclaimer",
"text": "The information provided in the Microsoft Knowledge Base is provided \\\"as is\\\" without warranty of any kind. Microsoft disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose. In no event shall Microsoft Corporation or its suppliers be liable for any damages whatsoever including direct, indirect, incidental, consequential, loss of business profits or special damages, even if Microsoft Corporation or its suppliers have been advised of the possibility of such damages. Some states do not allow the exclusion or limitation of liability for consequential or incidental damages so the foregoing limitation may not apply.",
"title": "Disclaimer"
}
],
"publisher": {
"category": "vendor",
"contact_details": "secure@microsoft.com",
"name": "Microsoft Security Response Center",
"namespace": "https://msrc.microsoft.com"
},
"references": [
{
"category": "self",
"summary": "CVE-2026-31429 net: skb: fix cross-cache free of KFENCE-allocated skb head - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-31429.json"
},
{
"category": "external",
"summary": "Microsoft Support Lifecycle",
"url": "https://support.microsoft.com/lifecycle"
},
{
"category": "external",
"summary": "Common Vulnerability Scoring System",
"url": "https://www.first.org/cvss"
}
],
"title": "net: skb: fix cross-cache free of KFENCE-allocated skb head",
"tracking": {
"current_release_date": "2026-04-30T01:41:58.000Z",
"generator": {
"date": "2026-04-30T08:42:48.230Z",
"engine": {
"name": "MSRC Generator",
"version": "1.0"
}
},
"id": "msrc_CVE-2026-31429",
"initial_release_date": "2026-04-02T00:00:00.000Z",
"revision_history": [
{
"date": "2026-04-22T01:01:41.000Z",
"legacy_version": "1",
"number": "1",
"summary": "Information published."
},
{
"date": "2026-04-29T14:59:24.000Z",
"legacy_version": "2",
"number": "2",
"summary": "Information published."
},
{
"date": "2026-04-30T01:41:58.000Z",
"legacy_version": "3",
"number": "3",
"summary": "Information published."
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "3.0",
"product": {
"name": "Azure Linux 3.0",
"product_id": "17084"
}
}
],
"category": "product_name",
"name": "Azure Linux"
},
{
"branches": [
{
"category": "product_version_range",
"name": "azl3 kernel 0:6.6.130.1-3.azl3",
"product": {
"name": "azl3 kernel 0:6.6.130.1-3.azl3",
"product_id": "2"
}
}
],
"category": "product_name",
"name": "kernel"
},
{
"category": "product_name",
"name": "azl3 kernel 0:6.6.134.1-2.azl3",
"product": {
"name": "azl3 kernel 0:6.6.134.1-2.azl3",
"product_id": "1"
}
}
],
"category": "vendor",
"name": "Microsoft"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 0:6.6.130.1-3.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-2"
},
"product_reference": "2",
"relates_to_product_reference": "17084"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "azl3 kernel 0:6.6.134.1-2.azl3 as a component of Azure Linux 3.0",
"product_id": "17084-1"
},
"product_reference": "1",
"relates_to_product_reference": "17084"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-31429",
"flags": [
{
"label": "vulnerable_code_not_present",
"product_ids": [
"17084-1"
]
}
],
"notes": [
{
"category": "general",
"text": "Linux",
"title": "Assigning CNA"
}
],
"product_status": {
"known_affected": [
"17084-2"
],
"known_not_affected": [
"17084-1"
]
},
"references": [
{
"category": "self",
"summary": "CVE-2026-31429 net: skb: fix cross-cache free of KFENCE-allocated skb head - VEX",
"url": "https://msrc.microsoft.com/csaf/vex/2026/msrc_cve-2026-31429.json"
}
],
"remediations": [
{
"category": "none_available",
"date": "2026-04-22T01:01:41.000Z",
"details": "There is no fix available for this vulnerability as of now",
"product_ids": [
"17084-2"
]
}
],
"title": "net: skb: fix cross-cache free of KFENCE-allocated skb head"
}
]
}
SUSE-SU-2026:22433-1
Vulnerability from csaf_suse - Published: 2026-06-30 17:41 - Updated: 2026-06-30 17:41| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch | — |
Vendor Fix
|
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2026… | self |
| https://bugzilla.suse.com/1248235 | self |
| https://bugzilla.suse.com/1255416 | self |
| https://bugzilla.suse.com/1256668 | self |
| https://bugzilla.suse.com/1258538 | self |
| https://bugzilla.suse.com/1260502 | self |
| https://bugzilla.suse.com/1260584 | self |
| https://bugzilla.suse.com/1261256 | self |
| https://bugzilla.suse.com/1261619 | self |
| https://bugzilla.suse.com/1261791 | self |
| https://bugzilla.suse.com/1262085 | self |
| https://bugzilla.suse.com/1262392 | self |
| https://bugzilla.suse.com/1262606 | self |
| https://bugzilla.suse.com/1262615 | self |
| https://bugzilla.suse.com/1262617 | self |
| https://bugzilla.suse.com/1262619 | self |
| https://bugzilla.suse.com/1262620 | self |
| https://bugzilla.suse.com/1262622 | self |
| https://bugzilla.suse.com/1262624 | self |
| https://bugzilla.suse.com/1262634 | self |
| https://bugzilla.suse.com/1262649 | self |
| https://bugzilla.suse.com/1262656 | self |
| https://bugzilla.suse.com/1262663 | self |
| https://bugzilla.suse.com/1262668 | self |
| https://bugzilla.suse.com/1262674 | self |
| https://bugzilla.suse.com/1262748 | self |
| https://bugzilla.suse.com/1262755 | self |
| https://bugzilla.suse.com/1262798 | self |
| https://bugzilla.suse.com/1262993 | self |
| https://bugzilla.suse.com/1263006 | self |
| https://bugzilla.suse.com/1263068 | self |
| https://bugzilla.suse.com/1263115 | self |
| https://bugzilla.suse.com/1263123 | self |
| https://bugzilla.suse.com/1263137 | self |
| https://bugzilla.suse.com/1263143 | self |
| https://bugzilla.suse.com/1263152 | self |
| https://bugzilla.suse.com/1263178 | self |
| https://bugzilla.suse.com/1263319 | self |
| https://bugzilla.suse.com/1263562 | self |
| https://bugzilla.suse.com/1263563 | self |
| https://bugzilla.suse.com/1263568 | self |
| https://bugzilla.suse.com/1263578 | self |
| https://bugzilla.suse.com/1263724 | self |
| https://bugzilla.suse.com/1263769 | self |
| https://bugzilla.suse.com/1263774 | self |
| https://bugzilla.suse.com/1263790 | self |
| https://bugzilla.suse.com/1263879 | self |
| https://bugzilla.suse.com/1263880 | self |
| https://bugzilla.suse.com/1263883 | self |
| https://bugzilla.suse.com/1263930 | self |
| https://bugzilla.suse.com/1263932 | self |
| https://bugzilla.suse.com/1263934 | self |
| https://bugzilla.suse.com/1263945 | self |
| https://bugzilla.suse.com/1263993 | self |
| https://bugzilla.suse.com/1263996 | self |
| https://bugzilla.suse.com/1264000 | self |
| https://bugzilla.suse.com/1264011 | self |
| https://bugzilla.suse.com/1264045 | self |
| https://bugzilla.suse.com/1264063 | self |
| https://bugzilla.suse.com/1264076 | self |
| https://bugzilla.suse.com/1264080 | self |
| https://bugzilla.suse.com/1264084 | self |
| https://bugzilla.suse.com/1264093 | self |
| https://bugzilla.suse.com/1264116 | self |
| https://bugzilla.suse.com/1264124 | self |
| https://bugzilla.suse.com/1264137 | self |
| https://bugzilla.suse.com/1264145 | self |
| https://bugzilla.suse.com/1264184 | self |
| https://bugzilla.suse.com/1264239 | self |
| https://bugzilla.suse.com/1264243 | self |
| https://bugzilla.suse.com/1264245 | self |
| https://bugzilla.suse.com/1264255 | self |
| https://bugzilla.suse.com/1264263 | self |
| https://bugzilla.suse.com/1264266 | self |
| https://bugzilla.suse.com/1264300 | self |
| https://bugzilla.suse.com/1264409 | self |
| https://bugzilla.suse.com/1264430 | self |
| https://bugzilla.suse.com/1264437 | self |
| https://bugzilla.suse.com/1264444 | self |
| https://bugzilla.suse.com/1264449 | self |
| https://bugzilla.suse.com/1264470 | self |
| https://bugzilla.suse.com/1264476 | self |
| https://bugzilla.suse.com/1264484 | self |
| https://bugzilla.suse.com/1264549 | self |
| https://bugzilla.suse.com/1264551 | self |
| https://bugzilla.suse.com/1264561 | self |
| https://bugzilla.suse.com/1264595 | self |
| https://bugzilla.suse.com/1264603 | self |
| https://bugzilla.suse.com/1264610 | self |
| https://bugzilla.suse.com/1264669 | self |
| https://bugzilla.suse.com/1264671 | self |
| https://bugzilla.suse.com/1264672 | self |
| https://bugzilla.suse.com/1264716 | self |
| https://bugzilla.suse.com/1264719 | self |
| https://bugzilla.suse.com/1264720 | self |
| https://bugzilla.suse.com/1264722 | self |
| https://bugzilla.suse.com/1264726 | self |
| https://bugzilla.suse.com/1264741 | self |
| https://bugzilla.suse.com/1264763 | self |
| https://bugzilla.suse.com/1264765 | self |
| https://bugzilla.suse.com/1264805 | self |
| https://bugzilla.suse.com/1264989 | self |
| https://bugzilla.suse.com/1265020 | self |
| https://bugzilla.suse.com/1265044 | self |
| https://bugzilla.suse.com/1265073 | self |
| https://bugzilla.suse.com/1265103 | self |
| https://bugzilla.suse.com/1265110 | self |
| https://bugzilla.suse.com/1265128 | self |
| https://bugzilla.suse.com/1265143 | self |
| https://bugzilla.suse.com/1265170 | self |
| https://bugzilla.suse.com/1265240 | self |
| https://bugzilla.suse.com/1265579 | self |
| https://bugzilla.suse.com/1265628 | self |
| https://bugzilla.suse.com/1265928 | self |
| https://bugzilla.suse.com/1265960 | self |
| https://bugzilla.suse.com/1266001 | self |
| https://bugzilla.suse.com/1266009 | self |
| https://bugzilla.suse.com/1266214 | self |
| https://bugzilla.suse.com/1266238 | self |
| https://bugzilla.suse.com/1266290 | self |
| https://bugzilla.suse.com/1266307 | self |
| https://bugzilla.suse.com/1266390 | self |
| https://bugzilla.suse.com/1266394 | self |
| https://bugzilla.suse.com/1266395 | self |
| https://bugzilla.suse.com/1266397 | self |
| https://bugzilla.suse.com/1266400 | self |
| https://bugzilla.suse.com/1266402 | self |
| https://bugzilla.suse.com/1266414 | self |
| https://bugzilla.suse.com/1266452 | self |
| https://bugzilla.suse.com/1266696 | self |
| https://bugzilla.suse.com/1266697 | self |
| https://bugzilla.suse.com/1266698 | self |
| https://bugzilla.suse.com/1266704 | self |
| https://bugzilla.suse.com/1266705 | self |
| https://bugzilla.suse.com/1266711 | self |
| https://bugzilla.suse.com/1266720 | self |
| https://bugzilla.suse.com/1266759 | self |
| https://bugzilla.suse.com/1266765 | self |
| https://bugzilla.suse.com/1266767 | self |
| https://bugzilla.suse.com/1266810 | self |
| https://bugzilla.suse.com/1266816 | self |
| https://bugzilla.suse.com/1266826 | self |
| https://bugzilla.suse.com/1266827 | self |
| https://bugzilla.suse.com/1266878 | self |
| https://bugzilla.suse.com/1266889 | self |
| https://bugzilla.suse.com/1266895 | self |
| https://bugzilla.suse.com/1266901 | self |
| https://bugzilla.suse.com/1266903 | self |
| https://bugzilla.suse.com/1266916 | self |
| https://bugzilla.suse.com/1266922 | self |
| https://bugzilla.suse.com/1266927 | self |
| https://bugzilla.suse.com/1266933 | self |
| https://bugzilla.suse.com/1266969 | self |
| https://bugzilla.suse.com/1266972 | self |
| https://bugzilla.suse.com/1267205 | self |
| https://bugzilla.suse.com/1267208 | self |
| https://bugzilla.suse.com/1267214 | self |
| https://bugzilla.suse.com/1267218 | self |
| https://bugzilla.suse.com/1267220 | self |
| https://bugzilla.suse.com/1267222 | self |
| https://bugzilla.suse.com/1267361 | self |
| https://bugzilla.suse.com/1267381 | self |
| https://bugzilla.suse.com/1267387 | self |
| https://bugzilla.suse.com/1267431 | self |
| https://bugzilla.suse.com/1267531 | self |
| https://bugzilla.suse.com/1267621 | self |
| https://bugzilla.suse.com/1267624 | self |
| https://bugzilla.suse.com/1267626 | self |
| https://bugzilla.suse.com/1267628 | self |
| https://bugzilla.suse.com/1267640 | self |
| https://bugzilla.suse.com/1267651 | self |
| https://bugzilla.suse.com/1267652 | self |
| https://bugzilla.suse.com/1267654 | self |
| https://bugzilla.suse.com/1267663 | self |
| https://bugzilla.suse.com/1267682 | self |
| https://bugzilla.suse.com/1267685 | self |
| https://bugzilla.suse.com/1267697 | self |
| https://bugzilla.suse.com/1267726 | self |
| https://bugzilla.suse.com/1267732 | self |
| https://bugzilla.suse.com/1267744 | self |
| https://bugzilla.suse.com/1268307 | self |
| https://www.suse.com/security/cve/CVE-2025-10263/ | self |
| https://www.suse.com/security/cve/CVE-2025-38549/ | self |
| https://www.suse.com/security/cve/CVE-2025-68324/ | self |
| https://www.suse.com/security/cve/CVE-2025-68822/ | self |
| https://www.suse.com/security/cve/CVE-2026-23303/ | self |
| https://www.suse.com/security/cve/CVE-2026-23327/ | self |
| https://www.suse.com/security/cve/CVE-2026-23359/ | self |
| https://www.suse.com/security/cve/CVE-2026-23438/ | self |
| https://www.suse.com/security/cve/CVE-2026-23444/ | self |
| https://www.suse.com/security/cve/CVE-2026-31396/ | self |
| https://www.suse.com/security/cve/CVE-2026-31414/ | self |
| https://www.suse.com/security/cve/CVE-2026-31429/ | self |
| https://www.suse.com/security/cve/CVE-2026-31446/ | self |
| https://www.suse.com/security/cve/CVE-2026-31448/ | self |
| https://www.suse.com/security/cve/CVE-2026-31452/ | self |
| https://www.suse.com/security/cve/CVE-2026-31453/ | self |
| https://www.suse.com/security/cve/CVE-2026-31454/ | self |
| https://www.suse.com/security/cve/CVE-2026-31455/ | self |
| https://www.suse.com/security/cve/CVE-2026-31464/ | self |
| https://www.suse.com/security/cve/CVE-2026-31469/ | self |
| https://www.suse.com/security/cve/CVE-2026-31473/ | self |
| https://www.suse.com/security/cve/CVE-2026-31480/ | self |
| https://www.suse.com/security/cve/CVE-2026-31492/ | self |
| https://www.suse.com/security/cve/CVE-2026-31493/ | self |
| https://www.suse.com/security/cve/CVE-2026-31495/ | self |
| https://www.suse.com/security/cve/CVE-2026-31499/ | self |
| https://www.suse.com/security/cve/CVE-2026-31500/ | self |
| https://www.suse.com/security/cve/CVE-2026-31516/ | self |
| https://www.suse.com/security/cve/CVE-2026-31518/ | self |
| https://www.suse.com/security/cve/CVE-2026-31546/ | self |
| https://www.suse.com/security/cve/CVE-2026-31555/ | self |
| https://www.suse.com/security/cve/CVE-2026-31580/ | self |
| https://www.suse.com/security/cve/CVE-2026-31590/ | self |
| https://www.suse.com/security/cve/CVE-2026-31592/ | self |
| https://www.suse.com/security/cve/CVE-2026-31596/ | self |
| https://www.suse.com/security/cve/CVE-2026-31613/ | self |
| https://www.suse.com/security/cve/CVE-2026-31614/ | self |
| https://www.suse.com/security/cve/CVE-2026-31629/ | self |
| https://www.suse.com/security/cve/CVE-2026-31655/ | self |
| https://www.suse.com/security/cve/CVE-2026-31664/ | self |
| https://www.suse.com/security/cve/CVE-2026-31665/ | self |
| https://www.suse.com/security/cve/CVE-2026-31671/ | self |
| https://www.suse.com/security/cve/CVE-2026-31673/ | self |
| https://www.suse.com/security/cve/CVE-2026-31674/ | self |
| https://www.suse.com/security/cve/CVE-2026-31678/ | self |
| https://www.suse.com/security/cve/CVE-2026-31680/ | self |
| https://www.suse.com/security/cve/CVE-2026-31693/ | self |
| https://www.suse.com/security/cve/CVE-2026-31697/ | self |
| https://www.suse.com/security/cve/CVE-2026-31698/ | self |
| https://www.suse.com/security/cve/CVE-2026-31699/ | self |
| https://www.suse.com/security/cve/CVE-2026-31703/ | self |
| https://www.suse.com/security/cve/CVE-2026-31752/ | self |
| https://www.suse.com/security/cve/CVE-2026-31758/ | self |
| https://www.suse.com/security/cve/CVE-2026-31759/ | self |
| https://www.suse.com/security/cve/CVE-2026-31767/ | self |
| https://www.suse.com/security/cve/CVE-2026-31771/ | self |
| https://www.suse.com/security/cve/CVE-2026-43013/ | self |
| https://www.suse.com/security/cve/CVE-2026-43023/ | self |
| https://www.suse.com/security/cve/CVE-2026-43024/ | self |
| https://www.suse.com/security/cve/CVE-2026-43026/ | self |
| https://www.suse.com/security/cve/CVE-2026-43028/ | self |
| https://www.suse.com/security/cve/CVE-2026-43030/ | self |
| https://www.suse.com/security/cve/CVE-2026-43035/ | self |
| https://www.suse.com/security/cve/CVE-2026-43036/ | self |
| https://www.suse.com/security/cve/CVE-2026-43040/ | self |
| https://www.suse.com/security/cve/CVE-2026-43049/ | self |
| https://www.suse.com/security/cve/CVE-2026-43052/ | self |
| https://www.suse.com/security/cve/CVE-2026-43053/ | self |
| https://www.suse.com/security/cve/CVE-2026-43054/ | self |
| https://www.suse.com/security/cve/CVE-2026-43059/ | self |
| https://www.suse.com/security/cve/CVE-2026-43065/ | self |
| https://www.suse.com/security/cve/CVE-2026-43066/ | self |
| https://www.suse.com/security/cve/CVE-2026-43068/ | self |
| https://www.suse.com/security/cve/CVE-2026-43074/ | self |
| https://www.suse.com/security/cve/CVE-2026-43077/ | self |
| https://www.suse.com/security/cve/CVE-2026-43083/ | self |
| https://www.suse.com/security/cve/CVE-2026-43101/ | self |
| https://www.suse.com/security/cve/CVE-2026-43109/ | self |
| https://www.suse.com/security/cve/CVE-2026-43112/ | self |
| https://www.suse.com/security/cve/CVE-2026-43119/ | self |
| https://www.suse.com/security/cve/CVE-2026-43158/ | self |
| https://www.suse.com/security/cve/CVE-2026-43171/ | self |
| https://www.suse.com/security/cve/CVE-2026-43187/ | self |
| https://www.suse.com/security/cve/CVE-2026-43198/ | self |
| https://www.suse.com/security/cve/CVE-2026-43206/ | self |
| https://www.suse.com/security/cve/CVE-2026-43234/ | self |
| https://www.suse.com/security/cve/CVE-2026-43239/ | self |
| https://www.suse.com/security/cve/CVE-2026-43249/ | self |
| https://www.suse.com/security/cve/CVE-2026-43252/ | self |
| https://www.suse.com/security/cve/CVE-2026-43261/ | self |
| https://www.suse.com/security/cve/CVE-2026-43284/ | self |
| https://www.suse.com/security/cve/CVE-2026-43296/ | self |
| https://www.suse.com/security/cve/CVE-2026-43325/ | self |
| https://www.suse.com/security/cve/CVE-2026-43333/ | self |
| https://www.suse.com/security/cve/CVE-2026-43338/ | self |
| https://www.suse.com/security/cve/CVE-2026-43339/ | self |
| https://www.suse.com/security/cve/CVE-2026-43341/ | self |
| https://www.suse.com/security/cve/CVE-2026-43345/ | self |
| https://www.suse.com/security/cve/CVE-2026-43359/ | self |
| https://www.suse.com/security/cve/CVE-2026-43360/ | self |
| https://www.suse.com/security/cve/CVE-2026-43361/ | self |
| https://www.suse.com/security/cve/CVE-2026-43362/ | self |
| https://www.suse.com/security/cve/CVE-2026-43405/ | self |
| https://www.suse.com/security/cve/CVE-2026-43406/ | self |
| https://www.suse.com/security/cve/CVE-2026-43407/ | self |
| https://www.suse.com/security/cve/CVE-2026-43411/ | self |
| https://www.suse.com/security/cve/CVE-2026-43413/ | self |
| https://www.suse.com/security/cve/CVE-2026-43414/ | self |
| https://www.suse.com/security/cve/CVE-2026-43455/ | self |
| https://www.suse.com/security/cve/CVE-2026-43469/ | self |
| https://www.suse.com/security/cve/CVE-2026-43470/ | self |
| https://www.suse.com/security/cve/CVE-2026-43483/ | self |
| https://www.suse.com/security/cve/CVE-2026-43491/ | self |
| https://www.suse.com/security/cve/CVE-2026-43499/ | self |
| https://www.suse.com/security/cve/CVE-2026-43501/ | self |
| https://www.suse.com/security/cve/CVE-2026-43503/ | self |
| https://www.suse.com/security/cve/CVE-2026-45840/ | self |
| https://www.suse.com/security/cve/CVE-2026-45841/ | self |
| https://www.suse.com/security/cve/CVE-2026-45842/ | self |
| https://www.suse.com/security/cve/CVE-2026-45843/ | self |
| https://www.suse.com/security/cve/CVE-2026-45846/ | self |
| https://www.suse.com/security/cve/CVE-2026-45852/ | self |
| https://www.suse.com/security/cve/CVE-2026-45856/ | self |
| https://www.suse.com/security/cve/CVE-2026-45862/ | self |
| https://www.suse.com/security/cve/CVE-2026-45870/ | self |
| https://www.suse.com/security/cve/CVE-2026-45878/ | self |
| https://www.suse.com/security/cve/CVE-2026-45886/ | self |
| https://www.suse.com/security/cve/CVE-2026-45894/ | self |
| https://www.suse.com/security/cve/CVE-2026-45910/ | self |
| https://www.suse.com/security/cve/CVE-2026-45932/ | self |
| https://www.suse.com/security/cve/CVE-2026-45940/ | self |
| https://www.suse.com/security/cve/CVE-2026-45961/ | self |
| https://www.suse.com/security/cve/CVE-2026-45964/ | self |
| https://www.suse.com/security/cve/CVE-2026-45965/ | self |
| https://www.suse.com/security/cve/CVE-2026-45970/ | self |
| https://www.suse.com/security/cve/CVE-2026-45974/ | self |
| https://www.suse.com/security/cve/CVE-2026-45983/ | self |
| https://www.suse.com/security/cve/CVE-2026-45984/ | self |
| https://www.suse.com/security/cve/CVE-2026-46004/ | self |
| https://www.suse.com/security/cve/CVE-2026-46005/ | self |
| https://www.suse.com/security/cve/CVE-2026-46021/ | self |
| https://www.suse.com/security/cve/CVE-2026-46024/ | self |
| https://www.suse.com/security/cve/CVE-2026-46037/ | self |
| https://www.suse.com/security/cve/CVE-2026-46043/ | self |
| https://www.suse.com/security/cve/CVE-2026-46079/ | self |
| https://www.suse.com/security/cve/CVE-2026-46083/ | self |
| https://www.suse.com/security/cve/CVE-2026-46090/ | self |
| https://www.suse.com/security/cve/CVE-2026-46094/ | self |
| https://www.suse.com/security/cve/CVE-2026-46101/ | self |
| https://www.suse.com/security/cve/CVE-2026-46110/ | self |
| https://www.suse.com/security/cve/CVE-2026-46111/ | self |
| https://www.suse.com/security/cve/CVE-2026-46113/ | self |
| https://www.suse.com/security/cve/CVE-2026-46114/ | self |
| https://www.suse.com/security/cve/CVE-2026-46119/ | self |
| https://www.suse.com/security/cve/CVE-2026-46120/ | self |
| https://www.suse.com/security/cve/CVE-2026-46123/ | self |
| https://www.suse.com/security/cve/CVE-2026-46150/ | self |
| https://www.suse.com/security/cve/CVE-2026-46157/ | self |
| https://www.suse.com/security/cve/CVE-2026-46159/ | self |
| https://www.suse.com/security/cve/CVE-2026-46160/ | self |
| https://www.suse.com/security/cve/CVE-2026-46172/ | self |
| https://www.suse.com/security/cve/CVE-2026-46176/ | self |
| https://www.suse.com/security/cve/CVE-2026-46181/ | self |
| https://www.suse.com/security/cve/CVE-2026-46197/ | self |
| https://www.suse.com/security/cve/CVE-2026-46209/ | self |
| https://www.suse.com/security/cve/CVE-2026-46227/ | self |
| https://www.suse.com/security/cve/CVE-2026-46244/ | self |
| https://www.suse.com/security/cve/CVE-2026-46259/ | self |
| https://www.suse.com/security/cve/CVE-2026-46273/ | self |
| https://www.suse.com/security/cve/CVE-2025-10263 | external |
| https://bugzilla.suse.com/1266290 | external |
| https://bugzilla.suse.com/1266954 | external |
| https://bugzilla.suse.com/1270230 | external |
| https://www.suse.com/security/cve/CVE-2025-38549 | external |
| https://bugzilla.suse.com/1248235 | external |
| https://www.suse.com/security/cve/CVE-2025-68324 | external |
| https://bugzilla.suse.com/1255416 | external |
| https://bugzilla.suse.com/1257117 | external |
| https://www.suse.com/security/cve/CVE-2025-68822 | external |
| https://bugzilla.suse.com/1256668 | external |
| https://www.suse.com/security/cve/CVE-2026-23303 | external |
| https://bugzilla.suse.com/1260502 | external |
| https://www.suse.com/security/cve/CVE-2026-23327 | external |
| https://bugzilla.suse.com/1260548 | external |
| https://www.suse.com/security/cve/CVE-2026-23359 | external |
| https://bugzilla.suse.com/1260584 | external |
| https://www.suse.com/security/cve/CVE-2026-23438 | external |
| https://bugzilla.suse.com/1261619 | external |
| https://www.suse.com/security/cve/CVE-2026-23444 | external |
| https://bugzilla.suse.com/1266307 | external |
| https://www.suse.com/security/cve/CVE-2026-31396 | external |
| https://bugzilla.suse.com/1261791 | external |
| https://www.suse.com/security/cve/CVE-2026-31414 | external |
| https://bugzilla.suse.com/1262085 | external |
| https://www.suse.com/security/cve/CVE-2026-31429 | external |
| https://bugzilla.suse.com/1262392 | external |
| https://www.suse.com/security/cve/CVE-2026-31446 | external |
| https://bugzilla.suse.com/1262619 | external |
| https://www.suse.com/security/cve/CVE-2026-31448 | external |
| https://bugzilla.suse.com/1262622 | external |
| https://www.suse.com/security/cve/CVE-2026-31452 | external |
| https://bugzilla.suse.com/1262620 | external |
| https://www.suse.com/security/cve/CVE-2026-31453 | external |
| https://bugzilla.suse.com/1262617 | external |
| https://www.suse.com/security/cve/CVE-2026-31454 | external |
| https://bugzilla.suse.com/1262624 | external |
| https://www.suse.com/security/cve/CVE-2026-31455 | external |
| https://bugzilla.suse.com/1262615 | external |
| https://www.suse.com/security/cve/CVE-2026-31464 | external |
| https://bugzilla.suse.com/1262656 | external |
| https://www.suse.com/security/cve/CVE-2026-31469 | external |
| https://bugzilla.suse.com/1267816 | external |
| https://www.suse.com/security/cve/CVE-2026-31473 | external |
| https://bugzilla.suse.com/1262663 | external |
| https://bugzilla.suse.com/1262775 | external |
| https://www.suse.com/security/cve/CVE-2026-31480 | external |
| https://bugzilla.suse.com/1262634 | external |
| https://www.suse.com/security/cve/CVE-2026-31492 | external |
| https://bugzilla.suse.com/1262748 | external |
| https://www.suse.com/security/cve/CVE-2026-31493 | external |
| https://bugzilla.suse.com/1262668 | external |
| https://www.suse.com/security/cve/CVE-2026-31495 | external |
| https://bugzilla.suse.com/1262798 | external |
| https://www.suse.com/security/cve/CVE-2026-31499 | external |
| https://bugzilla.suse.com/1262674 | external |
| https://www.suse.com/security/cve/CVE-2026-31500 | external |
| https://bugzilla.suse.com/1262993 | external |
| https://bugzilla.suse.com/1262994 | external |
| https://www.suse.com/security/cve/CVE-2026-31516 | external |
| https://bugzilla.suse.com/1262755 | external |
| https://www.suse.com/security/cve/CVE-2026-31518 | external |
| https://bugzilla.suse.com/1262606 | external |
| https://www.suse.com/security/cve/CVE-2026-31546 | external |
| https://bugzilla.suse.com/1263006 | external |
| https://www.suse.com/security/cve/CVE-2026-31555 | external |
| https://bugzilla.suse.com/1263178 | external |
| https://bugzilla.suse.com/1263179 | external |
| https://www.suse.com/security/cve/CVE-2026-31580 | external |
| https://bugzilla.suse.com/1263169 | external |
| https://bugzilla.suse.com/1263171 | external |
| https://www.suse.com/security/cve/CVE-2026-31590 | external |
| https://bugzilla.suse.com/1263152 | external |
| https://www.suse.com/security/cve/CVE-2026-31592 | external |
| https://bugzilla.suse.com/1263123 | external |
| https://www.suse.com/security/cve/CVE-2026-31596 | external |
| https://bugzilla.suse.com/1263319 | external |
| https://www.suse.com/security/cve/CVE-2026-31613 | external |
| https://bugzilla.suse.com/1263769 | external |
| https://bugzilla.suse.com/1263770 | external |
| https://www.suse.com/security/cve/CVE-2026-31614 | external |
| https://bugzilla.suse.com/1263774 | external |
| https://bugzilla.suse.com/1263775 | external |
| https://www.suse.com/security/cve/CVE-2026-31629 | external |
| https://bugzilla.suse.com/1263790 | external |
| https://bugzilla.suse.com/1263791 | external |
| https://www.suse.com/security/cve/CVE-2026-31655 | external |
| https://bugzilla.suse.com/1263724 | external |
| https://www.suse.com/security/cve/CVE-2026-31664 | external |
| https://bugzilla.suse.com/1263578 | external |
| https://www.suse.com/security/cve/CVE-2026-31665 | external |
| https://bugzilla.suse.com/1263137 | external |
| https://www.suse.com/security/cve/CVE-2026-31671 | external |
| https://bugzilla.suse.com/1263115 | external |
| https://www.suse.com/security/cve/CVE-2026-31673 | external |
| https://bugzilla.suse.com/1263143 | external |
| https://www.suse.com/security/cve/CVE-2026-31674 | external |
| https://bugzilla.suse.com/1263568 | external |
| https://www.suse.com/security/cve/CVE-2026-31678 | external |
| https://bugzilla.suse.com/1263562 | external |
| https://www.suse.com/security/cve/CVE-2026-31680 | external |
| https://bugzilla.suse.com/1263563 | external |
| https://www.suse.com/security/cve/CVE-2026-31693 | external |
| https://bugzilla.suse.com/1267744 | external |
| https://www.suse.com/security/cve/CVE-2026-31697 | external |
| https://bugzilla.suse.com/1264116 | external |
| https://bugzilla.suse.com/1264144 | external |
| https://www.suse.com/security/cve/CVE-2026-31698 | external |
| https://bugzilla.suse.com/1263880 | external |
| https://bugzilla.suse.com/1263929 | external |
| https://www.suse.com/security/cve/CVE-2026-31699 | external |
| https://bugzilla.suse.com/1263879 | external |
| https://bugzilla.suse.com/1263928 | external |
| https://www.suse.com/security/cve/CVE-2026-31703 | external |
| https://bugzilla.suse.com/1263883 | external |
| https://www.suse.com/security/cve/CVE-2026-31752 | external |
| https://bugzilla.suse.com/1264045 | external |
| https://www.suse.com/security/cve/CVE-2026-31758 | external |
| https://bugzilla.suse.com/1264093 | external |
| https://bugzilla.suse.com/1264094 | external |
| https://www.suse.com/security/cve/CVE-2026-31759 | external |
| https://bugzilla.suse.com/1264076 | external |
| https://bugzilla.suse.com/1264078 | external |
| https://www.suse.com/security/cve/CVE-2026-31767 | external |
| https://bugzilla.suse.com/1264124 | external |
| https://www.suse.com/security/cve/CVE-2026-31771 | external |
| https://bugzilla.suse.com/1264145 | external |
| https://bugzilla.suse.com/1264146 | external |
| https://www.suse.com/security/cve/CVE-2026-43013 | external |
| https://bugzilla.suse.com/1264011 | external |
| https://www.suse.com/security/cve/CVE-2026-43023 | external |
| https://bugzilla.suse.com/1264137 | external |
| https://bugzilla.suse.com/1264138 | external |
| https://www.suse.com/security/cve/CVE-2026-43024 | external |
| https://bugzilla.suse.com/1263930 | external |
| https://www.suse.com/security/cve/CVE-2026-43026 | external |
| https://bugzilla.suse.com/1263932 | external |
| https://www.suse.com/security/cve/CVE-2026-43028 | external |
| https://bugzilla.suse.com/1263934 | external |
| https://www.suse.com/security/cve/CVE-2026-43030 | external |
| https://bugzilla.suse.com/1264000 | external |
| https://www.suse.com/security/cve/CVE-2026-43035 | external |
| https://bugzilla.suse.com/1263996 | external |
| https://www.suse.com/security/cve/CVE-2026-43036 | external |
| https://bugzilla.suse.com/1263993 | external |
| https://www.suse.com/security/cve/CVE-2026-43040 | external |
| https://bugzilla.suse.com/1264091 | external |
| https://www.suse.com/security/cve/CVE-2026-43049 | external |
| https://bugzilla.suse.com/1264080 | external |
| https://www.suse.com/security/cve/CVE-2026-43052 | external |
| https://bugzilla.suse.com/1263945 | external |
| https://www.suse.com/security/cve/CVE-2026-43053 | external |
| https://bugzilla.suse.com/1264084 | external |
| https://www.suse.com/security/cve/CVE-2026-43054 | external |
| https://bugzilla.suse.com/1264063 | external |
| https://www.suse.com/security/cve/CVE-2026-43059 | external |
| https://bugzilla.suse.com/1264184 | external |
| https://www.suse.com/security/cve/CVE-2026-43065 | external |
| https://bugzilla.suse.com/1264243 | external |
| https://www.suse.com/security/cve/CVE-2026-43066 | external |
| https://bugzilla.suse.com/1264245 | external |
| https://www.suse.com/security/cve/CVE-2026-43068 | external |
| https://bugzilla.suse.com/1264255 | external |
| https://www.suse.com/security/cve/CVE-2026-43074 | external |
| https://bugzilla.suse.com/1264263 | external |
| https://bugzilla.suse.com/1265307 | external |
| https://www.suse.com/security/cve/CVE-2026-43077 | external |
| https://bugzilla.suse.com/1264470 | external |
| https://bugzilla.suse.com/1265306 | external |
| https://www.suse.com/security/cve/CVE-2026-43083 | external |
| https://bugzilla.suse.com/1264266 | external |
| https://www.suse.com/security/cve/CVE-2026-43101 | external |
| https://bugzilla.suse.com/1264239 | external |
| https://www.suse.com/security/cve/CVE-2026-43109 | external |
| https://bugzilla.suse.com/1264484 | external |
| https://bugzilla.suse.com/1269282 | external |
| https://www.suse.com/security/cve/CVE-2026-43112 | external |
| https://bugzilla.suse.com/1264437 | external |
| https://www.suse.com/security/cve/CVE-2026-43119 | external |
| https://bugzilla.suse.com/1264561 | external |
| https://www.suse.com/security/cve/CVE-2026-43158 | external |
| https://bugzilla.suse.com/1264595 | external |
| https://www.suse.com/security/cve/CVE-2026-43171 | external |
| https://bugzilla.suse.com/1264549 | external |
| https://www.suse.com/security/cve/CVE-2026-43187 | external |
| https://bugzilla.suse.com/1264603 | external |
| https://www.suse.com/security/cve/CVE-2026-43198 | external |
| https://bugzilla.suse.com/1264610 | external |
| https://bugzilla.suse.com/1264611 | external |
| https://www.suse.com/security/cve/CVE-2026-43206 | external |
| https://bugzilla.suse.com/1264551 | external |
| https://bugzilla.suse.com/1266668 | external |
| https://www.suse.com/security/cve/CVE-2026-43234 | external |
| https://bugzilla.suse.com/1264409 | external |
| https://www.suse.com/security/cve/CVE-2026-43239 | external |
| https://bugzilla.suse.com/1264444 | external |
| https://www.suse.com/security/cve/CVE-2026-43249 | external |
| https://bugzilla.suse.com/1264476 | external |
| https://www.suse.com/security/cve/CVE-2026-43252 | external |
| https://bugzilla.suse.com/1264300 | external |
| https://www.suse.com/security/cve/CVE-2026-43261 | external |
| https://bugzilla.suse.com/1264430 | external |
| https://www.suse.com/security/cve/CVE-2026-43284 | external |
| https://bugzilla.suse.com/1264449 | external |
| https://bugzilla.suse.com/1264459 | external |
| https://bugzilla.suse.com/1265383 | external |
| https://www.suse.com/security/cve/CVE-2026-43296 | external |
| https://bugzilla.suse.com/1264805 | external |
| https://www.suse.com/security/cve/CVE-2026-43325 | external |
| https://bugzilla.suse.com/1265110 | external |
| https://www.suse.com/security/cve/CVE-2026-43333 | external |
| https://bugzilla.suse.com/1264726 | external |
| https://www.suse.com/security/cve/CVE-2026-43338 | external |
| https://bugzilla.suse.com/1264716 | external |
| https://www.suse.com/security/cve/CVE-2026-43339 | external |
| https://bugzilla.suse.com/1264763 | external |
| https://www.suse.com/security/cve/CVE-2026-43341 | external |
| https://bugzilla.suse.com/1265044 | external |
| https://www.suse.com/security/cve/CVE-2026-43345 | external |
| https://bugzilla.suse.com/1265103 | external |
| https://www.suse.com/security/cve/CVE-2026-43359 | external |
| https://bugzilla.suse.com/1264719 | external |
| https://www.suse.com/security/cve/CVE-2026-43360 | external |
| https://bugzilla.suse.com/1264720 | external |
| https://www.suse.com/security/cve/CVE-2026-43361 | external |
| https://bugzilla.suse.com/1264722 | external |
| https://www.suse.com/security/cve/CVE-2026-43362 | external |
| https://bugzilla.suse.com/1264989 | external |
| https://bugzilla.suse.com/1264990 | external |
| https://www.suse.com/security/cve/CVE-2026-43405 | external |
| https://bugzilla.suse.com/1264741 | external |
| https://www.suse.com/security/cve/CVE-2026-43406 | external |
| https://bugzilla.suse.com/1265073 | external |
| https://www.suse.com/security/cve/CVE-2026-43407 | external |
| https://bugzilla.suse.com/1265020 | external |
| https://www.suse.com/security/cve/CVE-2026-43411 | external |
| https://bugzilla.suse.com/1264672 | external |
| https://www.suse.com/security/cve/CVE-2026-43413 | external |
| https://bugzilla.suse.com/1264671 | external |
| https://www.suse.com/security/cve/CVE-2026-43414 | external |
| https://bugzilla.suse.com/1264669 | external |
| https://bugzilla.suse.com/1264670 | external |
| https://www.suse.com/security/cve/CVE-2026-43455 | external |
| https://bugzilla.suse.com/1264765 | external |
| https://www.suse.com/security/cve/CVE-2026-43469 | external |
| https://bugzilla.suse.com/1265143 | external |
| https://www.suse.com/security/cve/CVE-2026-43470 | external |
| https://bugzilla.suse.com/1265128 | external |
| https://www.suse.com/security/cve/CVE-2026-43483 | external |
| https://bugzilla.suse.com/1265240 | external |
| https://www.suse.com/security/cve/CVE-2026-43491 | external |
| https://bugzilla.suse.com/1265628 | external |
| https://www.suse.com/security/cve/CVE-2026-43499 | external |
| https://bugzilla.suse.com/1266001 | external |
| https://bugzilla.suse.com/1266014 | external |
| https://www.suse.com/security/cve/CVE-2026-43501 | external |
| https://bugzilla.suse.com/1266009 | external |
| https://bugzilla.suse.com/1266015 | external |
| https://www.suse.com/security/cve/CVE-2026-43503 | external |
| https://bugzilla.suse.com/1265209 | external |
| https://bugzilla.suse.com/1265960 | external |
| https://bugzilla.suse.com/1266229 | external |
| https://bugzilla.suse.com/1269878 | external |
| https://bugzilla.suse.com/1270098 | external |
| https://bugzilla.suse.com/1270100 | external |
| https://www.suse.com/security/cve/CVE-2026-45840 | external |
| https://bugzilla.suse.com/1266397 | external |
| https://www.suse.com/security/cve/CVE-2026-45841 | external |
| https://bugzilla.suse.com/1266390 | external |
| https://www.suse.com/security/cve/CVE-2026-45842 | external |
| https://bugzilla.suse.com/1266400 | external |
| https://www.suse.com/security/cve/CVE-2026-45843 | external |
| https://bugzilla.suse.com/1266395 | external |
| https://www.suse.com/security/cve/CVE-2026-45846 | external |
| https://bugzilla.suse.com/1266394 | external |
| https://www.suse.com/security/cve/CVE-2026-45852 | external |
| https://bugzilla.suse.com/1266711 | external |
| https://bugzilla.suse.com/1266727 | external |
| https://www.suse.com/security/cve/CVE-2026-45856 | external |
| https://bugzilla.suse.com/1266720 | external |
| https://www.suse.com/security/cve/CVE-2026-45862 | external |
| https://bugzilla.suse.com/1266705 | external |
| https://www.suse.com/security/cve/CVE-2026-45870 | external |
| https://bugzilla.suse.com/1266704 | external |
| https://www.suse.com/security/cve/CVE-2026-45878 | external |
| https://bugzilla.suse.com/1266767 | external |
| https://bugzilla.suse.com/1266768 | external |
| https://www.suse.com/security/cve/CVE-2026-45886 | external |
| https://bugzilla.suse.com/1266810 | external |
| https://bugzilla.suse.com/1266851 | external |
| https://www.suse.com/security/cve/CVE-2026-45894 | external |
| https://bugzilla.suse.com/1266895 | external |
| https://www.suse.com/security/cve/CVE-2026-45910 | external |
| https://bugzilla.suse.com/1266889 | external |
| https://bugzilla.suse.com/1266907 | external |
| https://www.suse.com/security/cve/CVE-2026-45932 | external |
| https://bugzilla.suse.com/1266827 | external |
| https://bugzilla.suse.com/1266829 | external |
| https://www.suse.com/security/cve/CVE-2026-45940 | external |
| https://bugzilla.suse.com/1266916 | external |
| https://www.suse.com/security/cve/CVE-2026-45961 | external |
| https://bugzilla.suse.com/1266933 | external |
| https://www.suse.com/security/cve/CVE-2026-45964 | external |
| https://bugzilla.suse.com/1266698 | external |
| https://www.suse.com/security/cve/CVE-2026-45965 | external |
| https://bugzilla.suse.com/1267208 | external |
| https://www.suse.com/security/cve/CVE-2026-45970 | external |
| https://bugzilla.suse.com/1267205 | external |
| https://bugzilla.suse.com/1267206 | external |
| https://www.suse.com/security/cve/CVE-2026-45974 | external |
| https://bugzilla.suse.com/1266922 | external |
| https://www.suse.com/security/cve/CVE-2026-45983 | external |
| https://bugzilla.suse.com/1266697 | external |
| https://www.suse.com/security/cve/CVE-2026-45984 | external |
| https://bugzilla.suse.com/1267214 | external |
| https://bugzilla.suse.com/1267215 | external |
| https://www.suse.com/security/cve/CVE-2026-46004 | external |
| https://bugzilla.suse.com/1267222 | external |
| https://www.suse.com/security/cve/CVE-2026-46005 | external |
| https://bugzilla.suse.com/1267431 | external |
| https://www.suse.com/security/cve/CVE-2026-46021 | external |
| https://bugzilla.suse.com/1267220 | external |
| https://bugzilla.suse.com/1267221 | external |
| https://www.suse.com/security/cve/CVE-2026-46024 | external |
| https://bugzilla.suse.com/1267218 | external |
| https://bugzilla.suse.com/1267219 | external |
| https://www.suse.com/security/cve/CVE-2026-46037 | external |
| https://bugzilla.suse.com/1267361 | external |
| https://bugzilla.suse.com/1267362 | external |
| https://www.suse.com/security/cve/CVE-2026-46043 | external |
| https://bugzilla.suse.com/1266901 | external |
| https://bugzilla.suse.com/1266902 | external |
| https://www.suse.com/security/cve/CVE-2026-46079 | external |
| https://bugzilla.suse.com/1266452 | external |
| https://www.suse.com/security/cve/CVE-2026-46083 | external |
| https://bugzilla.suse.com/1266696 | external |
| https://www.suse.com/security/cve/CVE-2026-46090 | external |
| https://bugzilla.suse.com/1267531 | external |
| https://bugzilla.suse.com/1267895 | external |
| https://www.suse.com/security/cve/CVE-2026-46094 | external |
| https://bugzilla.suse.com/1266927 | external |
| https://www.suse.com/security/cve/CVE-2026-46101 | external |
| https://bugzilla.suse.com/1266878 | external |
| https://www.suse.com/security/cve/CVE-2026-46110 | external |
| https://bugzilla.suse.com/1266759 | external |
| https://www.suse.com/security/cve/CVE-2026-46111 | external |
| https://bugzilla.suse.com/1267626 | external |
| https://www.suse.com/security/cve/CVE-2026-46113 | external |
| https://bugzilla.suse.com/1266969 | external |
| https://bugzilla.suse.com/1266970 | external |
| https://www.suse.com/security/cve/CVE-2026-46114 | external |
| https://bugzilla.suse.com/1266972 | external |
| https://bugzilla.suse.com/1266973 | external |
| https://www.suse.com/security/cve/CVE-2026-46119 | external |
| https://bugzilla.suse.com/1267628 | external |
| https://bugzilla.suse.com/1267894 | external |
| https://www.suse.com/security/cve/CVE-2026-46120 | external |
| https://bugzilla.suse.com/1267640 | external |
| https://bugzilla.suse.com/1267893 | external |
| https://www.suse.com/security/cve/CVE-2026-46123 | external |
| https://bugzilla.suse.com/1267621 | external |
| https://bugzilla.suse.com/1267622 | external |
| https://www.suse.com/security/cve/CVE-2026-46150 | external |
| https://bugzilla.suse.com/1267387 | external |
| https://bugzilla.suse.com/1267388 | external |
| https://www.suse.com/security/cve/CVE-2026-46157 | external |
| https://bugzilla.suse.com/1267726 | external |
| https://www.suse.com/security/cve/CVE-2026-46159 | external |
| https://bugzilla.suse.com/1267652 | external |
| https://www.suse.com/security/cve/CVE-2026-46160 | external |
| https://bugzilla.suse.com/1267624 | external |
| https://www.suse.com/security/cve/CVE-2026-46172 | external |
| https://bugzilla.suse.com/1266903 | external |
| https://www.suse.com/security/cve/CVE-2026-46176 | external |
| https://bugzilla.suse.com/1266816 | external |
| https://www.suse.com/security/cve/CVE-2026-46181 | external |
| https://bugzilla.suse.com/1266826 | external |
| https://www.suse.com/security/cve/CVE-2026-46197 | external |
| https://bugzilla.suse.com/1267381 | external |
| https://bugzilla.suse.com/1267382 | external |
| https://www.suse.com/security/cve/CVE-2026-46209 | external |
| https://bugzilla.suse.com/1267663 | external |
| https://bugzilla.suse.com/1267891 | external |
| https://www.suse.com/security/cve/CVE-2026-46227 | external |
| https://bugzilla.suse.com/1267697 | external |
| https://bugzilla.suse.com/1267698 | external |
| https://www.suse.com/security/cve/CVE-2026-46244 | external |
| https://bugzilla.suse.com/1267654 | external |
| https://www.suse.com/security/cve/CVE-2026-46259 | external |
| https://bugzilla.suse.com/1267685 | external |
| https://www.suse.com/security/cve/CVE-2026-46273 | external |
| https://bugzilla.suse.com/1267651 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 RT kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-38549: efivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths (bsc#1248235).\n- CVE-2025-68324: scsi: imm: Fix use-after-free bug caused by unfinished delayed work (bsc#1255416).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-23303: smb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds (bsc#1260502).\n- CVE-2026-23327: cxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n- CVE-2026-23359: bpf: Fix stack-out-of-bounds write in devmap (bsc#1260584).\n- CVE-2026-23438: net: mvpp2: guard flow control update with global_tx_fc in buffer switching (bsc#1261619).\n- CVE-2026-23444: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure (bsc#1266307).\n- CVE-2026-31396: net: macb: fix use-after-free access to PTP clock (bsc#1261791).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31446: ext4: fix use-after-free in update_super_work when racing with umount (bsc#1262619).\n- CVE-2026-31448: ext4: avoid infinite loops caused by residual data (bsc#1262622).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31454: xfs: save ailp before dropping the AIL lock in push callbacks (bsc#1262624).\n- CVE-2026-31455: xfs: stop reclaim before pushing AIL during unmount (bsc#1262615).\n- CVE-2026-31464: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() (bsc#1262656).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex (bsc#1262663).\n- CVE-2026-31480: tracing: Fix potential deadlock in cpu hotplug with osnoise (bsc#1262634).\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31493: RDMA/efa: Fix use of completion ctx after free (bsc#1262668).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31516: xfrm: prevent policy_hthresh.work from racing with netns teardown (bsc#1262755).\n- CVE-2026-31518: esp: fix skb leak with espintcp and async crypto (bsc#1262606).\n- CVE-2026-31546: net: bonding: fix NULL deref in bond_debug_rlb_hash_show (bsc#1263006).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31590: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION (bsc#1263152).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31596: ocfs2: handle invalid dinode in ocfs2_group_extend (bsc#1263319).\n- CVE-2026-31613: smb: client: fix OOB reads parsing symlink error response (bsc#1263769).\n- CVE-2026-31614: smb: client: fix off-by-8 bounds check in check_wsl_eas() (bsc#1263774).\n- CVE-2026-31629: nfc: llcp: add missing return after LLCP_CLOSED checks (bsc#1263790).\n- CVE-2026-31655: pmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled (bsc#1263724).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31671: xfrm_user: fix info leak in build_report() (bsc#1263115).\n- CVE-2026-31673: af_unix: read UNIX_DIAG_VFS data under unix_state_lock (bsc#1263143).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31678: openvswitch: defer tunnel netdev_put to RCU release (bsc#1263562).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31703: writeback: Fix use after free in inode_switch_wbs_work_fn() (bsc#1263883).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31758: usb: usbtmc: Flush anchored URBs in usbtmc_release (bsc#1264093).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31767: drm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode (bsc#1264124).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43013: net/mlx5: lag: Check for LAG device before creating debugfs (bsc#1264011).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43026: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent (bsc#1263932).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43030: bpf: Fix regsafe() for pointers to packet (bsc#1264000).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43040: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43052: wifi: mac80211: check tdls flag in ieee80211_tdls_oper (bsc#1263945).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43054: scsi: target: tcm_loop: Drain commands in target_reset handler (bsc#1264063).\n- CVE-2026-43059: Bluetooth: MGMT: fix crash in set_mesh_sync and set_mesh_complete (bsc#1264184).\n- CVE-2026-43065: ext4: always drain queued discard work in ext4_mb_release() (bsc#1264243).\n- CVE-2026-43066: ext4: fix iloc.bh leak in ext4_fc_replay_inode() error paths (bsc#1264245).\n- CVE-2026-43068: ext4: avoid allocate block from corrupted group in ext4_mb_find_by_goal() (bsc#1264255).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43109: x86: shadow stacks: proper error handling for mmap lock (bsc#1264484).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43206: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() (bsc#1264551).\n- CVE-2026-43234: team: avoid NETDEV_CHANGEMTU event when unregistering slave (bsc#1264409).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43249: 9p/xen: protect xen_9pfs_front_free against concurrent calls (bsc#1264476).\n- CVE-2026-43252: mptcp: pm: in-kernel: always set ID as avail when rm endp (bsc#1264300).\n- CVE-2026-43261: arm64: Add support for TSV110 Spectre-BHB mitigation (bsc#1264430).\n- CVE-2026-43296: octeontx2-af: Workaround SQM/PSE stalls by disabling sticky (bsc#1264805).\n- CVE-2026-43325: wifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported (bsc#1265110).\n- CVE-2026-43333: bpf: reject direct access to nullable PTR_TO_BUF pointers (bsc#1264726).\n- CVE-2026-43338: btrfs: reserve enough transaction items for qgroup ioctls (bsc#1264716).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43341: net/ipv6: ioam6: prevent schema length wraparound in trace fill (bsc#1265044).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43359: btrfs: fix transaction abort on set received ioctl due to item overflow (bsc#1264719).\n- CVE-2026-43360: btrfs: fix transaction abort on file creation due to name hash collision (bsc#1264720).\n- CVE-2026-43361: btrfs: fix transaction abort when snapshotting received subvolumes (bsc#1264722).\n- CVE-2026-43362: smb: client: fix in-place encryption corruption in SMB2_write() (bsc#1264989).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43406: libceph: prevent potential out-of-bounds reads in process_message_header() (bsc#1265073).\n- CVE-2026-43407: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply() (bsc#1265020).\n- CVE-2026-43411: tipc: fix divide-by-zero in tipc_sk_filter_connect() (bsc#1264672).\n- CVE-2026-43413: scsi: hisi_sas: Fix NULL pointer exception during user_scan() (bsc#1264671).\n- CVE-2026-43414: scsi: qla2xxx: Completely fix fcport double free (bsc#1264669).\n- CVE-2026-43455: net: mctp: Ensure keys maintain only one ref to corresponding dev (bsc#1264765).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43470: nfs: return EISDIR on nfs3_proc_create if d_alias is a dir (bsc#1265128).\n- CVE-2026-43483: KVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated (bsc#1265240).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-43499: rtmutex: Use waiter::task instead of current in remove_waiter() (bsc#1266001).\n- CVE-2026-43501: ipv6: rpl: reserve mac_len headroom when recompressed SRH grows (bsc#1266009).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45842: slip: reject VJ receive packets on instances with no rstate array (bsc#1266400).\n- CVE-2026-45843: slip: bound decode() reads against the compressed packet length (bsc#1266395).\n- CVE-2026-45846: bareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst() (bsc#1266394).\n- CVE-2026-45852: RDMA/rxe: Fix double free in rxe_srq_from_init (bsc#1266711).\n- CVE-2026-45856: RDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send (bsc#1266720).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45878: drm/amdkfd: Fix watch_id bounds checking in debug address watch v2 (bsc#1266767).\n- CVE-2026-45886: bpf: Fix bpf_xdp_store_bytes proto for read-only arg (bsc#1266810).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45910: RDMA/rxe: Fix race condition in QP timer handlers (bsc#1266889).\n- CVE-2026-45932: bpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given (bsc#1266827).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45970: bonding: alb: fix UAF in rlb_arp_recv during bond up/down (bsc#1267205).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-45983: nfsd: never defer requests during idmap lookup (bsc#1266697).\n- CVE-2026-45984: gfs2: Move the inode glock locking to gfs2_file_buffered_write (bsc#1267214).\n- CVE-2026-46004: ALSA: caiaq: Handle probe errors properly (bsc#1267222).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46021: thermal: core: Fix thermal zone governor cleanup issues (bsc#1267220).\n- CVE-2026-46024: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply() (bsc#1267218).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46043: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv (bsc#1266901).\n- CVE-2026-46079: rbd: fix null-ptr-deref when device_add_disk() fails (bsc#1266452).\n- CVE-2026-46083: spi: fix resource leaks on device setup failure (bsc#1266696).\n- CVE-2026-46090: ALSA: aloop: Use guard() for spin locks (bsc#1267531).\n- CVE-2026-46094: ext4: fix bounds check in check_xattrs() to prevent out-of-bounds access (bsc#1266927).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46110: net: stmmac: rename STMMAC_GET_ENTRY() -\u003e STMMAC_NEXT_ENTRY() (bsc#1266759).\n- CVE-2026-46111: Bluetooth: hci_conn: fix potential UAF in create_big_sync (bsc#1267626).\n- CVE-2026-46113: KVM: x86/mmu: Add helper to convert SPTE value to its shadow page (bsc#1266969).\n- CVE-2026-46114: RDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads (bsc#1266972).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46157: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger (bsc#1267726).\n- CVE-2026-46159: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak (bsc#1267652).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46176: RDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init() (bsc#1266816).\n- CVE-2026-46181: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() (bsc#1266826).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46209: drm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs() (bsc#1267663).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: PCM: Fix wait queue list corruption in snd_pcm_drain() on linked streams (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: asihpi: Fix potential OOB array access at reading cache (stable-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: hda/conexant: Renaming the codec with device ID 0x1f86 and 0x1f87 (stable-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: sc6000: Keep the programmed board state in card-private data (git-fixes).\n- ALSA: sc6000: Use standard print API (stable-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: ua101: Reject too-short USB descriptors (git-fixes).\n- ALSA: usb-audio: Bound MIDI 2.0 endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Bound MIDI endpoint descriptor scans (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: Intel: hda-dai: add support for dspless mode beyond HDAudio (stable-fixes).\n- ASoC: SOF: Intel: hda-dai: remove dspless special case (stable-fixes).\n- ASoC: SOF: Intel: hda: Fix NULL pointer dereference (stable-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: codecs: simple-mux: Fix enum control bounds check (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix flushing of IRQ work in cs35l56_sdw_remove() (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: qcom: q6asm-dai: close stream only when running (git-fixes).\n- ASoC: qcom: q6asm-dai: do not set stream state in event and trigger callbacks (git-fixes).\n- ASoC: qcom: q6asm-dai: fix error handling in prepare and set_params (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: 6lowpan: check skb_clone() return value in send_mcast_pkt() (git-fixes).\n- Bluetooth: HIDP: fix missing length checks in hidp_input_report() (git-fixes).\n- Bluetooth: ISO: drop ISO_END frames received without prior ISO_START (git-fixes).\n- Bluetooth: ISO: fix UAF in iso_recv_frame (git-fixes).\n- Bluetooth: ISO: serialize iso_sock_clear_timer with socket lock (git-fixes).\n- Bluetooth: L2CAP: Fix possible crash on l2cap_ecred_conn_rsp (git-fixes).\n- Bluetooth: L2CAP: fix chan ref leak in l2cap_chan_timeout() on !conn (git-fixes).\n- Bluetooth: L2CAP: use chan timer to close channels in cleanup_listen() (git-fixes).\n- Bluetooth: MGMT: Fix backward compatibility with userspace (git-fixes).\n- Bluetooth: MGMT: validate Add Extended Advertising Data length (git-fixes).\n- Bluetooth: MGMT: validate advertising TLV before type checks (git-fixes).\n- Bluetooth: RFCOMM: hold listener socket in rfcomm_connect_ind() (git-fixes).\n- Bluetooth: RFCOMM: validate skb length in MCC handlers (git-fixes).\n- Bluetooth: bnep: Fix UAF read of dev-\u003ename (git-fixes).\n- Bluetooth: bnep: reject short frames before parsing (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: Allow firmware re-download when version matches (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: fix UAF in l2cap_sock_cleanup_listen() vs l2cap_conn_del() (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: hci_sync: Set HCI_CMD_DRAIN_WORKQUEUE during device close (git-fixes).\n- Bluetooth: hci_sync: reject oversized Broadcast Announcement prepend (git-fixes).\n- Bluetooth: hci_uart: fix UAFs and race conditions in close and init paths (git-fixes).\n- Bluetooth: l2cap: clear chan-\u003eident on ECRED reconfiguration success (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- HID: quirks: really enable the intended work around for appledisplay (git-fixes).\n- HID: uclogic: Fix regression of input name assignment (git-fixes).\n- HID: wacom: Fix OOB write in wacom_hid_set_device_mode() (git-fixes).\n- Improve compatibility with awk 2.4.0 (bsc#1266214). \n- Input: atkbd - skip deactivate for HONOR BCC-N\u0027s internal keyboard (git-fixes).\n- Input: atmel_mxt_ts - fix boundary check in mxt_prepare_cfg_mem (git-fixes).\n- Input: ims-pcu - fix usb_free_coherent() size in ims_pcu_buffers_free() (git-fixes).\n- Input: usbtouchscreen - clamp NEXIO data_len/x_len to URB buffer size (git-fixes).\n- Input: xpad - fix out-of-bounds access for Share button (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: Initialize AVIC VMCB fields if AVIC is enabled with in-kernel APIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: X86: Fix array_index_nospec protection in __pv_send_ipi (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: nSVM: Use vcpu-\u003earch.cr2 when updating vmcb12 on nested #VMEXIT (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- KVM: x86: Fix Xen hypercall tracepoint argument assignment (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- RDMA/efa: Check stored completion CTX command ID with received one (git-fixes)\n- RDMA/efa: Extend admin timeout error print (git-fixes)\n- RDMA/efa: Fix possible deadlock (git-fixes)\n- RDMA/efa: Improve admin completion context state machine (git-fixes)\n- RDMA/mana_ib: Report max_msg_sz in mana_ib_query_port (git-fixes).\n- wicked test: Added missing locking in backport (bsc#1267732).\n- USB: cdc-acm: Fix bit overlap and move quirk definitions to header (git-fixes).\n- USB: serial: belkin_sa: validate interrupt status length (git-fixes).\n- USB: serial: cypress_m8: validate interrupt packet headers (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: keyspan: fix missing indat transfer sanity check (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- USB: serial: mct_u232: fix missing interrupt-in transfer sanity check (git-fixes).\n- USB: serial: mxuport: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: omninet: fix memory corruption with small endpoint (git-fixes).\n- USB: serial: option: add missing RSVD(5) flag for Rolling RW135R-GL (git-fixes).\n- USB: serial: safe_serial: fix memory corruption with small endpoint (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- arm64: tlb: Allow XZR argument to TLBI ops (git-fixes)\n- arm64: tlb: Optimize ARM64_WORKAROUND_REPEAT_TLBI (git-fixes)\n- auxdisplay: line-display: fix OOB read on zero-length message_store() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: bla: fix report_work leak on backbone_gw purge (git-fixes).\n- batman-adv: clear current gateway during teardown (git-fixes).\n- batman-adv: dat: handle forward allocation error (git-fixes).\n- batman-adv: fix batadv_skb_is_frag() kernel-doc (git-fixes).\n- batman-adv: fix fragment reassembly length accounting (git-fixes).\n- batman-adv: fix tp_meter counter underflow during shutdown (git-fixes).\n- batman-adv: frag: disallow unicast fragment in fragment (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid use of uninit sender vars (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- batman-adv: tt: fix negative last_changeset_len (git-fixes).\n- batman-adv: tt: fix negative tt_buff_len (git-fixes).\n- bcache: fix uninitialized closure object (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- comedi: comedi_test: Fix limiting of convert_arg in waveform_ai_cmdtest() (git-fixes).\n- comedi: comedi_test: fix check for valid scan_begin_src in waveform_ai_cmdtest() (git-fixes).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- device property: set fwnode-\u003esecondary to NULL in fwnode_init() (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drivers/base/memory: fix memory block reference leak in poison accounting (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amd/display: Clamp HDMI HDCP2 rx_id_list read to buffer size (git-fixes).\n- drm/amd/display: Fix NULL deref and buffer over-read in SDP debugfs (git-fixes).\n- drm/amd/display: Fix integer overflow in bios_get_image() (stable-fixes).\n- drm/amd/display: Reject gpio_bitshift \u003e= 32 in bios_parser_get_gpio_pin_info() (git-fixes).\n- drm/amd/display: Use krealloc_array() in dal_vector_reserve() (git-fixes).\n- drm/amd/display: Validate GPIO pin LUT table size before iterating (stable-fixes).\n- drm/amd/display: Validate payload length and link_index in dc_process_dmub_aux_transfer_async (stable-fixes).\n- drm/amd/pm/si: Disregard vblank time when no displays are connected (git-fixes).\n- drm/amdgpu/uvd3.1: Do not validate the firmware when already validated (git-fixes).\n- drm/amdgpu/vce2: Fix VCE 2 firmware size and offsets (git-fixes).\n- drm/amdgpu/vce3: Fix VCE 3 firmware size and offsets (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: fix spelling typos (stable-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Fix buffer overflow in SDMA queue checkpoint/restore on GFX11 (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/amdkfd: fix NULL dereference in get_queue_ids() (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/bridge: chipone-icn6211: use devm_drm_bridge_add in i2c probe (git-fixes).\n- drm/bridge: it66121: acquire reset GPIO in probe (git-fixes).\n- drm/bridge: megachips: remove bridge when irq request fails (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/hyperv: validate VMBus packet size in receive callback (git-fixes).\n- drm/hyperv: validate resolution_count and fix WIN8 fallback (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/i915: Extract intel_dbuf_mdclk_cdclk_ratio_update() (stable-fixes).\n- drm/i915: Fix potential UAF in TTM object purge (git-fixes).\n- drm/i915: Loop over all active pipes in intel_mbus_dbox_update (stable-fixes).\n- drm/imx: Fix three kernel-doc warnings in dcss-scaler.c (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/msm/dsi: do not dump registers past the mapped region (git-fixes).\n- drm/msm/snapshot: fix dumping of the unaligned regions (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon/evergreen_cs: Add missing NULL prefix check in surface check (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- drm/virtio: use uninterruptible resv lock for plane updates (git-fixes).\n- efi: Allocate runtime workqueue before ACPI init (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_ffa: Check for NULL FF-A ID table while driver registration (git-fixes).\n- firmware: arm_ffa: Skip free_pages on RX buffer alloc failure (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwmon: (pmbus/adm1266) bounce blackbox records through a protocol-sized buffer (git-fixes).\n- hwmon: (pmbus/adm1266) cap PDIO scan in get_multiple at ADM1266_PDIO_NR (git-fixes).\n- hwmon: (pmbus/adm1266) do not clobber GPIO bits before PDIO read in get_multiple (git-fixes).\n- hwmon: (pmbus/adm1266) include PEC byte in pmbus_block_xfer read buffer (git-fixes).\n- hwmon: (pmbus/adm1266) include adapter number in GPIO line label (git-fixes).\n- hwmon: (pmbus/adm1266) register the gpio_chip after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) register the nvmem device after pmbus_do_probe() (git-fixes).\n- hwmon: (pmbus/adm1266) reject implausible blackbox record_count (git-fixes).\n- hwmon: (pmbus/adm1266) reject short block-read responses in the GPIO accessors (git-fixes).\n- hwmon: (pmbus/adm1266) seed timestamp from the real-time clock (git-fixes).\n- hwmon: (pmbus/adm1266) widen blackbox-info buffer to I2C_SMBUS_BLOCK_MAX (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- iio: adc: viperboard: Fix error handling in vprbrd_iio_read_raw (git-fixes).\n- iio: adc: xilinx-xadc: Fix sequencer mode in postdisable for dual mux (git-fixes).\n- iio: buffer: hw-consumer: fix use-after-free in error path (git-fixes).\n- iio: dac: ad5686: acquire lock when doing powerdown control (git-fixes).\n- iio: dac: ad5686: fix input raw value check (git-fixes).\n- iio: dac: max5821: fix return value check in powerdown sync (git-fixes).\n- iio: gyro: itg3200: fix i2c read into the wrong stack location (git-fixes).\n- iio: imu: st_lsm6dsx: fix stack leak in tagged FIFO buffer (git-fixes).\n- iio: light: cm3323: fix reg_conf not being initialized correctly (git-fixes).\n- iio: magnetometer: st_magn: fix default DRDY pin selection for LIS2MDL (git-fixes).\n- iio: ssp_sensors: cancel delayed work_refresh on remove (git-fixes).\n- iio: temperature: tsys01: fix broken PROM checksum validation (git-fixes).\n- kabi: arm64: module: Update missing .init.text.ftrace_trampoline section message (bsc#1265579 bsc#1265170).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- mmc: core: Fix host controller programming for fixed driver type (git-fixes).\n- mmc: litex_mmc: Set mandatory idle clocks before CMD0 (git-fixes).\n- mmc: litex_mmc: Use DIV_ROUND_UP for more accurate clock calculation (git-fixes).\n- mmc: renesas_sdhi: Add OF entry for RZ/G2H SoC (git-fixes).\n- mmc: sdhci: add signal voltage switch in sdhci_resume_host (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: gro: do not merge zcopy skbs (git-fixes).\n- net: mana: Add NULL guards in teardown path to prevent panic on attach failure (git-fixes).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- net: mana: Expose hardware diagnostic info via debugfs (bsc#1266414).\n- net: mana: Fix TOCTOU double-fetch of hwc_msg_id from DMA buffer (bsc#1265928).\n- net: mana: Skip redundant detach on already-detached port (git-fixes).\n- net: mana: Use kvmalloc for large RX queue and buffer allocations (bsc#1266765).\n- net: mana: Use per-queue allocation for tx_qp to reduce allocation size (bsc#1266765).\n- net: mana: hardening: Reject zero max_num_queues from GDMA_QUERY_MAX_RESOURCES (git-fixes).\n- net: mana: validate rx_req_idx to prevent out-of-bounds array access (bsc#1266402).\n- net: wwan: iosm: fix potential memory leaks in ipc_imem_init() (git-fixes).\n- phy: marvell: mvebu-a3700-utmi: fix incorrect USB2_PHY_CTRL register access (git-fixes).\n- platform/x86: adv_swbutton: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: hp_accel: Check ACPI_COMPANION() against NULL (git-fixes).\n- platform/x86: intel-hid: Check ACPI_HANDLE() against NULL (git-fixes).\n- platform/x86: intel-vbtn: Check ACPI_HANDLE() against NULL (git-fixes).\n- r8152: fix incorrect register write to USB_UPHY_XTAL (git-fixes).\n- rpm/check-for-config-changes: ignore Rust-related configs (bsc#1258538).\n- rpm/mkspec: Conditionally set Rust BuildReqs (bsc#1258538).\n- rpm: Add BuildRequires for Rust enablement (bsc#1258538).\n- s390/barrier: Make array_index_mask_nospec() __always_inline (bsc#1263068).\n- s390/entry: Scrub r12 register on kernel entry (bsc#1263068).\n- s390/syscalls: Add spectre boundary for syscall dispatch table (bsc#1263068).\n- sched/rt: Skip currently executing CPU in rto_next_cpu() (bsc#1262649).\n- security/keys: fix missed RCU read section on lookup (stable-fixes).\n- serial: fsl_lpuart: fix rx buffer and DMA map leaks in start_rx_dma (git-fixes).\n- serial: qcom-geni: fix UART_RX_PAR_EN bit position (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- smb: client: correctly handle ErrorContextData as a flexible array (git-fixes)\n- smb: client: reject userspace cifs.spnego descriptions (bsc#1266238).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: mtk-snfi: Fix resource leak in mtk_snand_read_page_cache() (git-fixes).\n- spi: sprd: fix error pointer deref after DMA setup failure (git-fixes).\n- spi: st-ssc4: switch to use modern name (stable-fixes).\n- spi: ti-qspi: fix use-after-free after DMA setup failure (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- string: add mem_is_zero() helper to check if memory area is all zeros (stable-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- thunderbolt: property: Reject dir_len \u0026lt; 4 to prevent size_t underflow (git-fixes).\n- thunderbolt: property: Reject u32 wrap in tb_property_entry_valid() (git-fixes).\n- tracing: Switch trace_osnoise.c code over to use guard() and __free() (bsc#1262634).\n- tty: serial: pch_uart: add check for dma_alloc_coherent() (git-fixes).\n- usb: cdns3: gadget: fix request skipping after clearing halt (git-fixes).\n- usb: cdns3: plat: fix unbalanced pm_runtime_forbid() call permanently leaks the runtime PM usage counter across bind/unbind cycles (git-fixes).\n- usb: chipidea: core: convert ci_role_switch to local variable (git-fixes).\n- usb: dwc2: Fix use after free in debug code (git-fixes).\n- usb: gadget: composite: fix integer underflow in WebUSB GET_URL handling (git-fixes).\n- usb: gadget: dummy_hcd: Reject hub port requests for non-existent ports (git-fixes).\n- usb: gadget: f_fs: copy only received bytes on short ep0 read (git-fixes).\n- usb: gadget: f_hid: fix device reference leak in hidg_alloc() (git-fixes).\n- usb: gadget: net2280: Fix double free in probe error path (git-fixes).\n- usb: usbtmc: check URB actual_length for interrupt-IN notifications (git-fixes).\n- usb: usbtmc: reject interrupt endpoints with small wMaxPacketSize (git-fixes).\n- usbip: vudc: Fix use after free bug in vudc_remove due to race condition (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath10k: skip WMI and beacon transmission when device is wedged (git-fixes).\n- wifi: ath11k: clear shared SRNG pointer state on restart (git-fixes).\n- wifi: ath11k: fix error path leak in ath11k_tm_cmd_wmi_ftm() (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI WOW calls (git-fixes).\n- wifi: ath11k: fix error path leaks in some WMI calls (git-fixes).\n- wifi: ath11k: fix peer resolution on rx path when peer_id=0 (git-fixes).\n- wifi: ath11k: fix use after free in ath11k_dp_rx_msdu_coalesce() (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: advance loop vars in cfg80211_merge_profile() (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: consume only present negotiated TTLM maps (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mac80211: limit injected antenna index in ieee80211_parse_tx_radiotap (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: nl80211: reject oversized EMA RNR lists (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-498",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22433-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22433-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622433-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22433-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047862.html"
},
{
"category": "self",
"summary": "SUSE Bug 1248235",
"url": "https://bugzilla.suse.com/1248235"
},
{
"category": "self",
"summary": "SUSE Bug 1255416",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1258538",
"url": "https://bugzilla.suse.com/1258538"
},
{
"category": "self",
"summary": "SUSE Bug 1260502",
"url": "https://bugzilla.suse.com/1260502"
},
{
"category": "self",
"summary": "SUSE Bug 1260584",
"url": "https://bugzilla.suse.com/1260584"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1261619",
"url": "https://bugzilla.suse.com/1261619"
},
{
"category": "self",
"summary": "SUSE Bug 1261791",
"url": "https://bugzilla.suse.com/1261791"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262606",
"url": "https://bugzilla.suse.com/1262606"
},
{
"category": "self",
"summary": "SUSE Bug 1262615",
"url": "https://bugzilla.suse.com/1262615"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262619",
"url": "https://bugzilla.suse.com/1262619"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262622",
"url": "https://bugzilla.suse.com/1262622"
},
{
"category": "self",
"summary": "SUSE Bug 1262624",
"url": "https://bugzilla.suse.com/1262624"
},
{
"category": "self",
"summary": "SUSE Bug 1262634",
"url": "https://bugzilla.suse.com/1262634"
},
{
"category": "self",
"summary": "SUSE Bug 1262649",
"url": "https://bugzilla.suse.com/1262649"
},
{
"category": "self",
"summary": "SUSE Bug 1262656",
"url": "https://bugzilla.suse.com/1262656"
},
{
"category": "self",
"summary": "SUSE Bug 1262663",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "self",
"summary": "SUSE Bug 1262668",
"url": "https://bugzilla.suse.com/1262668"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262755",
"url": "https://bugzilla.suse.com/1262755"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263006",
"url": "https://bugzilla.suse.com/1263006"
},
{
"category": "self",
"summary": "SUSE Bug 1263068",
"url": "https://bugzilla.suse.com/1263068"
},
{
"category": "self",
"summary": "SUSE Bug 1263115",
"url": "https://bugzilla.suse.com/1263115"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263143",
"url": "https://bugzilla.suse.com/1263143"
},
{
"category": "self",
"summary": "SUSE Bug 1263152",
"url": "https://bugzilla.suse.com/1263152"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263319",
"url": "https://bugzilla.suse.com/1263319"
},
{
"category": "self",
"summary": "SUSE Bug 1263562",
"url": "https://bugzilla.suse.com/1263562"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263724",
"url": "https://bugzilla.suse.com/1263724"
},
{
"category": "self",
"summary": "SUSE Bug 1263769",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "self",
"summary": "SUSE Bug 1263774",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "self",
"summary": "SUSE Bug 1263790",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263883",
"url": "https://bugzilla.suse.com/1263883"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263932",
"url": "https://bugzilla.suse.com/1263932"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263945",
"url": "https://bugzilla.suse.com/1263945"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264000",
"url": "https://bugzilla.suse.com/1264000"
},
{
"category": "self",
"summary": "SUSE Bug 1264011",
"url": "https://bugzilla.suse.com/1264011"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264063",
"url": "https://bugzilla.suse.com/1264063"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264093",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264124",
"url": "https://bugzilla.suse.com/1264124"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264184",
"url": "https://bugzilla.suse.com/1264184"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264243",
"url": "https://bugzilla.suse.com/1264243"
},
{
"category": "self",
"summary": "SUSE Bug 1264245",
"url": "https://bugzilla.suse.com/1264245"
},
{
"category": "self",
"summary": "SUSE Bug 1264255",
"url": "https://bugzilla.suse.com/1264255"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264300",
"url": "https://bugzilla.suse.com/1264300"
},
{
"category": "self",
"summary": "SUSE Bug 1264409",
"url": "https://bugzilla.suse.com/1264409"
},
{
"category": "self",
"summary": "SUSE Bug 1264430",
"url": "https://bugzilla.suse.com/1264430"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264449",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264476",
"url": "https://bugzilla.suse.com/1264476"
},
{
"category": "self",
"summary": "SUSE Bug 1264484",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264551",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264669",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "self",
"summary": "SUSE Bug 1264671",
"url": "https://bugzilla.suse.com/1264671"
},
{
"category": "self",
"summary": "SUSE Bug 1264672",
"url": "https://bugzilla.suse.com/1264672"
},
{
"category": "self",
"summary": "SUSE Bug 1264716",
"url": "https://bugzilla.suse.com/1264716"
},
{
"category": "self",
"summary": "SUSE Bug 1264719",
"url": "https://bugzilla.suse.com/1264719"
},
{
"category": "self",
"summary": "SUSE Bug 1264720",
"url": "https://bugzilla.suse.com/1264720"
},
{
"category": "self",
"summary": "SUSE Bug 1264722",
"url": "https://bugzilla.suse.com/1264722"
},
{
"category": "self",
"summary": "SUSE Bug 1264726",
"url": "https://bugzilla.suse.com/1264726"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1264765",
"url": "https://bugzilla.suse.com/1264765"
},
{
"category": "self",
"summary": "SUSE Bug 1264805",
"url": "https://bugzilla.suse.com/1264805"
},
{
"category": "self",
"summary": "SUSE Bug 1264989",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "self",
"summary": "SUSE Bug 1265020",
"url": "https://bugzilla.suse.com/1265020"
},
{
"category": "self",
"summary": "SUSE Bug 1265044",
"url": "https://bugzilla.suse.com/1265044"
},
{
"category": "self",
"summary": "SUSE Bug 1265073",
"url": "https://bugzilla.suse.com/1265073"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265110",
"url": "https://bugzilla.suse.com/1265110"
},
{
"category": "self",
"summary": "SUSE Bug 1265128",
"url": "https://bugzilla.suse.com/1265128"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265170",
"url": "https://bugzilla.suse.com/1265170"
},
{
"category": "self",
"summary": "SUSE Bug 1265240",
"url": "https://bugzilla.suse.com/1265240"
},
{
"category": "self",
"summary": "SUSE Bug 1265579",
"url": "https://bugzilla.suse.com/1265579"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1265928",
"url": "https://bugzilla.suse.com/1265928"
},
{
"category": "self",
"summary": "SUSE Bug 1265960",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "self",
"summary": "SUSE Bug 1266001",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "self",
"summary": "SUSE Bug 1266009",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "self",
"summary": "SUSE Bug 1266214",
"url": "https://bugzilla.suse.com/1266214"
},
{
"category": "self",
"summary": "SUSE Bug 1266238",
"url": "https://bugzilla.suse.com/1266238"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266307",
"url": "https://bugzilla.suse.com/1266307"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266394",
"url": "https://bugzilla.suse.com/1266394"
},
{
"category": "self",
"summary": "SUSE Bug 1266395",
"url": "https://bugzilla.suse.com/1266395"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266400",
"url": "https://bugzilla.suse.com/1266400"
},
{
"category": "self",
"summary": "SUSE Bug 1266402",
"url": "https://bugzilla.suse.com/1266402"
},
{
"category": "self",
"summary": "SUSE Bug 1266414",
"url": "https://bugzilla.suse.com/1266414"
},
{
"category": "self",
"summary": "SUSE Bug 1266452",
"url": "https://bugzilla.suse.com/1266452"
},
{
"category": "self",
"summary": "SUSE Bug 1266696",
"url": "https://bugzilla.suse.com/1266696"
},
{
"category": "self",
"summary": "SUSE Bug 1266697",
"url": "https://bugzilla.suse.com/1266697"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266711",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "self",
"summary": "SUSE Bug 1266720",
"url": "https://bugzilla.suse.com/1266720"
},
{
"category": "self",
"summary": "SUSE Bug 1266759",
"url": "https://bugzilla.suse.com/1266759"
},
{
"category": "self",
"summary": "SUSE Bug 1266765",
"url": "https://bugzilla.suse.com/1266765"
},
{
"category": "self",
"summary": "SUSE Bug 1266767",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "self",
"summary": "SUSE Bug 1266810",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "self",
"summary": "SUSE Bug 1266816",
"url": "https://bugzilla.suse.com/1266816"
},
{
"category": "self",
"summary": "SUSE Bug 1266826",
"url": "https://bugzilla.suse.com/1266826"
},
{
"category": "self",
"summary": "SUSE Bug 1266827",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266889",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266901",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266927",
"url": "https://bugzilla.suse.com/1266927"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1266969",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "self",
"summary": "SUSE Bug 1266972",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "self",
"summary": "SUSE Bug 1267205",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267214",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "self",
"summary": "SUSE Bug 1267218",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "self",
"summary": "SUSE Bug 1267220",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "self",
"summary": "SUSE Bug 1267222",
"url": "https://bugzilla.suse.com/1267222"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267531",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267626",
"url": "https://bugzilla.suse.com/1267626"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267652",
"url": "https://bugzilla.suse.com/1267652"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267663",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267726",
"url": "https://bugzilla.suse.com/1267726"
},
{
"category": "self",
"summary": "SUSE Bug 1267732",
"url": "https://bugzilla.suse.com/1267732"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-38549 page",
"url": "https://www.suse.com/security/cve/CVE-2025-38549/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68324 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68324/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23303 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23303/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23327 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23327/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23438 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23438/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-23444 page",
"url": "https://www.suse.com/security/cve/CVE-2026-23444/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31396 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31396/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31446 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31446/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31448 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31448/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31454 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31454/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31464 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31464/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31473 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31473/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31480 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31480/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31493 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31493/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31516 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31516/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31518 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31518/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31546 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31546/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31580 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31580/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31590 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31590/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31596 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31596/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31613 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31613/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31614 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31614/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31629 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31629/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31655 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31655/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31671 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31671/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31673 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31673/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31678 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31678/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31703 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31703/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31758 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31758/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31767 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31767/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43013 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43013/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43026 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43026/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43030 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43030/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43040 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43040/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43052 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43052/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43054 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43054/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43059 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43059/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43065 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43065/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43066 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43066/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43068 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43068/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43109 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43109/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43206 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43206/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43234 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43234/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43249 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43249/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43252 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43252/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43261 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43261/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43284 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43284/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43296 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43296/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43325 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43325/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43333 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43333/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43338 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43338/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43341 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43341/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43359 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43359/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43360 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43360/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43361 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43361/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43362 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43362/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43406 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43406/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43407 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43407/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43411 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43411/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43413 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43413/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43455 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43455/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43470 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43470/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43483 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43483/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43501 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43501/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43503 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43503/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45842 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45842/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45843 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45843/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45846 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45846/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45852 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45852/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45856 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45856/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45878 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45878/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45886 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45886/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45910 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45910/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45932 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45932/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45970 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45970/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45983 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45983/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45984 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45984/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46004 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46004/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46021 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46021/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46043 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46043/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46079 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46079/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46090 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46090/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46094 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46094/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46110 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46110/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46111 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46111/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46113 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46113/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46114 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46114/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46157 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46157/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46159 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46159/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46176 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46176/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46181 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46181/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46209 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46209/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T17:41:36Z",
"generator": {
"date": "2026-06-30T17:41:36Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22433-1",
"initial_release_date": "2026-06-30T17:41:36Z",
"revision_history": [
{
"date": "2026-06-30T17:41:36Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch",
"product_id": "kernel-devel-rt-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-rt-6.4.0-48.1.noarch",
"product_id": "kernel-source-rt-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-rt-livepatch-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-rt-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-rt-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-rt-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-rt-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-38549",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-38549"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nefivarfs: Fix memory leak of efivarfs_fs_info in fs_context error paths\n\nWhen processing mount options, efivarfs allocates efivarfs_fs_info (sfi)\nearly in fs_context initialization. However, sfi is associated with the\nsuperblock and typically freed when the superblock is destroyed. If the\nfs_context is released (final put) before fill_super is called-such as\non error paths or during reconfiguration-the sfi structure would leak,\nas ownership never transfers to the superblock.\n\nImplement the .free callback in efivarfs_context_ops to ensure any\nallocated sfi is properly freed if the fs_context is torn down before\nfill_super, preventing this memory leak.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-38549",
"url": "https://www.suse.com/security/cve/CVE-2025-38549"
},
{
"category": "external",
"summary": "SUSE Bug 1248235 for CVE-2025-38549",
"url": "https://bugzilla.suse.com/1248235"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2025-38549"
},
{
"cve": "CVE-2025-68324",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68324"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: imm: Fix use-after-free bug caused by unfinished delayed work\n\nThe delayed work item \u0027imm_tq\u0027 is initialized in imm_attach() and\nscheduled via imm_queuecommand() for processing SCSI commands. When the\nIMM parallel port SCSI host adapter is detached through imm_detach(),\nthe imm_struct device instance is deallocated.\n\nHowever, the delayed work might still be pending or executing\nwhen imm_detach() is called, leading to use-after-free bugs\nwhen the work function imm_interrupt() accesses the already\nfreed imm_struct memory.\n\nThe race condition can occur as follows:\n\nCPU 0(detach thread) | CPU 1\n | imm_queuecommand()\n | imm_queuecommand_lck()\nimm_detach() | schedule_delayed_work()\n kfree(dev) //FREE | imm_interrupt()\n | dev = container_of(...) //USE\n dev-\u003e //USE\n\nAdd disable_delayed_work_sync() in imm_detach() to guarantee proper\ncancellation of the delayed work item before imm_struct is deallocated.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68324",
"url": "https://www.suse.com/security/cve/CVE-2025-68324"
},
{
"category": "external",
"summary": "SUSE Bug 1255416 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1255416"
},
{
"category": "external",
"summary": "SUSE Bug 1257117 for CVE-2025-68324",
"url": "https://bugzilla.suse.com/1257117"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-68324"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-23303",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23303"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: Don\u0027t log plaintext credentials in cifs_set_cifscreds\n\nWhen debug logging is enabled, cifs_set_cifscreds() logs the key\npayload and exposes the plaintext username and password. Remove the\ndebug log to avoid exposing credentials.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23303",
"url": "https://www.suse.com/security/cve/CVE-2026-23303"
},
{
"category": "external",
"summary": "SUSE Bug 1260502 for CVE-2026-23303",
"url": "https://bugzilla.suse.com/1260502"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23303"
},
{
"cve": "CVE-2026-23327",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23327"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncxl/mbox: validate payload size before accessing contents in cxl_payload_from_user_allowed()\n\ncxl_payload_from_user_allowed() casts and dereferences the input\npayload without first verifying its size. When a raw mailbox command\nis sent with an undersized payload (ie: 1 byte for CXL_MBOX_OP_CLEAR_LOG,\nwhich expects a 16-byte UUID), uuid_equal() reads past the allocated buffer,\ntriggering a KASAN splat:\n\nBUG: KASAN: slab-out-of-bounds in memcmp+0x176/0x1d0 lib/string.c:683\nRead of size 8 at addr ffff88810130f5c0 by task syz.1.62/2258\n\nCPU: 2 UID: 0 PID: 2258 Comm: syz.1.62 Not tainted 6.19.0-dirty #3 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.17.0-0-gb52ca86e094d-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:94 [inline]\n dump_stack_lvl+0xab/0xe0 lib/dump_stack.c:120\n print_address_description mm/kasan/report.c:378 [inline]\n print_report+0xce/0x650 mm/kasan/report.c:482\n kasan_report+0xce/0x100 mm/kasan/report.c:595\n memcmp+0x176/0x1d0 lib/string.c:683\n uuid_equal include/linux/uuid.h:73 [inline]\n cxl_payload_from_user_allowed drivers/cxl/core/mbox.c:345 [inline]\n cxl_mbox_cmd_ctor drivers/cxl/core/mbox.c:368 [inline]\n cxl_validate_cmd_from_user drivers/cxl/core/mbox.c:522 [inline]\n cxl_send_cmd+0x9c0/0xb50 drivers/cxl/core/mbox.c:643\n __cxl_memdev_ioctl drivers/cxl/core/memdev.c:698 [inline]\n cxl_memdev_ioctl+0x14f/0x190 drivers/cxl/core/memdev.c:713\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x18e/0x210 fs/ioctl.c:583\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xa8/0x330 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\nRIP: 0033:0x7fdaf331ba79\nCode: ff ff c3 66 2e 0f 1f 84 00 00 00 00 00 0f 1f 40 00 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\nRSP: 002b:00007fdaf1d77038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\nRAX: ffffffffffffffda RBX: 00007fdaf3585fa0 RCX: 00007fdaf331ba79\nRDX: 00002000000001c0 RSI: 00000000c030ce02 RDI: 0000000000000003\nRBP: 00007fdaf33749df R08: 0000000000000000 R09: 0000000000000000\nR10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\nR13: 00007fdaf3586038 R14: 00007fdaf3585fa0 R15: 00007ffced2af768\n \u003c/TASK\u003e\n\nAdd \u0027in_size\u0027 parameter to cxl_payload_from_user_allowed() and validate\nthe payload is large enough.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23327",
"url": "https://www.suse.com/security/cve/CVE-2026-23327"
},
{
"category": "external",
"summary": "SUSE Bug 1260548 for CVE-2026-23327",
"url": "https://bugzilla.suse.com/1260548"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23327"
},
{
"cve": "CVE-2026-23359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix stack-out-of-bounds write in devmap\n\nget_upper_ifindexes() iterates over all upper devices and writes their\nindices into an array without checking bounds.\n\nAlso the callers assume that the max number of upper devices is\nMAX_NEST_DEV and allocate excluded_devices[1+MAX_NEST_DEV] on the stack,\nbut that assumption is not correct and the number of upper devices could\nbe larger than MAX_NEST_DEV (e.g., many macvlans), causing a\nstack-out-of-bounds write.\n\nAdd a max parameter to get_upper_ifindexes() to avoid the issue.\nWhen there are too many upper devices, return -EOVERFLOW and abort the\nredirect.\n\nTo reproduce, create more than MAX_NEST_DEV(8) macvlans on a device with\nan XDP program attached using BPF_F_BROADCAST | BPF_F_EXCLUDE_INGRESS.\nThen send a packet to the device to trigger the XDP redirect path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23359",
"url": "https://www.suse.com/security/cve/CVE-2026-23359"
},
{
"category": "external",
"summary": "SUSE Bug 1260584 for CVE-2026-23359",
"url": "https://bugzilla.suse.com/1260584"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23359"
},
{
"cve": "CVE-2026-23438",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23438"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: mvpp2: guard flow control update with global_tx_fc in buffer switching\n\nmvpp2_bm_switch_buffers() unconditionally calls\nmvpp2_bm_pool_update_priv_fc() when switching between per-cpu and\nshared buffer pool modes. This function programs CM3 flow control\nregisters via mvpp2_cm3_read()/mvpp2_cm3_write(), which dereference\npriv-\u003ecm3_base without any NULL check.\n\nWhen the CM3 SRAM resource is not present in the device tree (the\nthird reg entry added by commit 60523583b07c (\"dts: marvell: add CM3\nSRAM memory to cp11x ethernet device tree\")), priv-\u003ecm3_base remains\nNULL and priv-\u003eglobal_tx_fc is false. Any operation that triggers\nmvpp2_bm_switch_buffers(), for example an MTU change that crosses\nthe jumbo frame threshold, will crash:\n\n Unable to handle kernel NULL pointer dereference at\n virtual address 0000000000000000\n Mem abort info:\n ESR = 0x0000000096000006\n EC = 0x25: DABT (current EL), IL = 32 bits\n pc : readl+0x0/0x18\n lr : mvpp2_cm3_read.isra.0+0x14/0x20\n Call trace:\n readl+0x0/0x18\n mvpp2_bm_pool_update_fc+0x40/0x12c\n mvpp2_bm_pool_update_priv_fc+0x94/0xd8\n mvpp2_bm_switch_buffers.isra.0+0x80/0x1c0\n mvpp2_change_mtu+0x140/0x380\n __dev_set_mtu+0x1c/0x38\n dev_set_mtu_ext+0x78/0x118\n dev_set_mtu+0x48/0xa8\n dev_ifsioc+0x21c/0x43c\n dev_ioctl+0x2d8/0x42c\n sock_ioctl+0x314/0x378\n\nEvery other flow control call site in the driver already guards\nhardware access with either priv-\u003eglobal_tx_fc or port-\u003etx_fc.\nmvpp2_bm_switch_buffers() is the only place that omits this check.\n\nAdd the missing priv-\u003eglobal_tx_fc guard to both the disable and\nre-enable calls in mvpp2_bm_switch_buffers(), consistent with the\nrest of the driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23438",
"url": "https://www.suse.com/security/cve/CVE-2026-23438"
},
{
"category": "external",
"summary": "SUSE Bug 1261619 for CVE-2026-23438",
"url": "https://bugzilla.suse.com/1261619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23438"
},
{
"cve": "CVE-2026-23444",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-23444"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure\n\nieee80211_tx_prepare_skb() has three error paths, but only two of them\nfree the skb. The first error path (ieee80211_tx_prepare() returning\nTX_DROP) does not free it, while invoke_tx_handlers() failure and the\nfragmentation check both do.\n\nAdd kfree_skb() to the first error path so all three are consistent,\nand remove the now-redundant frees in callers (ath9k, mt76,\nmac80211_hwsim) to avoid double-free.\n\nDocument the skb ownership guarantee in the function\u0027s kdoc.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-23444",
"url": "https://www.suse.com/security/cve/CVE-2026-23444"
},
{
"category": "external",
"summary": "SUSE Bug 1266307 for CVE-2026-23444",
"url": "https://bugzilla.suse.com/1266307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-23444"
},
{
"cve": "CVE-2026-31396",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31396"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: macb: fix use-after-free access to PTP clock\n\nPTP clock is registered on every opening of the interface and destroyed on\nevery closing. However it may be accessed via get_ts_info ethtool call\nwhich is possible while the interface is just present in the kernel.\n\nBUG: KASAN: use-after-free in ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\nRead of size 4 at addr ffff8880194345cc by task syz.0.6/948\n\nCPU: 1 PID: 948 Comm: syz.0.6 Not tainted 6.1.164+ #109\nHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.1-0-g3208b098f51a-prebuilt.qemu.org 04/01/2014\nCall Trace:\n \u003cTASK\u003e\n __dump_stack lib/dump_stack.c:88 [inline]\n dump_stack_lvl+0x8d/0xba lib/dump_stack.c:106\n print_address_description mm/kasan/report.c:316 [inline]\n print_report+0x17f/0x496 mm/kasan/report.c:420\n kasan_report+0xd9/0x180 mm/kasan/report.c:524\n ptp_clock_index+0x47/0x50 drivers/ptp/ptp_clock.c:426\n gem_get_ts_info+0x138/0x1e0 drivers/net/ethernet/cadence/macb_main.c:3349\n macb_get_ts_info+0x68/0xb0 drivers/net/ethernet/cadence/macb_main.c:3371\n __ethtool_get_ts_info+0x17c/0x260 net/ethtool/common.c:558\n ethtool_get_ts_info net/ethtool/ioctl.c:2367 [inline]\n __dev_ethtool net/ethtool/ioctl.c:3017 [inline]\n dev_ethtool+0x2b05/0x6290 net/ethtool/ioctl.c:3095\n dev_ioctl+0x637/0x1070 net/core/dev_ioctl.c:510\n sock_do_ioctl+0x20d/0x2c0 net/socket.c:1215\n sock_ioctl+0x577/0x6d0 net/socket.c:1320\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:870 [inline]\n __se_sys_ioctl fs/ioctl.c:856 [inline]\n __x64_sys_ioctl+0x18c/0x210 fs/ioctl.c:856\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n \u003c/TASK\u003e\n\nAllocated by task 457:\n kmalloc include/linux/slab.h:563 [inline]\n kzalloc include/linux/slab.h:699 [inline]\n ptp_clock_register+0x144/0x10e0 drivers/ptp/ptp_clock.c:235\n gem_ptp_init+0x46f/0x930 drivers/net/ethernet/cadence/macb_ptp.c:375\n macb_open+0x901/0xd10 drivers/net/ethernet/cadence/macb_main.c:2920\n __dev_open+0x2ce/0x500 net/core/dev.c:1501\n __dev_change_flags+0x56a/0x740 net/core/dev.c:8651\n dev_change_flags+0x92/0x170 net/core/dev.c:8722\n do_setlink+0xaf8/0x3a80 net/core/rtnetlink.c:2833\n __rtnl_newlink+0xbf4/0x1940 net/core/rtnetlink.c:3608\n rtnl_newlink+0x63/0xa0 net/core/rtnetlink.c:3655\n rtnetlink_rcv_msg+0x3c6/0xed0 net/core/rtnetlink.c:6150\n netlink_rcv_skb+0x15d/0x430 net/netlink/af_netlink.c:2511\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x6d7/0xa30 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x97e/0xeb0 net/netlink/af_netlink.c:1872\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0x14b/0x180 net/socket.c:730\n __sys_sendto+0x320/0x3b0 net/socket.c:2152\n __do_sys_sendto net/socket.c:2164 [inline]\n __se_sys_sendto net/socket.c:2160 [inline]\n __x64_sys_sendto+0xdc/0x1b0 net/socket.c:2160\n do_syscall_x64 arch/x86/entry/common.c:46 [inline]\n do_syscall_64+0x35/0x80 arch/x86/entry/common.c:76\n entry_SYSCALL_64_after_hwframe+0x6e/0xd8\n\nFreed by task 938:\n kasan_slab_free include/linux/kasan.h:177 [inline]\n slab_free_hook mm/slub.c:1729 [inline]\n slab_free_freelist_hook mm/slub.c:1755 [inline]\n slab_free mm/slub.c:3687 [inline]\n __kmem_cache_free+0xbc/0x320 mm/slub.c:3700\n device_release+0xa0/0x240 drivers/base/core.c:2507\n kobject_cleanup lib/kobject.c:681 [inline]\n kobject_release lib/kobject.c:712 [inline]\n kref_put include/linux/kref.h:65 [inline]\n kobject_put+0x1cd/0x350 lib/kobject.c:729\n put_device+0x1b/0x30 drivers/base/core.c:3805\n ptp_clock_unregister+0x171/0x270 drivers/ptp/ptp_clock.c:391\n gem_ptp_remove+0x4e/0x1f0 drivers/net/ethernet/cadence/macb_ptp.c:404\n macb_close+0x1c8/0x270 drivers/net/ethernet/cadence/macb_main.c:2966\n __dev_close_many+0x1b9/0x310 net/core/dev.c:1585\n __dev_close net/core/dev.c:1597 [inline]\n __dev_change_flags+0x2bb/0x740 net/core/dev.c:8649\n dev_change_fl\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31396",
"url": "https://www.suse.com/security/cve/CVE-2026-31396"
},
{
"category": "external",
"summary": "SUSE Bug 1261791 for CVE-2026-31396",
"url": "https://bugzilla.suse.com/1261791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31396"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31446",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31446"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix use-after-free in update_super_work when racing with umount\n\nCommit b98535d09179 (\"ext4: fix bug_on in start_this_handle during umount\nfilesystem\") moved ext4_unregister_sysfs() before flushing s_sb_upd_work\nto prevent new error work from being queued via /proc/fs/ext4/xx/mb_groups\nreads during unmount. However, this introduced a use-after-free because\nupdate_super_work calls ext4_notify_error_sysfs() -\u003e sysfs_notify() which\naccesses the kobject\u0027s kernfs_node after it has been freed by kobject_del()\nin ext4_unregister_sysfs():\n\n update_super_work ext4_put_super\n ----------------- --------------\n ext4_unregister_sysfs(sb)\n kobject_del(\u0026sbi-\u003es_kobj)\n __kobject_del()\n sysfs_remove_dir()\n kobj-\u003esd = NULL\n sysfs_put(sd)\n kernfs_put() // RCU free\n ext4_notify_error_sysfs(sbi)\n sysfs_notify(\u0026sbi-\u003es_kobj)\n kn = kobj-\u003esd // stale pointer\n kernfs_get(kn) // UAF on freed kernfs_node\n ext4_journal_destroy()\n flush_work(\u0026sbi-\u003es_sb_upd_work)\n\nInstead of reordering the teardown sequence, fix this by making\next4_notify_error_sysfs() detect that sysfs has already been torn down\nby checking s_kobj.state_in_sysfs, and skipping the sysfs_notify() call\nin that case. A dedicated mutex (s_error_notify_mutex) serializes\next4_notify_error_sysfs() against kobject_del() in ext4_unregister_sysfs()\nto prevent TOCTOU races where the kobject could be deleted between the\nstate_in_sysfs check and the sysfs_notify() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31446",
"url": "https://www.suse.com/security/cve/CVE-2026-31446"
},
{
"category": "external",
"summary": "SUSE Bug 1262619 for CVE-2026-31446",
"url": "https://bugzilla.suse.com/1262619"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31446"
},
{
"cve": "CVE-2026-31448",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31448"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid infinite loops caused by residual data\n\nOn the mkdir/mknod path, when mapping logical blocks to physical blocks,\nif inserting a new extent into the extent tree fails (in this example,\nbecause the file system disabled the huge file feature when marking the\ninode as dirty), ext4_ext_map_blocks() only calls ext4_free_blocks() to\nreclaim the physical block without deleting the corresponding data in\nthe extent tree. This causes subsequent mkdir operations to reference\nthe previously reclaimed physical block number again, even though this\nphysical block is already being used by the xattr block. Therefore, a\nsituation arises where both the directory and xattr are using the same\nbuffer head block in memory simultaneously.\n\nThe above causes ext4_xattr_block_set() to enter an infinite loop about\n\"inserted\" and cannot release the inode lock, ultimately leading to the\n143s blocking problem mentioned in [1].\n\nIf the metadata is corrupted, then trying to remove some extent space\ncan do even more harm. Also in case EXT4_GET_BLOCKS_DELALLOC_RESERVE\nwas passed, remove space wrongly update quota information.\nJan Kara suggests distinguishing between two cases:\n\n1) The error is ENOSPC or EDQUOT - in this case the filesystem is fully\nconsistent and we must maintain its consistency including all the\naccounting. However these errors can happen only early before we\u0027ve\ninserted the extent into the extent tree. So current code works correctly\nfor this case.\n\n2) Some other error - this means metadata is corrupted. We should strive to\ndo as few modifications as possible to limit damage. So I\u0027d just skip\nfreeing of allocated blocks.\n\n[1]\nINFO: task syz.0.17:5995 blocked for more than 143 seconds.\nCall Trace:\n inode_lock_nested include/linux/fs.h:1073 [inline]\n __start_dirop fs/namei.c:2923 [inline]\n start_dirop fs/namei.c:2934 [inline]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31448",
"url": "https://www.suse.com/security/cve/CVE-2026-31448"
},
{
"category": "external",
"summary": "SUSE Bug 1262622 for CVE-2026-31448",
"url": "https://bugzilla.suse.com/1262622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31448"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31454",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31454"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: save ailp before dropping the AIL lock in push callbacks\n\nIn xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock\nis dropped to perform buffer IO. Once the cluster buffer no longer\nprotects the log item from reclaim, the log item may be freed by\nbackground reclaim or the dquot shrinker. The subsequent spin_lock()\ncall dereferences lip-\u003eli_ailp, which is a use-after-free.\n\nFix this by saving the ailp pointer in a local variable while the AIL\nlock is held and the log item is guaranteed to be valid.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31454",
"url": "https://www.suse.com/security/cve/CVE-2026-31454"
},
{
"category": "external",
"summary": "SUSE Bug 1262624 for CVE-2026-31454",
"url": "https://bugzilla.suse.com/1262624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31454"
},
{
"cve": "CVE-2026-31455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: stop reclaim before pushing AIL during unmount\n\nThe unmount sequence in xfs_unmount_flush_inodes() pushed the AIL while\nbackground reclaim and inodegc are still running. This is broken\nindependently of any use-after-free issues - background reclaim and\ninodegc should not be running while the AIL is being pushed during\nunmount, as inodegc can dirty and insert inodes into the AIL during the\nflush, and background reclaim can race to abort and free dirty inodes.\n\nReorder xfs_unmount_flush_inodes() to stop inodegc and cancel background\nreclaim before pushing the AIL. Stop inodegc before cancelling\nm_reclaim_work because the inodegc worker can re-queue m_reclaim_work\nvia xfs_inodegc_set_reclaimable.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31455",
"url": "https://www.suse.com/security/cve/CVE-2026-31455"
},
{
"category": "external",
"summary": "SUSE Bug 1262615 for CVE-2026-31455",
"url": "https://bugzilla.suse.com/1262615"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31455"
},
{
"cve": "CVE-2026-31464",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31464"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done()\n\nA malicious or compromised VIO server can return a num_written value in the\ndiscover targets MAD response that exceeds max_targets. This value is\nstored directly in vhost-\u003enum_targets without validation, and is then used\nas the loop bound in ibmvfc_alloc_targets() to index into disc_buf[], which\nis only allocated for max_targets entries. Indices at or beyond max_targets\naccess kernel memory outside the DMA-coherent allocation. The\nout-of-bounds data is subsequently embedded in Implicit Logout and PLOGI\nMADs that are sent back to the VIO server, leaking kernel memory.\n\nFix by clamping num_written to max_targets before storing it.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31464",
"url": "https://www.suse.com/security/cve/CVE-2026-31464"
},
{
"category": "external",
"summary": "SUSE Bug 1262656 for CVE-2026-31464",
"url": "https://bugzilla.suse.com/1262656"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31464"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31473",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31473"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmedia: mc, v4l2: serialize REINIT and REQBUFS with req_queue_mutex\n\nMEDIA_REQUEST_IOC_REINIT can run concurrently with VIDIOC_REQBUFS(0)\nqueue teardown paths. This can race request object cleanup against vb2\nqueue cancellation and lead to use-after-free reports.\n\nWe already serialize request queueing against STREAMON/OFF with\nreq_queue_mutex. Extend that serialization to REQBUFS, and also take\nthe same mutex in media_request_ioctl_reinit() so REINIT is in the\nsame exclusion domain.\n\nThis keeps request cleanup and queue cancellation from running in\nparallel for request-capable devices.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31473",
"url": "https://www.suse.com/security/cve/CVE-2026-31473"
},
{
"category": "external",
"summary": "SUSE Bug 1262663 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262663"
},
{
"category": "external",
"summary": "SUSE Bug 1262775 for CVE-2026-31473",
"url": "https://bugzilla.suse.com/1262775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31473"
},
{
"cve": "CVE-2026-31480",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31480"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntracing: Fix potential deadlock in cpu hotplug with osnoise\n\nThe following sequence may leads deadlock in cpu hotplug:\n\n task1 task2 task3\n ----- ----- -----\n\n mutex_lock(\u0026interface_lock)\n\n [CPU GOING OFFLINE]\n\n cpus_write_lock();\n osnoise_cpu_die();\n kthread_stop(task3);\n wait_for_completion();\n\n osnoise_sleep();\n mutex_lock(\u0026interface_lock);\n\n cpus_read_lock();\n\n [DEAD LOCK]\n\nFix by swap the order of cpus_read_lock() and mutex_lock(\u0026interface_lock).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31480",
"url": "https://www.suse.com/security/cve/CVE-2026-31480"
},
{
"category": "external",
"summary": "SUSE Bug 1262634 for CVE-2026-31480",
"url": "https://bugzilla.suse.com/1262634"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31480"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31493",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31493"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/efa: Fix use of completion ctx after free\n\nOn admin queue completion handling, if the admin command completed with\nerror we print data from the completion context. The issue is that we\nalready freed the completion context in polling/interrupts handler which\nmeans we print data from context in an unknown state (it might be\nalready used again).\nChange the admin submission flow so alloc/dealloc of the context will be\nsymmetric and dealloc will be called after any potential use of the\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31493",
"url": "https://www.suse.com/security/cve/CVE-2026-31493"
},
{
"category": "external",
"summary": "SUSE Bug 1262668 for CVE-2026-31493",
"url": "https://bugzilla.suse.com/1262668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31493"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31516",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31516"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: prevent policy_hthresh.work from racing with netns teardown\n\nA XFRM_MSG_NEWSPDINFO request can queue the per-net work item\npolicy_hthresh.work onto the system workqueue.\n\nThe queued callback, xfrm_hash_rebuild(), retrieves the enclosing\nstruct net via container_of(). If the net namespace is torn down\nbefore that work runs, the associated struct net may already have\nbeen freed, and xfrm_hash_rebuild() may then dereference stale memory.\n\nxfrm_policy_fini() already flushes policy_hash_work during teardown,\nbut it does not synchronize policy_hthresh.work.\n\nSynchronize policy_hthresh.work in xfrm_policy_fini() as well, so the\nqueued work cannot outlive the net namespace teardown and access a\nfreed struct net.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31516",
"url": "https://www.suse.com/security/cve/CVE-2026-31516"
},
{
"category": "external",
"summary": "SUSE Bug 1262755 for CVE-2026-31516",
"url": "https://bugzilla.suse.com/1262755"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31516"
},
{
"cve": "CVE-2026-31518",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31518"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nesp: fix skb leak with espintcp and async crypto\n\nWhen the TX queue for espintcp is full, esp_output_tail_tcp will\nreturn an error and not free the skb, because with synchronous crypto,\nthe common xfrm output code will drop the packet for us.\n\nWith async crypto (esp_output_done), we need to drop the skb when\nesp_output_tail_tcp returns an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31518",
"url": "https://www.suse.com/security/cve/CVE-2026-31518"
},
{
"category": "external",
"summary": "SUSE Bug 1262606 for CVE-2026-31518",
"url": "https://bugzilla.suse.com/1262606"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31518"
},
{
"cve": "CVE-2026-31546",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31546"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: bonding: fix NULL deref in bond_debug_rlb_hash_show\n\nrlb_clear_slave intentionally keeps RLB hash-table entries on\nthe rx_hashtbl_used_head list with slave set to NULL when no\nreplacement slave is available. However, bond_debug_rlb_hash_show\nvisites client_info-\u003eslave without checking if it\u0027s NULL.\n\nOther used-list iterators in bond_alb.c already handle this NULL-slave\nstate safely:\n\n- rlb_update_client returns early on !client_info-\u003eslave\n- rlb_req_update_slave_clients, rlb_clear_slave, and rlb_rebalance\ncompare slave values before visiting\n- lb_req_update_subnet_clients continues if slave is NULL\n\nThe following NULL deref crash can be trigger in\nbond_debug_rlb_hash_show:\n\n[ 1.289791] BUG: kernel NULL pointer dereference, address: 0000000000000000\n[ 1.292058] RIP: 0010:bond_debug_rlb_hash_show (drivers/net/bonding/bond_debugfs.c:41)\n[ 1.293101] RSP: 0018:ffffc900004a7d00 EFLAGS: 00010286\n[ 1.293333] RAX: 0000000000000000 RBX: ffff888102b48200 RCX: ffff888102b48204\n[ 1.293631] RDX: ffff888102b48200 RSI: ffffffff839daad5 RDI: ffff888102815078\n[ 1.293924] RBP: ffff888102815078 R08: ffff888102b4820e R09: 0000000000000000\n[ 1.294267] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888100f929c0\n[ 1.294564] R13: ffff888100f92a00 R14: 0000000000000001 R15: ffffc900004a7ed8\n[ 1.294864] FS: 0000000001395380(0000) GS:ffff888196e75000(0000) knlGS:0000000000000000\n[ 1.295239] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 1.295480] CR2: 0000000000000000 CR3: 0000000102adc004 CR4: 0000000000772ef0\n[ 1.295897] Call Trace:\n[ 1.296134] seq_read_iter (fs/seq_file.c:231)\n[ 1.296341] seq_read (fs/seq_file.c:164)\n[ 1.296493] full_proxy_read (fs/debugfs/file.c:378 (discriminator 1))\n[ 1.296658] vfs_read (fs/read_write.c:572)\n[ 1.296981] ksys_read (fs/read_write.c:717)\n[ 1.297132] do_syscall_64 (arch/x86/entry/syscall_64.c:63 (discriminator 1) arch/x86/entry/syscall_64.c:94 (discriminator 1))\n[ 1.297325] entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n\nAdd a NULL check and print \"(none)\" for entries with no assigned slave.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31546",
"url": "https://www.suse.com/security/cve/CVE-2026-31546"
},
{
"category": "external",
"summary": "SUSE Bug 1263006 for CVE-2026-31546",
"url": "https://bugzilla.suse.com/1263006"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31546"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31580",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31580"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbcache: fix cached_dev.sb_bio use-after-free and crash\n\nIn our production environment, we have received multiple crash reports\nregarding libceph, which have caught our attention:\n\n```\n[6888366.280350] Call Trace:\n[6888366.280452] blk_update_request+0x14e/0x370\n[6888366.280561] blk_mq_end_request+0x1a/0x130\n[6888366.280671] rbd_img_handle_request+0x1a0/0x1b0 [rbd]\n[6888366.280792] rbd_obj_handle_request+0x32/0x40 [rbd]\n[6888366.280903] __complete_request+0x22/0x70 [libceph]\n[6888366.281032] osd_dispatch+0x15e/0xb40 [libceph]\n[6888366.281164] ? inet_recvmsg+0x5b/0xd0\n[6888366.281272] ? ceph_tcp_recvmsg+0x6f/0xa0 [libceph]\n[6888366.281405] ceph_con_process_message+0x79/0x140 [libceph]\n[6888366.281534] ceph_con_v1_try_read+0x5d7/0xf30 [libceph]\n[6888366.281661] ceph_con_workfn+0x329/0x680 [libceph]\n```\n\nAfter analyzing the coredump file, we found that the address of\ndc-\u003esb_bio has been freed. We know that cached_dev is only freed when it\nis stopped.\n\nSince sb_bio is a part of struct cached_dev, rather than an alloc every\ntime. If the device is stopped while writing to the superblock, the\nreleased address will be accessed at endio.\n\nThis patch hopes to wait for sb_write to complete in cached_dev_free.\n\nIt should be noted that we analyzed the cause of the problem, then tell\nall details to the QWEN and adopted the modifications it made.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31580",
"url": "https://www.suse.com/security/cve/CVE-2026-31580"
},
{
"category": "external",
"summary": "SUSE Bug 1263169 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263169"
},
{
"category": "external",
"summary": "SUSE Bug 1263171 for CVE-2026-31580",
"url": "https://bugzilla.suse.com/1263171"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31580"
},
{
"cve": "CVE-2026-31590",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31590"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION\n\nDrop the WARN in sev_pin_memory() on npages overflowing an int, as the\nWARN is comically trivially to trigger from userspace, e.g. by doing:\n\n struct kvm_enc_region range = {\n .addr = 0,\n .size = -1ul,\n };\n\n __vm_ioctl(vm, KVM_MEMORY_ENCRYPT_REG_REGION, \u0026range);\n\nNote, the checks in sev_mem_enc_register_region() that presumably exist to\nverify the incoming address+size are completely worthless, as both \"addr\"\nand \"size\" are u64s and SEV is 64-bit only, i.e. they _can\u0027t_ be greater\nthan ULONG_MAX. That wart will be cleaned up in the near future.\n\n\tif (range-\u003eaddr \u003e ULONG_MAX || range-\u003esize \u003e ULONG_MAX)\n\t\treturn -EINVAL;\n\nOpportunistically add a comment to explain why the code calculates the\nnumber of pages the \"hard\" way, e.g. instead of just shifting @ulen.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31590",
"url": "https://www.suse.com/security/cve/CVE-2026-31590"
},
{
"category": "external",
"summary": "SUSE Bug 1263152 for CVE-2026-31590",
"url": "https://bugzilla.suse.com/1263152"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31590"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31596",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31596"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocfs2: handle invalid dinode in ocfs2_group_extend\n\n[BUG]\nkernel BUG at fs/ocfs2/resize.c:308!\nOops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\nRIP: 0010:ocfs2_group_extend+0x10aa/0x1ae0 fs/ocfs2/resize.c:308\nCode: 8b8520ff ffff83f8 860f8580 030000e8 5cc3c1fe\nCall Trace:\n ...\n ocfs2_ioctl+0x175/0x6e0 fs/ocfs2/ioctl.c:869\n vfs_ioctl fs/ioctl.c:51 [inline]\n __do_sys_ioctl fs/ioctl.c:597 [inline]\n __se_sys_ioctl fs/ioctl.c:583 [inline]\n __x64_sys_ioctl+0x197/0x1e0 fs/ioctl.c:583\n x64_sys_call+0x1144/0x26a0 arch/x86/include/generated/asm/syscalls_64.h:17\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x93/0xf80 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n ...\n\n[CAUSE]\nocfs2_group_extend() assumes that the global bitmap inode block\nreturned from ocfs2_inode_lock() has already been validated and\nBUG_ONs when the signature is not a dinode. That assumption is too\nstrong for crafted filesystems because the JBD2-managed buffer path\ncan bypass structural validation and return an invalid dinode to the\nresize ioctl.\n\n[FIX]\nValidate the dinode explicitly in ocfs2_group_extend(). If the global\nbitmap buffer does not contain a valid dinode, report filesystem\ncorruption with ocfs2_error() and fail the resize operation instead of\ncrashing the kernel.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31596",
"url": "https://www.suse.com/security/cve/CVE-2026-31596"
},
{
"category": "external",
"summary": "SUSE Bug 1263319 for CVE-2026-31596",
"url": "https://bugzilla.suse.com/1263319"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31596"
},
{
"cve": "CVE-2026-31613",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31613"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix OOB reads parsing symlink error response\n\nWhen a CREATE returns STATUS_STOPPED_ON_SYMLINK, smb2_check_message()\nreturns success without any length validation, leaving the symlink\nparsers as the only defense against an untrusted server.\n\nsymlink_data() walks SMB 3.1.1 error contexts with the loop test \"p \u003c\nend\", but reads p-\u003eErrorId at offset 4 and p-\u003eErrorDataLength at offset\n0. When the server-controlled ErrorDataLength advances p to within 1-7\nbytes of end, the next iteration will read past it. When the matching\ncontext is found, sym-\u003eSymLinkErrorTag is read at offset 4 from\np-\u003eErrorContextData with no check that the symlink header itself fits.\n\nsmb2_parse_symlink_response() then bounds-checks the substitute name\nusing SMB2_SYMLINK_STRUCT_SIZE as the offset of PathBuffer from\niov_base. That value is computed as sizeof(smb2_err_rsp) +\nsizeof(smb2_symlink_err_rsp), which is correct only when\nErrorContextCount == 0.\n\nWith at least one error context the symlink data sits 8 bytes deeper,\nand each skipped non-matching context shifts it further by 8 +\nALIGN(ErrorDataLength, 8). The check is too short, allowing the\nsubstitute name read to run past iov_len. The out-of-bound heap bytes\nare UTF-16-decoded into the symlink target and returned to userspace via\nreadlink(2).\n\nFix this all up by making the loops test require the full context header\nto fit, rejecting sym if its header runs past end, and bound the\nsubstitute name against the actual position of sym-\u003ePathBuffer rather\nthan a fixed offset.\n\nBecause sub_offs and sub_len are 16bits, the pointer math will not\noverflow here with the new greater-than.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31613",
"url": "https://www.suse.com/security/cve/CVE-2026-31613"
},
{
"category": "external",
"summary": "SUSE Bug 1263769 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263769"
},
{
"category": "external",
"summary": "SUSE Bug 1263770 for CVE-2026-31613",
"url": "https://bugzilla.suse.com/1263770"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31613"
},
{
"cve": "CVE-2026-31614",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31614"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix off-by-8 bounds check in check_wsl_eas()\n\nThe bounds check uses (u8 *)ea + nlen + 1 + vlen as the end of the EA\nname and value, but ea_data sits at offset sizeof(struct\nsmb2_file_full_ea_info) = 8 from ea, not at offset 0. The strncmp()\nlater reads ea-\u003eea_data[0..nlen-1] and the value bytes follow at\nea_data[nlen+1..nlen+vlen], so the actual end is ea-\u003eea_data + nlen + 1\n+ vlen. Isn\u0027t pointer math fun?\n\nThe earlier check (u8 *)ea \u003e end - sizeof(*ea) only guarantees the\n8-byte header is in bounds, but since the last EA is placed within 8\nbytes of the end of the response, the name and value bytes are read past\nthe end of iov.\n\nFix this mess all up by using ea-\u003eea_data as the base for the bounds\ncheck.\n\nAn \"untrusted\" server can use this to leak up to 8 bytes of kernel heap\ninto the EA name comparison and influence which WSL xattr the data is\ninterpreted as.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31614",
"url": "https://www.suse.com/security/cve/CVE-2026-31614"
},
{
"category": "external",
"summary": "SUSE Bug 1263774 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263774"
},
{
"category": "external",
"summary": "SUSE Bug 1263775 for CVE-2026-31614",
"url": "https://bugzilla.suse.com/1263775"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31614"
},
{
"cve": "CVE-2026-31629",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31629"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfc: llcp: add missing return after LLCP_CLOSED checks\n\nIn nfc_llcp_recv_hdlc() and nfc_llcp_recv_disc(), when the socket\nstate is LLCP_CLOSED, the code correctly calls release_sock() and\nnfc_llcp_sock_put() but fails to return. Execution falls through to\nthe remainder of the function, which calls release_sock() and\nnfc_llcp_sock_put() again. This results in a double release_sock()\nand a refcount underflow via double nfc_llcp_sock_put(), leading to\na use-after-free.\n\nAdd the missing return statements after the LLCP_CLOSED branches\nin both functions to prevent the fall-through.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31629",
"url": "https://www.suse.com/security/cve/CVE-2026-31629"
},
{
"category": "external",
"summary": "SUSE Bug 1263790 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263790"
},
{
"category": "external",
"summary": "SUSE Bug 1263791 for CVE-2026-31629",
"url": "https://bugzilla.suse.com/1263791"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31629"
},
{
"cve": "CVE-2026-31655",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31655"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\npmdomain: imx8mp-blk-ctrl: Keep the NOC_HDCP clock enabled\n\nKeep the NOC_HDCP clock always enabled to fix the potential hang\ncaused by the NoC ADB400 port power down handshake.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31655",
"url": "https://www.suse.com/security/cve/CVE-2026-31655"
},
{
"category": "external",
"summary": "SUSE Bug 1263724 for CVE-2026-31655",
"url": "https://bugzilla.suse.com/1263724"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31655"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31671",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31671"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm_user: fix info leak in build_report()\n\nstruct xfrm_user_report is a __u8 proto field followed by a struct\nxfrm_selector which means there is three \"empty\" bytes of padding, but\nthe padding is never zeroed before copying to userspace. Fix that up by\nzeroing the structure before setting individual member variables.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31671",
"url": "https://www.suse.com/security/cve/CVE-2026-31671"
},
{
"category": "external",
"summary": "SUSE Bug 1263115 for CVE-2026-31671",
"url": "https://bugzilla.suse.com/1263115"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-31671"
},
{
"cve": "CVE-2026-31673",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31673"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\naf_unix: read UNIX_DIAG_VFS data under unix_state_lock\n\nExact UNIX diag lookups hold a reference to the socket, but not to\nu-\u003epath. Meanwhile, unix_release_sock() clears u-\u003epath under\nunix_state_lock() and drops the path reference after unlocking.\n\nRead the inode and device numbers for UNIX_DIAG_VFS while holding\nunix_state_lock(), then emit the netlink attribute after dropping the\nlock.\n\nThis keeps the VFS data stable while the reply is being built.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31673",
"url": "https://www.suse.com/security/cve/CVE-2026-31673"
},
{
"category": "external",
"summary": "SUSE Bug 1263143 for CVE-2026-31673",
"url": "https://bugzilla.suse.com/1263143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31673"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31678",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31678"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: defer tunnel netdev_put to RCU release\n\novs_netdev_tunnel_destroy() may run after NETDEV_UNREGISTER already\ndetached the device. Dropping the netdev reference in destroy can race\nwith concurrent readers that still observe vport-\u003edev.\n\nDo not release vport-\u003edev in ovs_netdev_tunnel_destroy(). Instead, let\nvport_netdev_free() drop the reference from the RCU callback, matching\nthe non-tunnel destroy path and avoiding additional synchronization\nunder RTNL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31678",
"url": "https://www.suse.com/security/cve/CVE-2026-31678"
},
{
"category": "external",
"summary": "SUSE Bug 1263562 for CVE-2026-31678",
"url": "https://bugzilla.suse.com/1263562"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31678"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31703",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31703"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwriteback: Fix use after free in inode_switch_wbs_work_fn()\n\ninode_switch_wbs_work_fn() has a loop like:\n\n wb_get(new_wb);\n while (1) {\n list = llist_del_all(\u0026new_wb-\u003eswitch_wbs_ctxs);\n /* Nothing to do? */\n if (!list)\n break;\n ... process the items ...\n }\n\nNow adding of items to the list looks like:\n\nwb_queue_isw()\n if (llist_add(\u0026isw-\u003elist, \u0026wb-\u003eswitch_wbs_ctxs))\n queue_work(isw_wq, \u0026wb-\u003eswitch_work);\n\nBecause inode_switch_wbs_work_fn() loops when processing isw items, it\ncan happen that wb-\u003eswitch_work is pending while wb-\u003eswitch_wbs_ctxs is\nempty. This is a problem because in that case wb can get freed (no isw\nitems -\u003e no wb reference) while the work is still pending causing\nuse-after-free issues.\n\nWe cannot just fix this by cancelling work when freeing wb because that\ncould still trigger problematic 0 -\u003e 1 transitions on wb refcount due to\nwb_get() in inode_switch_wbs_work_fn(). It could be all handled with\nmore careful code but that seems unnecessarily complex so let\u0027s avoid\nthat until it is proven that the looping actually brings practical\nbenefit. Just remove the loop from inode_switch_wbs_work_fn() instead.\nThat way when wb_queue_isw() queues work, we are guaranteed we have\nadded the first item to wb-\u003eswitch_wbs_ctxs and nobody is going to\nremove it (and drop the wb reference it holds) until the queued work\nruns.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31703",
"url": "https://www.suse.com/security/cve/CVE-2026-31703"
},
{
"category": "external",
"summary": "SUSE Bug 1263883 for CVE-2026-31703",
"url": "https://bugzilla.suse.com/1263883"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31703"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31758",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31758"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: usbtmc: Flush anchored URBs in usbtmc_release\n\nWhen calling usbtmc_release, pending anchored URBs must be flushed or\nkilled to prevent use-after-free errors (e.g. in the HCD giveback\npath). Call usbtmc_draw_down() to allow anchored URBs to be completed.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31758",
"url": "https://www.suse.com/security/cve/CVE-2026-31758"
},
{
"category": "external",
"summary": "SUSE Bug 1264093 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264093"
},
{
"category": "external",
"summary": "SUSE Bug 1264094 for CVE-2026-31758",
"url": "https://bugzilla.suse.com/1264094"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31758"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31767",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31767"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/i915/dsi: Don\u0027t do DSC horizontal timing adjustments in command mode\n\nStop adjusting the horizontal timing values based on the\ncompression ratio in command mode. Bspec seems to be telling\nus to do this only in video mode, and this is also how the\nWindows driver does things.\n\nThis should also fix a div-by-zero on some machines because\nthe adjusted htotal ends up being so small that we end up with\nline_time_us==0 when trying to determine the vtotal value in\ncommand mode.\n\nNote that this doesn\u0027t actually make the display on the\nHuawei Matebook E work, but at least the kernel no longer\nexplodes when the driver loads.\n\n(cherry picked from commit 0b475e91ecc2313207196c6d7fd5c53e1a878525)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31767",
"url": "https://www.suse.com/security/cve/CVE-2026-31767"
},
{
"category": "external",
"summary": "SUSE Bug 1264124 for CVE-2026-31767",
"url": "https://bugzilla.suse.com/1264124"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-31767"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43013",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43013"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/mlx5: lag: Check for LAG device before creating debugfs\n\n__mlx5_lag_dev_add_mdev() may return 0 (success) even when an error\noccurs that is handled gracefully. Consequently, the initialization\nflow proceeds to call mlx5_ldev_add_debugfs() even when there is no\nvalid LAG context.\n\nmlx5_ldev_add_debugfs() blindly created the debugfs directory and\nattributes. This exposed interfaces (like the members file) that rely on\na valid ldev pointer, leading to potential NULL pointer dereferences if\naccessed when ldev is NULL.\n\nAdd a check to verify that mlx5_lag_dev(dev) returns a valid pointer\nbefore attempting to create the debugfs entries.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43013",
"url": "https://www.suse.com/security/cve/CVE-2026-43013"
},
{
"category": "external",
"summary": "SUSE Bug 1264011 for CVE-2026-43013",
"url": "https://bugzilla.suse.com/1264011"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43013"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43026",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43026"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent\n\nctnetlink_alloc_expect() allocates expectations from a non-zeroing\nslab cache via nf_ct_expect_alloc(). When CTA_EXPECT_NAT is not\npresent in the netlink message, saved_addr and saved_proto are\nnever initialized. Stale data from a previous slab occupant can\nthen be dumped to userspace by ctnetlink_exp_dump_expect(), which\nchecks these fields to decide whether to emit CTA_EXPECT_NAT.\n\nThe safe sibling nf_ct_expect_init(), used by the packet path,\nexplicitly zeroes these fields.\n\nZero saved_addr, saved_proto and dir in the else branch, guarded\nby IS_ENABLED(CONFIG_NF_NAT) since these fields only exist when\nNAT is enabled.\n\nConfirmed by priming the expect slab with NAT-bearing expectations,\nfreeing them, creating a new expectation without CTA_EXPECT_NAT,\nand observing that the ctnetlink dump emits a spurious\nCTA_EXPECT_NAT containing stale data from the prior allocation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43026",
"url": "https://www.suse.com/security/cve/CVE-2026-43026"
},
{
"category": "external",
"summary": "SUSE Bug 1263932 for CVE-2026-43026",
"url": "https://bugzilla.suse.com/1263932"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43026"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43030",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43030"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix regsafe() for pointers to packet\n\nIn case rold-\u003ereg-\u003erange == BEYOND_PKT_END \u0026\u0026 rcur-\u003ereg-\u003erange == N\nregsafe() may return true which may lead to current state with\nvalid packet range not being explored. Fix the bug.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43030",
"url": "https://www.suse.com/security/cve/CVE-2026-43030"
},
{
"category": "external",
"summary": "SUSE Bug 1264000 for CVE-2026-43030",
"url": "https://bugzilla.suse.com/1264000"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43030"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43040",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43040"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX fields to zero to prevent an info-leak\n\nWhen processing Router Advertisements with user options the kernel\nbuilds an RTM_NEWNDUSEROPT netlink message. The nduseroptmsg struct\nhas three padding fields that are never zeroed and can leak kernel data\n\nThe fix is simple, just zeroes the padding fields.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43040",
"url": "https://www.suse.com/security/cve/CVE-2026-43040"
},
{
"category": "external",
"summary": "SUSE Bug 1264091 for CVE-2026-43040",
"url": "https://bugzilla.suse.com/1264091"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43040"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43052",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43052"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: mac80211: check tdls flag in ieee80211_tdls_oper\n\nWhen NL80211_TDLS_ENABLE_LINK is called, the code only checks if the\nstation exists but not whether it is actually a TDLS station. This\nallows the operation to proceed for non-TDLS stations, causing\nunintended side effects like modifying channel context and HT\nprotection before failing.\n\nAdd a check for sta-\u003esta.tdls early in the ENABLE_LINK case, before\nany side effects occur, to ensure the operation is only allowed for\nactual TDLS peers.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43052",
"url": "https://www.suse.com/security/cve/CVE-2026-43052"
},
{
"category": "external",
"summary": "SUSE Bug 1263945 for CVE-2026-43052",
"url": "https://bugzilla.suse.com/1263945"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43052"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43054",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43054"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: target: tcm_loop: Drain commands in target_reset handler\n\ntcm_loop_target_reset() violates the SCSI EH contract: it returns SUCCESS\nwithout draining any in-flight commands. The SCSI EH documentation\n(scsi_eh.rst) requires that when a reset handler returns SUCCESS the driver\nhas made lower layers \"forget about timed out scmds\" and is ready for new\ncommands. Every other SCSI LLD (virtio_scsi, mpt3sas, ipr, scsi_debug,\nmpi3mr) enforces this by draining or completing outstanding commands before\nreturning SUCCESS.\n\nBecause tcm_loop_target_reset() doesn\u0027t drain, the SCSI EH reuses in-flight\nscsi_cmnd structures for recovery commands (e.g. TUR) while the target core\nstill has async completion work queued for the old se_cmd. The memset in\nqueuecommand zeroes se_lun and lun_ref_active, causing\ntransport_lun_remove_cmd() to skip its percpu_ref_put(). The leaked LUN\nreference prevents transport_clear_lun_ref() from completing, hanging\nconfigfs LUN unlink forever in D-state:\n\n INFO: task rm:264 blocked for more than 122 seconds.\n rm D 0 264 258 0x00004000\n Call Trace:\n __schedule+0x3d0/0x8e0\n schedule+0x36/0xf0\n transport_clear_lun_ref+0x78/0x90 [target_core_mod]\n core_tpg_remove_lun+0x28/0xb0 [target_core_mod]\n target_fabric_port_unlink+0x50/0x60 [target_core_mod]\n configfs_unlink+0x156/0x1f0 [configfs]\n vfs_unlink+0x109/0x290\n do_unlinkat+0x1d5/0x2d0\n\nFix this by making tcm_loop_target_reset() actually drain commands:\n\n 1. Issue TMR_LUN_RESET via tcm_loop_issue_tmr() to drain all commands that\n the target core knows about (those not yet CMD_T_COMPLETE).\n\n 2. Use blk_mq_tagset_busy_iter() to iterate all started requests and\n flush_work() on each se_cmd - this drains any deferred completion work\n for commands that already had CMD_T_COMPLETE set before the TMR (which\n the TMR skips via __target_check_io_state()). This is the same pattern\n used by mpi3mr, scsi_debug, and libsas to drain outstanding commands\n during reset.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43054",
"url": "https://www.suse.com/security/cve/CVE-2026-43054"
},
{
"category": "external",
"summary": "SUSE Bug 1264063 for CVE-2026-43054",
"url": "https://bugzilla.suse.com/1264063"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43054"
},
{
"cve": "CVE-2026-43059",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43059"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: MGMT: Fix list corruption and UAF in command complete handlers\n\nCommit 302a1f674c00 (\"Bluetooth: MGMT: Fix possible UAFs\") introduced\nmgmt_pending_valid(), which not only validates the pending command but\nalso unlinks it from the pending list if it is valid. This change in\nsemantics requires updates to several completion handlers to avoid list\ncorruption and memory safety issues.\n\nThis patch addresses two left-over issues from the aforementioned rework:\n\n1. In mgmt_add_adv_patterns_monitor_complete(), mgmt_pending_remove()\nis replaced with mgmt_pending_free() in the success path. Since\nmgmt_pending_valid() already unlinks the command at the beginning of\nthe function, calling mgmt_pending_remove() leads to a double list_del()\nand subsequent list corruption/kernel panic.\n\n2. In set_mesh_complete(), the use of mgmt_pending_foreach() in the error\npath is removed. Since the current command is already unlinked by\nmgmt_pending_valid(), this foreach loop would incorrectly target other\npending mesh commands, potentially freeing them while they are still being\nprocessed concurrently (leading to UAFs). The redundant mgmt_cmd_status()\nis also simplified to use cmd-\u003eopcode directly.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43059",
"url": "https://www.suse.com/security/cve/CVE-2026-43059"
},
{
"category": "external",
"summary": "SUSE Bug 1264184 for CVE-2026-43059",
"url": "https://bugzilla.suse.com/1264184"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43059"
},
{
"cve": "CVE-2026-43065",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43065"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: always drain queued discard work in ext4_mb_release()\n\nWhile reviewing recent ext4 patch[1], Sashiko raised the following\nconcern[2]:\n\n\u003e If the filesystem is initially mounted with the discard option,\n\u003e deleting files will populate sbi-\u003es_discard_list and queue\n\u003e s_discard_work. If it is then remounted with nodiscard, the\n\u003e EXT4_MOUNT_DISCARD flag is cleared, but the pending s_discard_work is\n\u003e neither cancelled nor flushed.\n\n[1] https://lore.kernel.org/r/20260319094545.19291-1-qiang.zhang@linux.dev/\n[2] https://sashiko.dev/#/patchset/20260319094545.19291-1-qiang.zhang%40linux.dev\n\nThe concern was valid, but it had nothing to do with the patch[1].\nOne of the problems with Sashiko in its current (early) form is that\nit will detect pre-existing issues and report it as a problem with the\npatch that it is reviewing.\n\nIn practice, it would be hard to hit deliberately (unless you are a\nmalicious syzkaller fuzzer), since it would involve mounting the file\nsystem with -o discard, and then deleting a large number of files,\nremounting the file system with -o nodiscard, and then immediately\nunmounting the file system before the queued discard work has a change\nto drain on its own.\n\nFix it because it\u0027s a real bug, and to avoid Sashiko from raising this\nconcern when analyzing future patches to mballoc.c.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43065",
"url": "https://www.suse.com/security/cve/CVE-2026-43065"
},
{
"category": "external",
"summary": "SUSE Bug 1264243 for CVE-2026-43065",
"url": "https://bugzilla.suse.com/1264243"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.9,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-43065"
},
{
"cve": "CVE-2026-43066",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43066"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix iloc.bh leak in ext4_fc_replay_inode() error paths\n\nDuring code review, Joseph found that ext4_fc_replay_inode() calls\next4_get_fc_inode_loc() to get the inode location, which holds a\nreference to iloc.bh that must be released via brelse().\n\nHowever, several error paths jump to the \u0027out\u0027 label without\nreleasing iloc.bh:\n\n - ext4_handle_dirty_metadata() failure\n - sync_dirty_buffer() failure\n - ext4_mark_inode_used() failure\n - ext4_iget() failure\n\nFix this by introducing an \u0027out_brelse\u0027 label placed just before\nthe existing \u0027out\u0027 label to ensure iloc.bh is always released.\n\nAdditionally, make ext4_fc_replay_inode() propagate errors\nproperly instead of always returning 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43066",
"url": "https://www.suse.com/security/cve/CVE-2026-43066"
},
{
"category": "external",
"summary": "SUSE Bug 1264245 for CVE-2026-43066",
"url": "https://bugzilla.suse.com/1264245"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43066"
},
{
"cve": "CVE-2026-43068",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43068"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: avoid allocate block from corrupted group in ext4_mb_find_by_goal()\n\nThere\u0027s issue as follows:\n...\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 206 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2243 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): Delayed block allocation failed for inode 2239 at logical offset 0 with max blocks 1 with error 117\nEXT4-fs (mmcblk0p1): This should not happen!! Data will be lost\n\nEXT4-fs (mmcblk0p1): error count since last fsck: 1\nEXT4-fs (mmcblk0p1): initial error at time 1765597433: ext4_mb_generate_buddy:760\nEXT4-fs (mmcblk0p1): last error at time 1765597433: ext4_mb_generate_buddy:760\n...\n\nAccording to the log analysis, blocks are always requested from the\ncorrupted block group. This may happen as follows:\next4_mb_find_by_goal\n ext4_mb_load_buddy\n ext4_mb_load_buddy_gfp\n ext4_mb_init_cache\n ext4_read_block_bitmap_nowait\n ext4_wait_block_bitmap\n ext4_validate_block_bitmap\n if (!grp || EXT4_MB_GRP_BBITMAP_CORRUPT(grp))\n return -EFSCORRUPTED; // There\u0027s no logs.\n if (err)\n return err; // Will return error\next4_lock_group(ac-\u003eac_sb, group);\n if (unlikely(EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info))) // Unreachable\n goto out;\n\nAfter commit 9008a58e5dce (\"ext4: make the bitmap read routines return\nreal error codes\") merged, Commit 163a203ddb36 (\"ext4: mark block group\nas corrupt on block bitmap error\") is no real solution for allocating\nblocks from corrupted block groups. This is because if\n\u0027EXT4_MB_GRP_BBITMAP_CORRUPT(e4b-\u003ebd_info)\u0027 is true, then\n\u0027ext4_mb_load_buddy()\u0027 may return an error. This means that the block\nallocation will fail.\nTherefore, check block group if corrupted when ext4_mb_load_buddy()\nreturns error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43068",
"url": "https://www.suse.com/security/cve/CVE-2026-43068"
},
{
"category": "external",
"summary": "SUSE Bug 1264255 for CVE-2026-43068",
"url": "https://bugzilla.suse.com/1264255"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43068"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43109",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43109"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nx86: shadow stacks: proper error handling for mmap lock\n\n\uae40\uc601\ubbfc reports that shstk_pop_sigframe() doesn\u0027t check for errors from\nmmap_read_lock_killable(), which is a silly oversight, and also shows\nthat we haven\u0027t marked those functions with \"__must_check\", which would\nhave immediately caught it.\n\nSo let\u0027s fix both issues.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43109",
"url": "https://www.suse.com/security/cve/CVE-2026-43109"
},
{
"category": "external",
"summary": "SUSE Bug 1264484 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1264484"
},
{
"category": "external",
"summary": "SUSE Bug 1269282 for CVE-2026-43109",
"url": "https://bugzilla.suse.com/1269282"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43109"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43206",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43206"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix out-of-bounds write in kfd_event_page_set()\n\nThe kfd_event_page_set() function writes KFD_SIGNAL_EVENT_LIMIT * 8\nbytes via memset without checking the buffer size parameter. This allows\nunprivileged userspace to trigger an out-of bounds kernel memory write\nby passing a small buffer, leading to potential privilege\nescalation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43206",
"url": "https://www.suse.com/security/cve/CVE-2026-43206"
},
{
"category": "external",
"summary": "SUSE Bug 1264551 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1264551"
},
{
"category": "external",
"summary": "SUSE Bug 1266668 for CVE-2026-43206",
"url": "https://bugzilla.suse.com/1266668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43206"
},
{
"cve": "CVE-2026-43234",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43234"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nteam: avoid NETDEV_CHANGEMTU event when unregistering slave\n\nsyzbot is reporting\n\n unregister_netdevice: waiting for netdevsim0 to become free. Usage count = 3\n ref_tracker: netdev@ffff88807dcf8618 has 1/2 users at\n __netdev_tracker_alloc include/linux/netdevice.h:4400 [inline]\n netdev_hold include/linux/netdevice.h:4429 [inline]\n inetdev_init+0x201/0x4e0 net/ipv4/devinet.c:286\n inetdev_event+0x251/0x1610 net/ipv4/devinet.c:1600\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_mtu net/core/dev.c:2318 [inline]\n netif_set_mtu_ext+0x5aa/0x800 net/core/dev.c:9886\n netif_set_mtu+0xd7/0x1b0 net/core/dev.c:9907\n dev_set_mtu+0x126/0x260 net/core/dev_api.c:248\n team_port_del+0xb07/0xcb0 drivers/net/team/team_core.c:1333\n team_del_slave drivers/net/team/team_core.c:1936 [inline]\n team_device_event+0x207/0x5b0 drivers/net/team/team_core.c:2929\n notifier_call_chain+0x19d/0x3a0 kernel/notifier.c:85\n call_netdevice_notifiers_extack net/core/dev.c:2281 [inline]\n call_netdevice_notifiers net/core/dev.c:2295 [inline]\n __dev_change_net_namespace+0xcb7/0x2050 net/core/dev.c:12592\n do_setlink+0x2ce/0x4590 net/core/rtnetlink.c:3060\n rtnl_changelink net/core/rtnetlink.c:3776 [inline]\n __rtnl_newlink net/core/rtnetlink.c:3935 [inline]\n rtnl_newlink+0x15a9/0x1be0 net/core/rtnetlink.c:4072\n rtnetlink_rcv_msg+0x7d5/0xbe0 net/core/rtnetlink.c:6958\n netlink_rcv_skb+0x232/0x4b0 net/netlink/af_netlink.c:2550\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x80f/0x9b0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x813/0xb40 net/netlink/af_netlink.c:1894\n\nproblem. Ido Schimmel found steps to reproduce\n\n ip link add name team1 type team\n ip link add name dummy1 mtu 1499 master team1 type dummy\n ip netns add ns1\n ip link set dev dummy1 netns ns1\n ip -n ns1 link del dev dummy1\n\nand also found that the same issue was fixed in the bond driver in\ncommit f51048c3e07b (\"bonding: avoid NETDEV_CHANGEMTU event when\nunregistering slave\").\n\nLet\u0027s do similar thing for the team driver, with commit ad7c7b2172c3 (\"net:\nhold netdev instance lock during sysfs operations\") and commit 303a8487a657\n(\"net: s/__dev_set_mtu/__netif_set_mtu/\") also applied.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43234",
"url": "https://www.suse.com/security/cve/CVE-2026-43234"
},
{
"category": "external",
"summary": "SUSE Bug 1264409 for CVE-2026-43234",
"url": "https://bugzilla.suse.com/1264409"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43234"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43249",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43249"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\n9p/xen: protect xen_9pfs_front_free against concurrent calls\n\nThe xenwatch thread can race with other back-end change notifications\nand call xen_9pfs_front_free() twice, hitting the observed general\nprotection fault due to a double-free. Guard the teardown path so only\none caller can release the front-end state at a time, preventing the\ncrash.\n\nThis is a fix for the following double-free:\n\n[ 27.052347] Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b6b: 0000 [#1] SMP DEBUG_PAGEALLOC NOPTI\n[ 27.052357] CPU: 0 UID: 0 PID: 32 Comm: xenwatch Not tainted 6.18.0-02087-g51ab33fc0a8b-dirty #60 PREEMPT(none)\n[ 27.052363] RIP: e030:xen_9pfs_front_free+0x1d/0x150\n[ 27.052368] Code: 90 90 90 90 90 90 90 90 90 90 90 90 90 41 55 41 54 55 48 89 fd 48 c7 c7 48 d0 92 85 53 e8 cb cb 05 00 48 8b 45 08 48 8b 55 00 \u003c48\u003e 3b 28 0f 85 f9 28 35 fe 48 3b 6a 08 0f 85 ef 28 35 fe 48 89 42\n[ 27.052377] RSP: e02b:ffffc9004016fdd0 EFLAGS: 00010246\n[ 27.052381] RAX: 6b6b6b6b6b6b6b6b RBX: ffff88800d66e400 RCX: 0000000000000000\n[ 27.052385] RDX: 6b6b6b6b6b6b6b6b RSI: 0000000000000000 RDI: 0000000000000000\n[ 27.052389] RBP: ffff88800a887040 R08: 0000000000000000 R09: 0000000000000000\n[ 27.052393] R10: 0000000000000000 R11: 0000000000000000 R12: ffff888009e46b68\n[ 27.052397] R13: 0000000000000200 R14: 0000000000000000 R15: ffff88800a887040\n[ 27.052404] FS: 0000000000000000(0000) GS:ffff88808ca57000(0000) knlGS:0000000000000000\n[ 27.052408] CS: e030 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 27.052412] CR2: 00007f9714004360 CR3: 0000000004834000 CR4: 0000000000050660\n[ 27.052418] Call Trace:\n[ 27.052420] \u003cTASK\u003e\n[ 27.052422] xen_9pfs_front_changed+0x5d5/0x720\n[ 27.052426] ? xenbus_otherend_changed+0x72/0x140\n[ 27.052430] ? __pfx_xenwatch_thread+0x10/0x10\n[ 27.052434] xenwatch_thread+0x94/0x1c0\n[ 27.052438] ? __pfx_autoremove_wake_function+0x10/0x10\n[ 27.052442] kthread+0xf8/0x240\n[ 27.052445] ? __pfx_kthread+0x10/0x10\n[ 27.052449] ? __pfx_kthread+0x10/0x10\n[ 27.052452] ret_from_fork+0x16b/0x1a0\n[ 27.052456] ? __pfx_kthread+0x10/0x10\n[ 27.052459] ret_from_fork_asm+0x1a/0x30\n[ 27.052463] \u003c/TASK\u003e\n[ 27.052465] Modules linked in:\n[ 27.052471] ---[ end trace 0000000000000000 ]---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43249",
"url": "https://www.suse.com/security/cve/CVE-2026-43249"
},
{
"category": "external",
"summary": "SUSE Bug 1264476 for CVE-2026-43249",
"url": "https://bugzilla.suse.com/1264476"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43249"
},
{
"cve": "CVE-2026-43252",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43252"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmptcp: pm: in-kernel: always set ID as avail when rm endp\n\nSyzkaller managed to find a combination of actions that was generating\nthis warning:\n\n WARNING: net/mptcp/pm_kernel.c:1074 at __mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline], CPU#1: syz.7.48/2535\n WARNING: net/mptcp/pm_kernel.c:1074 at mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538, CPU#1: syz.7.48/2535\n Modules linked in:\n CPU: 1 UID: 0 PID: 2535 Comm: syz.7.48 Not tainted 6.18.0-03987-gea5f5e676cf5 #17 PREEMPT(voluntary)\n Hardware name: QEMU Ubuntu 25.10 PC (i440FX + PIIX, 1996), BIOS 1.17.0-debian-1.17.0-1 04/01/2014\n RIP: 0010:__mark_subflow_endp_available net/mptcp/pm_kernel.c:1074 [inline]\n RIP: 0010:mptcp_pm_nl_fullmesh net/mptcp/pm_kernel.c:1446 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags_all net/mptcp/pm_kernel.c:1474 [inline]\n RIP: 0010:mptcp_pm_nl_set_flags+0x5de/0x640 net/mptcp/pm_kernel.c:1538\n Code: 89 c7 e8 c5 8c 73 fe e9 f7 fd ff ff 49 83 ef 80 e8 b7 8c 73 fe 4c 89 ff be 03 00 00 00 e8 4a 29 e3 fe eb ac e8 a3 8c 73 fe 90 \u003c0f\u003e 0b 90 e9 3d ff ff ff e8 95 8c 73 fe b8 a1 ff ff ff eb 1a e8 89\n RSP: 0018:ffffc9001535b820 EFLAGS: 00010287\n netdevsim0: tun_chr_ioctl cmd 1074025677\n RAX: ffffffff82da294d RBX: 0000000000000001 RCX: 0000000000080000\n RDX: ffffc900096d0000 RSI: 00000000000006d6 RDI: 00000000000006d7\n netdevsim0: linktype set to 823\n RBP: ffff88802cdb2240 R08: 00000000000104ae R09: ffffffffffffffff\n R10: ffffffff82da27d4 R11: 0000000000000000 R12: 0000000000000000\n R13: ffff88801246d8c0 R14: ffffc9001535b8b8 R15: ffff88802cdb1800\n FS: 00007fc6ac5a76c0(0000) GS:ffff8880f90c8000(0000) knlGS:0000000000000000\n netlink: \u0027syz.3.50\u0027: attribute type 5 has an invalid length.\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n netlink: 1232 bytes leftover after parsing attributes in process `syz.3.50\u0027.\n CR2: 0000200000010000 CR3: 0000000025b1a000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n mptcp_pm_set_flags net/mptcp/pm_netlink.c:277 [inline]\n mptcp_pm_nl_set_flags_doit+0x1d7/0x210 net/mptcp/pm_netlink.c:282\n genl_family_rcv_msg_doit+0x117/0x180 net/netlink/genetlink.c:1115\n genl_family_rcv_msg net/netlink/genetlink.c:1195 [inline]\n genl_rcv_msg+0x3a8/0x3f0 net/netlink/genetlink.c:1210\n netlink_rcv_skb+0x16d/0x240 net/netlink/af_netlink.c:2550\n genl_rcv+0x28/0x40 net/netlink/genetlink.c:1219\n netlink_unicast_kernel net/netlink/af_netlink.c:1318 [inline]\n netlink_unicast+0x3e9/0x4c0 net/netlink/af_netlink.c:1344\n netlink_sendmsg+0x4ab/0x5b0 net/netlink/af_netlink.c:1894\n sock_sendmsg_nosec net/socket.c:718 [inline]\n __sock_sendmsg+0xc9/0xf0 net/socket.c:733\n ____sys_sendmsg+0x272/0x3b0 net/socket.c:2608\n ___sys_sendmsg+0x2de/0x320 net/socket.c:2662\n __sys_sendmsg net/socket.c:2694 [inline]\n __do_sys_sendmsg net/socket.c:2699 [inline]\n __se_sys_sendmsg net/socket.c:2697 [inline]\n __x64_sys_sendmsg+0x110/0x1a0 net/socket.c:2697\n do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xed/0x360 arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x77/0x7f\n RIP: 0033:0x7fc6adb66f6d\n Code: ff c3 66 2e 0f 1f 84 00 00 00 00 00 90 f3 0f 1e fa 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 e8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007fc6ac5a6ff8 EFLAGS: 00000246 ORIG_RAX: 000000000000002e\n RAX: ffffffffffffffda RBX: 00007fc6addf5fa0 RCX: 00007fc6adb66f6d\n RDX: 0000000000048084 RSI: 00002000000002c0 RDI: 000000000000000e\n RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 000000000000\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43252",
"url": "https://www.suse.com/security/cve/CVE-2026-43252"
},
{
"category": "external",
"summary": "SUSE Bug 1264300 for CVE-2026-43252",
"url": "https://bugzilla.suse.com/1264300"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43252"
},
{
"cve": "CVE-2026-43261",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43261"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\narm64: Add support for TSV110 Spectre-BHB mitigation\n\nThe TSV110 processor is vulnerable to the Spectre-BHB (Branch History\nBuffer) attack, which can be exploited to leak information through\nbranch prediction side channels. This commit adds the MIDR of TSV110\nto the list for software mitigation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43261",
"url": "https://www.suse.com/security/cve/CVE-2026-43261"
},
{
"category": "external",
"summary": "SUSE Bug 1264430 for CVE-2026-43261",
"url": "https://bugzilla.suse.com/1264430"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43261"
},
{
"cve": "CVE-2026-43284",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43284"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: esp: avoid in-place decrypt on shared skb frags\n\nMSG_SPLICE_PAGES can attach pages from a pipe directly to an skb. TCP\nmarks such skbs with SKBFL_SHARED_FRAG after skb_splice_from_iter(),\nso later paths that may modify packet data can first make a private\ncopy. The IPv4/IPv6 datagram append paths did not set this flag when\nsplicing pages into UDP skbs.\n\nThat leaves an ESP-in-UDP packet made from shared pipe pages looking\nlike an ordinary uncloned nonlinear skb. ESP input then takes the no-COW\nfast path for uncloned skbs without a frag_list and decrypts in place\nover data that is not owned privately by the skb.\n\nMark IPv4/IPv6 datagram splice frags with SKBFL_SHARED_FRAG, matching\nTCP. Also make ESP input fall back to skb_cow_data() when the flag is\npresent, so ESP does not decrypt externally backed frags in place.\nPrivate nonlinear skb frags still use the existing fast path.\n\nThis intentionally does not change ESP output. In esp_output_head(),\nthe path that appends the ESP trailer to existing skb tailroom without\ncalling skb_cow_data() is not reachable for nonlinear skbs:\nskb_tailroom() returns zero when skb-\u003edata_len is nonzero, while ESP\ntailen is positive. Thus ESP output will either use the separate\ndestination-frag path or fall back to skb_cow_data().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43284",
"url": "https://www.suse.com/security/cve/CVE-2026-43284"
},
{
"category": "external",
"summary": "SUSE Bug 1264449 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264449"
},
{
"category": "external",
"summary": "SUSE Bug 1264459 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1264459"
},
{
"category": "external",
"summary": "SUSE Bug 1265383 for CVE-2026-43284",
"url": "https://bugzilla.suse.com/1265383"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43284"
},
{
"cve": "CVE-2026-43296",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43296"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nocteontx2-af: Workaround SQM/PSE stalls by disabling sticky\n\nNIX SQ manager sticky mode is known to cause stalls when multiple SQs\nshare an SMQ and transmit concurrently. Additionally, PSE may deadlock\non transitions between sticky and non-sticky transmissions. There is\nalso a credit drop issue observed when certain condition clocks are\ngated.\n\nwork around these hardware errata by:\n- Disabling SQM sticky operation:\n - Clear TM6 (bit 15)\n - Clear TM11 (bit 14)\n- Disabling sticky -\u003e non-sticky transition path that can deadlock PSE:\n - Clear TM5 (bit 23)\n- Preventing credit drops by keeping the control-flow clock enabled:\n - Set TM9 (bit 21)\n\nThese changes are applied via NIX_AF_SQM_DBG_CTL_STATUS. With this\nconfiguration the SQM/PSE maintain forward progress under load without\ncredit loss, at the cost of disabling sticky optimizations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43296",
"url": "https://www.suse.com/security/cve/CVE-2026-43296"
},
{
"category": "external",
"summary": "SUSE Bug 1264805 for CVE-2026-43296",
"url": "https://bugzilla.suse.com/1264805"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43296"
},
{
"cve": "CVE-2026-43325",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43325"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nwifi: iwlwifi: mvm: don\u0027t send a 6E related command when not supported\n\nMCC_ALLOWED_AP_TYPE_CMD is related to 6E support. Do not send it if the\ndevice doesn\u0027t support 6E.\nApparently, the firmware is mistakenly advertising support for this\ncommand even on AX201 which does not support 6E and then the firmware\ncrashes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43325",
"url": "https://www.suse.com/security/cve/CVE-2026-43325"
},
{
"category": "external",
"summary": "SUSE Bug 1265110 for CVE-2026-43325",
"url": "https://bugzilla.suse.com/1265110"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43325"
},
{
"cve": "CVE-2026-43333",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43333"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: reject direct access to nullable PTR_TO_BUF pointers\n\ncheck_mem_access() matches PTR_TO_BUF via base_type() which strips\nPTR_MAYBE_NULL, allowing direct dereference without a null check.\n\nMap iterator ctx-\u003ekey and ctx-\u003evalue are PTR_TO_BUF | PTR_MAYBE_NULL.\nOn stop callbacks these are NULL, causing a kernel NULL dereference.\n\nAdd a type_may_be_null() guard to the PTR_TO_BUF branch, matching the\nexisting PTR_TO_BTF_ID pattern.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43333",
"url": "https://www.suse.com/security/cve/CVE-2026-43333"
},
{
"category": "external",
"summary": "SUSE Bug 1264726 for CVE-2026-43333",
"url": "https://bugzilla.suse.com/1264726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43333"
},
{
"cve": "CVE-2026-43338",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43338"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: reserve enough transaction items for qgroup ioctls\n\nCurrently our qgroup ioctls don\u0027t reserve any space, they just do a\ntransaction join, which does not reserve any space, neither for the quota\ntree updates nor for the delayed refs generated when updating the quota\ntree. The quota root uses the global block reserve, which is fine most of\nthe time since we don\u0027t expect a lot of updates to the quota root, or to\nbe too close to -ENOSPC such that other critical metadata updates need to\nresort to the global reserve.\n\nHowever this is not optimal, as not reserving proper space may result in a\ntransaction abort due to not reserving space for delayed refs and then\nabusing the use of the global block reserve.\n\nFor example, the following reproducer (which is unlikely to model any\nreal world use case, but just to illustrate the problem), triggers such a\ntransaction abort due to -ENOSPC when running delayed refs:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/nullb0\n MNT=/mnt/nullb0\n\n umount $DEV \u0026\u003e /dev/null\n # Limit device to 1G so that it\u0027s much faster to reproduce the issue.\n mkfs.btrfs -f -b 1G $DEV\n mount -o commit=600 $DEV $MNT\n\n fallocate -l 800M $MNT/filler\n btrfs quota enable $MNT\n\n for ((i = 1; i \u003c= 400000; i++)); do\n btrfs qgroup create 1/$i $MNT\n done\n\n umount $MNT\n\nWhen running this, we can see in dmesg/syslog that a transaction abort\nhappened:\n\n [436.490] BTRFS error (device nullb0): failed to run delayed ref for logical 30408704 num_bytes 16384 type 176 action 1 ref_mod 1: -28\n [436.493] ------------[ cut here ]------------\n [436.494] BTRFS: Transaction aborted (error -28)\n [436.495] WARNING: fs/btrfs/extent-tree.c:2247 at btrfs_run_delayed_refs+0xd9/0x110 [btrfs], CPU#4: umount/2495372\n [436.497] Modules linked in: btrfs loop (...)\n [436.508] CPU: 4 UID: 0 PID: 2495372 Comm: umount Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [436.510] Tainted: [W]=WARN\n [436.511] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [436.513] RIP: 0010:btrfs_run_delayed_refs+0xdf/0x110 [btrfs]\n [436.514] Code: 0f 82 ea (...)\n [436.518] RSP: 0018:ffffd511850b7d78 EFLAGS: 00010292\n [436.519] RAX: 00000000ffffffe4 RBX: ffff8f120dad37e0 RCX: 0000000002040001\n [436.520] RDX: 0000000000000002 RSI: 00000000ffffffe4 RDI: ffffffffc090fd80\n [436.522] RBP: 0000000000000000 R08: 0000000000000001 R09: ffffffffc04d1867\n [436.523] R10: ffff8f18dc1fffa8 R11: 0000000000000003 R12: ffff8f173aa89400\n [436.524] R13: 0000000000000000 R14: ffff8f173aa89400 R15: 0000000000000000\n [436.526] FS: 00007fe59045d840(0000) GS:ffff8f192e22e000(0000) knlGS:0000000000000000\n [436.527] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [436.528] CR2: 00007fe5905ff2b0 CR3: 000000060710a002 CR4: 0000000000370ef0\n [436.530] Call Trace:\n [436.530] \u003cTASK\u003e\n [436.530] btrfs_commit_transaction+0x73/0xc00 [btrfs]\n [436.531] ? btrfs_attach_transaction_barrier+0x1e/0x70 [btrfs]\n [436.532] sync_filesystem+0x7a/0x90\n [436.533] generic_shutdown_super+0x28/0x180\n [436.533] kill_anon_super+0x12/0x40\n [436.534] btrfs_kill_super+0x12/0x20 [btrfs]\n [436.534] deactivate_locked_super+0x2f/0xb0\n [436.534] cleanup_mnt+0xea/0x180\n [436.535] task_work_run+0x58/0xa0\n [436.535] exit_to_user_mode_loop+0xed/0x480\n [436.536] ? __x64_sys_umount+0x68/0x80\n [436.536] do_syscall_64+0x2a5/0xf20\n [436.537] entry_SYSCALL_64_after_hwframe+0x76/0x7e\n [436.537] RIP: 0033:0x7fe5906b6217\n [436.538] Code: 0d 00 f7 (...)\n [436.540] RSP: 002b:00007ffcd87a61f8 EFLAGS: 00000246 ORIG_RAX: 00000000000000a6\n [436.541] RAX: 0000000000000000 RBX: 00005618b9ecadc8 RCX: 00007fe5906b6217\n [436.541] RDX: 0000000000000000 RSI: 0000000000000000 RDI: 00005618b9ecb100\n [436.542] RBP: 0000000000000000 R08: 00007ffcd87a4fe0 R09: 00000000ffffffff\n [436.544] R10: 0000000000000103 R11: \n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43338",
"url": "https://www.suse.com/security/cve/CVE-2026-43338"
},
{
"category": "external",
"summary": "SUSE Bug 1264716 for CVE-2026-43338",
"url": "https://bugzilla.suse.com/1264716"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43338"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43341",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43341"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet/ipv6: ioam6: prevent schema length wraparound in trace fill\n\nioam6_fill_trace_data() stores the schema contribution to the trace\nlength in a u8. With bit 22 enabled and the largest schema payload,\nsclen becomes 1 + 1020 / 4, wraps from 256 to 0, and bypasses the\nremaining-space check. __ioam6_fill_trace_data() then positions the\nwrite cursor without reserving the schema area but still copies the\n4-byte schema header and the full schema payload, overrunning the trace\nbuffer.\n\nKeep sclen in an unsigned int so the remaining-space check and the write\ncursor calculation both see the full schema length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43341",
"url": "https://www.suse.com/security/cve/CVE-2026-43341"
},
{
"category": "external",
"summary": "SUSE Bug 1265044 for CVE-2026-43341",
"url": "https://bugzilla.suse.com/1265044"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43341"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43359",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43359"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on set received ioctl due to item overflow\n\nIf the set received ioctl fails due to an item overflow when attempting to\nadd the BTRFS_UUID_KEY_RECEIVED_SUBVOL we have to abort the transaction\nsince we did some metadata updates before.\n\nThis means that if a user calls this ioctl with the same received UUID\nfield for a lot of subvolumes, we will hit the overflow, trigger the\ntransaction abort and turn the filesystem into RO mode. A malicious user\ncould exploit this, and this ioctl does not even requires that a user\nhas admin privileges (CAP_SYS_ADMIN), only that he/she owns the subvolume.\n\nFix this by doing an early check for item overflow before starting a\ntransaction. This is also race safe because we are holding the subvol_sem\nsemaphore in exclusive (write) mode.\n\nA test case for fstests will follow soon.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43359",
"url": "https://www.suse.com/security/cve/CVE-2026-43359"
},
{
"category": "external",
"summary": "SUSE Bug 1264719 for CVE-2026-43359",
"url": "https://bugzilla.suse.com/1264719"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43359"
},
{
"cve": "CVE-2026-43360",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43360"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort on file creation due to name hash collision\n\nIf we attempt to create several files with names that result in the same\nhash, we have to pack them in same dir item and that has a limit inherent\nto the leaf size. However if we reach that limit, we trigger a transaction\nabort and turns the filesystem into RO mode. This allows for a malicious\nuser to disrupt a system, without the need to have administration\nprivileges/capabilities.\n\nReproducer:\n\n $ cat exploit-hash-collisions.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster and require fewer file\n # names that result in hash collision.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # List of names that result in the same crc32c hash for btrfs.\n declare -a names=(\n \u0027foobar\u0027\n \u0027%a8tYkxfGMLWRGr55QSeQc4PBNH9PCLIvR6jZnkDtUUru1t@RouaUe_L:@xGkbO3nCwvLNYeK9vhE628gss:T$yZjZ5l-Nbd6CbC$M=hqE-ujhJICXyIxBvYrIU9-TDC\u0027\n \u0027AQci3EUB%shMsg-N%frgU:02ByLs=IPJU0OpgiWit5nexSyxZDncY6WB:=zKZuk5Zy0DD$Ua78%MelgBuMqaHGyKsJUFf9s=UW80PcJmKctb46KveLSiUtNmqrMiL9-Y0I_l5Fnam04CGIg=8@U:Z\u0027\n \u0027CvVqJpJzueKcuA$wqwePfyu7VxuWNN3ho$p0zi2H8QFYK$7YlEqOhhb%:hHgjhIjW5vnqWHKNP4\u0027\n \u0027ET:vk@rFU4tsvMB0$C_p=xQHaYZjvoF%-BTc%wkFW8yaDAPcCYoR%x$FH5O:\u0027\n \u0027HwTon%v7SGSP4FE08jBwwiu5aot2CFKXHTeEAa@38fUcNGOWvE@Mz6WBeDH_VooaZ6AgsXPkVGwy9l@@ZbNXabUU9csiWrrOp0MWUdfi$EZ3w9GkIqtz7I_eOsByOkBOO\u0027\n \u0027Ij%2VlFGXSuPvxJGf5UWy6O@1svxGha%b@=%wjkq:CIgE6u7eJOjmQY5qTtxE2Rjbis9@us\u0027\n \u0027KBkjG5%9R8K9sOG8UTnAYjxLNAvBmvV5vz3IiZaPmKuLYO03-6asI9lJ_j4@6Xo$KZicaLWJ3Pv8XEwVeUPMwbHYWwbx0pYvNlGMO9F:ZhHAwyctnGy%_eujl%WPd4U2BI7qooOSr85J-C2V$LfY\u0027\n \u0027NcRfDfuUQ2=zP8K3CCF5dFcpfiOm6mwenShsAb_F%n6GAGC7fT2JFFn:c35X-3aYwoq7jNX5$ZJ6hI3wnZs$7KgGi7wjulffhHNUxAT0fRRLF39vJ@NvaEMxsMO\u0027\n \u0027Oj42AQAEzRoTxa5OuSKIr=A_lwGMy132v4g3Pdq1GvUG9874YseIFQ6QU\u0027\n \u0027Ono7avN5GjC:_6dBJ_\u0027\n \u0027WHmN2gnmaN-9dVDy4aWo:yNGFzz8qsJyJhWEWcud7$QzN2D9R0efIWWEdu5kwWr73NZm4=@CoCDxrrZnRITr-kGtU_cfW2:%2_am\u0027\n \u0027WiFnuTEhAG9FEC6zopQmj-A-$LDQ0T3WULz%ox3UZAPybSV6v1Z$b4L_XBi4M4BMBtJZpz93r9xafpB77r:lbwvitWRyo$odnAUYlYMmU4RvgnNd--e=I5hiEjGLETTtaScWlQp8mYsBovZwM2k\u0027\n \u0027XKyH=OsOAF3p%uziGF_ZVr$ivrvhVgD@1u%5RtrV-gl_vqAwHkK@x7YwlxX3qT6WKKQ%PR56NrUBU2dOAOAdzr2=5nJuKPM-T-$ZpQfCL7phxQbUcb:BZOTPaFExc-qK-gDRCDW2\u0027\n \u0027d3uUR6OFEwZr%ns1XH_@tbxA@cCPmbBRLdyh7p6V45H$P2$F%w0RqrD3M0g8aGvWpoTFMiBdOTJXjD:JF7=h9a_43xBywYAP%r$SPZi%zDg%ql-KvkdUCtF9OLaQlxmd\u0027\n \u0027ePTpbnit%hyNm@WELlpKzNZYOzOTf8EQ$sEfkMy1VOfIUu3coyvIr13-Y7Sv5v-Ivax2Go_GQRFMU1b3362nktT9WOJf3SpT%z8sZmM3gvYQBDgmKI%%RM-G7hyrhgYflOw%z::ZRcv5O:lDCFm\u0027\n \u0027evqk743Y@dvZAiG5J05L_ROFV@$2%rVWJ2%3nxV72-W7$e$-SK3tuSHA2mBt$qloC5jwNx33GmQUjD%akhBPu=VJ5g$xhlZiaFtTrjeeM5x7dt4cHpX0cZkmfImndYzGmvwQG:$euFYmXn$_2rA9mKZ\u0027\n \u0027gkgUtnihWXsZQTEkrMAWIxir09k3t7jk_IK25t1:cy1XWN0GGqC%FrySdcmU7M8MuPO_ppkLw3=Dfr0UuBAL4%GFk2$Ma10V1jDRGJje%Xx9EV2ERaWKtjpwiZwh0gCSJsj5UL7CR8RtW5opCVFKGGy8Cky\u0027\n \u0027hNgsG_8lNRik3PvphqPm0yEH3P%%fYG:kQLY=6O-61Wa6nrV_WVGR6TLB09vHOv%g4VQRP8Gzx7VXUY1qvZyS\u0027\n \u0027isA7JVzN12xCxVPJZ_qoLm-pTBuhjjHMvV7o=F:EaClfYNyFGlsfw-Kf%uxdqW-kwk1sPl2vhbjyHU1A6$hz\u0027\n \u0027kiJ_fgcdZFDiOptjgH5PN9-PSyLO4fbk_:u5_2tz35lV_iXiJ6cx7pwjTtKy-XGaQ5IefmpJ4N_ZqGsqCsKuqOOBgf9LkUdffHet@Wu\u0027\n \u0027lvwtxyhE9:%Q3UxeHiViUyNzJsy:fm38pg_b6s25JvdhOAT=1s0$pG25x=LZ2rlHTszj=gN6M4zHZYr_qrB49i=pA--@WqWLIuX7o1S_SfS@2FSiUZN\u0027\n \u0027rC24cw3UBDZ=5qJBUMs9e$=S4Y94ni%Z8639vnrGp=0Hv4z3dNFL0fBLmQ40=EYIY:Z=SLc@QLMSt2zsss2ZXrP7j4=\u0027\n \u0027uwGl2s-fFrf@GqS=DQqq2I0LJSsOmM%xzTjS:lzXguE3wChdMoHYtLRKPvfaPOZF2fER@j53evbKa7R%A7r4%YEkD=kicJe@SFiGtXHbKe4gCgPAYbnVn\u0027\n \u0027UG37U6KKua2bgc:IHzRs7BnB6FD:2Mt5Cc5NdlsW%$1tyvnfz7S27FvNkroXwAW:mBZLA1@qa9WnDbHCDmQmfPMC9z-Eq6QT0jhhPpqyymaD:R02ghwYo%yx7SAaaq-:x33LYpei$5g8DMl3C\u0027\n \u0027y2vjek0FE1PDJC0qpfnN:x8k2wCFZ9xiUF2ege=JnP98R%wxjKkdfEiLWvQzmnW\u0027\n \u00278-HCSgH5B%K7P8_jaVtQhBXpBk:pE-$P7ts58U0J@iR9YZntMPl7j$s62yAJO@_9eanFPS54b=UTw$94C-t=HLxT8n6o9P=QnIxq-f1=Ne2dvhe6WbjEQtc\u0027\n \u0027YPPh:IFt2mtR6XWSmjHptXL_hbSYu8bMw-JP8@PNyaFkdNFsk$M=xfL6LDKCDM-mSyGA_2MBwZ8Dr4=R1D%7-mC\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43360",
"url": "https://www.suse.com/security/cve/CVE-2026-43360"
},
{
"category": "external",
"summary": "SUSE Bug 1264720 for CVE-2026-43360",
"url": "https://bugzilla.suse.com/1264720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43360"
},
{
"cve": "CVE-2026-43361",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43361"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix transaction abort when snapshotting received subvolumes\n\nCurrently a user can trigger a transaction abort by snapshotting a\npreviously received snapshot a bunch of times until we reach a\nBTRFS_UUID_KEY_RECEIVED_SUBVOL item overflow (the maximum item size we\ncan store in a leaf). This is very likely not common in practice, but\nif it happens, it turns the filesystem into RO mode. The snapshot, send\nand set_received_subvol and subvol_setflags (used by receive) don\u0027t\nrequire CAP_SYS_ADMIN, just inode_owner_or_capable(). A malicious user\ncould use this to turn a filesystem into RO mode and disrupt a system.\n\nReproducer script:\n\n $ cat test.sh\n #!/bin/bash\n\n DEV=/dev/sdi\n MNT=/mnt/sdi\n\n # Use smallest node size to make the test faster.\n mkfs.btrfs -f --nodesize 4K $DEV\n mount $DEV $MNT\n\n # Create a subvolume and set it to RO so that it can be used for send.\n btrfs subvolume create $MNT/sv\n touch $MNT/sv/foo\n btrfs property set $MNT/sv ro true\n\n # Send and receive the subvolume into snaps/sv.\n mkdir $MNT/snaps\n btrfs send $MNT/sv | btrfs receive $MNT/snaps\n\n # Now snapshot the received subvolume, which has a received_uuid, a\n # lot of times to trigger the leaf overflow.\n total=500\n for ((i = 1; i \u003c= $total; i++)); do\n echo -ne \"\\rCreating snapshot $i/$total\"\n btrfs subvolume snapshot -r $MNT/snaps/sv $MNT/snaps/sv_$i \u003e /dev/null\n done\n echo\n\n umount $MNT\n\nWhen running the test:\n\n $ ./test.sh\n (...)\n Create subvolume \u0027/mnt/sdi/sv\u0027\n At subvol /mnt/sdi/sv\n At subvol sv\n Creating snapshot 496/500ERROR: Could not create subvolume: Value too large for defined data type\n Creating snapshot 497/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 498/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 499/500ERROR: Could not create subvolume: Read-only file system\n Creating snapshot 500/500ERROR: Could not create subvolume: Read-only file system\n\nAnd in dmesg/syslog:\n\n $ dmesg\n (...)\n [251067.627338] BTRFS warning (device sdi): insert uuid item failed -75 (0x4628b21c4ac8d898, 0x2598bee2b1515c91) type 252!\n [251067.629212] ------------[ cut here ]------------\n [251067.630033] BTRFS: Transaction aborted (error -75)\n [251067.630871] WARNING: fs/btrfs/transaction.c:1907 at create_pending_snapshot.cold+0x52/0x465 [btrfs], CPU#10: btrfs/615235\n [251067.632851] Modules linked in: btrfs dm_zero (...)\n [251067.644071] CPU: 10 UID: 0 PID: 615235 Comm: btrfs Tainted: G W 6.19.0-rc8-btrfs-next-225+ #1 PREEMPT(full)\n [251067.646165] Tainted: [W]=WARN\n [251067.646733] Hardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS rel-1.16.2-0-gea1b7a073390-prebuilt.qemu.org 04/01/2014\n [251067.648735] RIP: 0010:create_pending_snapshot.cold+0x55/0x465 [btrfs]\n [251067.649984] Code: f0 48 0f (...)\n [251067.653313] RSP: 0018:ffffce644908fae8 EFLAGS: 00010292\n [251067.653987] RAX: 00000000ffffff01 RBX: ffff8e5639e63a80 RCX: 00000000ffffffd3\n [251067.655042] RDX: ffff8e53faa76b00 RSI: 00000000ffffffb5 RDI: ffffffffc0919750\n [251067.656077] RBP: ffffce644908fbd8 R08: 0000000000000000 R09: ffffce644908f820\n [251067.657068] R10: ffff8e5adc1fffa8 R11: 0000000000000003 R12: ffff8e53c0431bd0\n [251067.658050] R13: ffff8e5414593600 R14: ffff8e55efafd000 R15: 00000000ffffffb5\n [251067.659019] FS: 00007f2a4944b3c0(0000) GS:ffff8e5b27dae000(0000) knlGS:0000000000000000\n [251067.660115] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n [251067.660943] CR2: 00007ffc5aa57898 CR3: 00000005813a2003 CR4: 0000000000370ef0\n [251067.661972] Call Trace:\n [251067.662292] \u003cTASK\u003e\n [251067.662653] create_pending_snapshots+0x97/0xc0 [btrfs]\n [251067.663413] btrfs_commit_transaction+0x26e/0xc00 [btrfs]\n [251067.664257] ? btrfs_qgroup_convert_reserved_meta+0x35/0x390 [btrfs]\n [251067.665238] ? _raw_spin_unlock+0x15/0x30\n [251067.665837] ? record_root_\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43361",
"url": "https://www.suse.com/security/cve/CVE-2026-43361"
},
{
"category": "external",
"summary": "SUSE Bug 1264722 for CVE-2026-43361",
"url": "https://bugzilla.suse.com/1264722"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43361"
},
{
"cve": "CVE-2026-43362",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43362"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: fix in-place encryption corruption in SMB2_write()\n\nSMB2_write() places write payload in iov[1..n] as part of rq_iov.\nsmb3_init_transform_rq() pointer-shares rq_iov, so crypt_message()\nencrypts iov[1] in-place, replacing the original plaintext with\nciphertext. On a replayable error, the retry sends the same iov[1]\nwhich now contains ciphertext instead of the original data,\nresulting in corruption.\n\nThe corruption is most likely to be observed when connections are\nunstable, as reconnects trigger write retries that re-send the\nalready-encrypted data.\n\nThis affects SFU mknod, MF symlinks, etc. On kernels before\n6.10 (prior to the netfs conversion), sync writes also used\nthis path and were similarly affected. The async write path\nwasn\u0027t unaffected as it uses rq_iter which gets deep-copied.\n\nFix by moving the write payload into rq_iter via iov_iter_kvec(),\nso smb3_init_transform_rq() deep-copies it before encryption.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43362",
"url": "https://www.suse.com/security/cve/CVE-2026-43362"
},
{
"category": "external",
"summary": "SUSE Bug 1264989 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264989"
},
{
"category": "external",
"summary": "SUSE Bug 1264990 for CVE-2026-43362",
"url": "https://bugzilla.suse.com/1264990"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43362"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43406",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43406"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: prevent potential out-of-bounds reads in process_message_header()\n\nIf the message frame is (maliciously) corrupted in a way that the\nlength of the control segment ends up being less than the size of the\nmessage header or a different frame is made to look like a message\nframe, out-of-bounds reads may ensue in process_message_header().\n\nPerform an explicit bounds check before decoding the message header.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43406",
"url": "https://www.suse.com/security/cve/CVE-2026-43406"
},
{
"category": "external",
"summary": "SUSE Bug 1265073 for CVE-2026-43406",
"url": "https://bugzilla.suse.com/1265073"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43406"
},
{
"cve": "CVE-2026-43407",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43407"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()\n\nThis patch fixes an out-of-bounds access in ceph_handle_auth_reply()\nthat can be triggered by a message of type CEPH_MSG_AUTH_REPLY. In\nceph_handle_auth_reply(), the value of the payload_len field of such a\nmessage is stored in a variable of type int. A value greater than\nINT_MAX leads to an integer overflow and is interpreted as a negative\nvalue. This leads to decrementing the pointer address by this value and\nsubsequently accessing it because ceph_decode_need() only checks that\nthe memory access does not exceed the end address of the allocation.\n\nThis patch fixes the issue by changing the data type of payload_len to\nu32. Additionally, the data type of result_msg_len is changed to u32,\nas it is also a variable holding a non-negative length.\n\nAlso, an additional layer of sanity checks is introduced, ensuring that\ndirectly after reading it from the message, payload_len and\nresult_msg_len are not greater than the overall segment length.\n\nBUG: KASAN: slab-out-of-bounds in ceph_handle_auth_reply+0x642/0x7a0 [libceph]\nRead of size 4 at addr ffff88811404df14 by task kworker/20:1/262\n\nCPU: 20 UID: 0 PID: 262 Comm: kworker/20:1 Not tainted 6.19.2 #5 PREEMPT(voluntary)\nHardware name: QEMU Standard PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\nWorkqueue: ceph-msgr ceph_con_workfn [libceph]\nCall Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0x76/0xa0\n print_report+0xd1/0x620\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? kasan_complete_mode_report_info+0x72/0x210\n kasan_report+0xe7/0x130\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n ? ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n __asan_report_load_n_noabort+0xf/0x20\n ceph_handle_auth_reply+0x642/0x7a0 [libceph]\n mon_dispatch+0x973/0x23d0 [libceph]\n ? apparmor_socket_recvmsg+0x6b/0xa0\n ? __pfx_mon_dispatch+0x10/0x10 [libceph]\n ? __kasan_check_write+0x14/0x30i\n ? mutex_unlock+0x7f/0xd0\n ? __pfx_mutex_unlock+0x10/0x10\n ? __pfx_do_recvmsg+0x10/0x10 [libceph]\n ceph_con_process_message+0x1f1/0x650 [libceph]\n process_message+0x1e/0x450 [libceph]\n ceph_con_v2_try_read+0x2e48/0x6c80 [libceph]\n ? __pfx_ceph_con_v2_try_read+0x10/0x10 [libceph]\n ? save_fpregs_to_fpstate+0xb0/0x230\n ? raw_spin_rq_unlock+0x17/0xa0\n ? finish_task_switch.isra.0+0x13b/0x760\n ? __switch_to+0x385/0xda0\n ? __kasan_check_write+0x14/0x30\n ? mutex_lock+0x8d/0xe0\n ? __pfx_mutex_lock+0x10/0x10\n ceph_con_workfn+0x248/0x10c0 [libceph]\n process_one_work+0x629/0xf80\n ? __kasan_check_write+0x14/0x30\n worker_thread+0x87f/0x1570\n ? __pfx__raw_spin_lock_irqsave+0x10/0x10\n ? __pfx_try_to_wake_up+0x10/0x10\n ? kasan_print_address_stack_frame+0x1f7/0x280\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x396/0x830\n ? __pfx__raw_spin_lock_irq+0x10/0x10\n ? __pfx_kthread+0x10/0x10\n ? __kasan_check_write+0x14/0x30\n ? recalc_sigpending+0x180/0x210\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x3f7/0x610\n ? __pfx_ret_from_fork+0x10/0x10\n ? __switch_to+0x385/0xda0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30\n \u003c/TASK\u003e\n\n[ idryomov: replace if statements with ceph_decode_need() for\n payload_len and result_msg_len ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43407",
"url": "https://www.suse.com/security/cve/CVE-2026-43407"
},
{
"category": "external",
"summary": "SUSE Bug 1265020 for CVE-2026-43407",
"url": "https://bugzilla.suse.com/1265020"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43407"
},
{
"cve": "CVE-2026-43411",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43411"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntipc: fix divide-by-zero in tipc_sk_filter_connect()\n\nA user can set conn_timeout to any value via\nsetsockopt(TIPC_CONN_TIMEOUT), including values less than 4. When a\nSYN is rejected with TIPC_ERR_OVERLOAD and the retry path in\ntipc_sk_filter_connect() executes:\n\n delay %= (tsk-\u003econn_timeout / 4);\n\nIf conn_timeout is in the range [0, 3], the integer division yields 0,\nand the modulo operation triggers a divide-by-zero exception, causing a\nkernel oops/panic.\n\nFix this by clamping conn_timeout to a minimum of 4 at the point of use\nin tipc_sk_filter_connect().\n\nOops: divide error: 0000 [#1] SMP KASAN NOPTI\nCPU: 0 UID: 0 PID: 119 Comm: poc-F144 Not tainted 7.0.0-rc2+\nRIP: 0010:tipc_sk_filter_rcv (net/tipc/socket.c:2236 net/tipc/socket.c:2362)\nCall Trace:\n tipc_sk_backlog_rcv (include/linux/instrumented.h:82 include/linux/atomic/atomic-instrumented.h:32 include/net/sock.h:2357 net/tipc/socket.c:2406)\n __release_sock (include/net/sock.h:1185 net/core/sock.c:3213)\n release_sock (net/core/sock.c:3797)\n tipc_connect (net/tipc/socket.c:2570)\n __sys_connect (include/linux/file.h:62 include/linux/file.h:83 net/socket.c:2098)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43411",
"url": "https://www.suse.com/security/cve/CVE-2026-43411"
},
{
"category": "external",
"summary": "SUSE Bug 1264672 for CVE-2026-43411",
"url": "https://bugzilla.suse.com/1264672"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43411"
},
{
"cve": "CVE-2026-43413",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43413"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: hisi_sas: Fix NULL pointer exception during user_scan()\n\nuser_scan() invokes updated sas_user_scan() for channel 0, and if\nsuccessful, iteratively scans remaining channels (1 to shost-\u003emax_channel)\nvia scsi_scan_host_selected() in commit 37c4e72b0651 (\"scsi: Fix\nsas_user_scan() to handle wildcard and multi-channel scans\"). However,\nhisi_sas supports only one channel, and the current value of max_channel is\n1. sas_user_scan() for channel 1 will trigger the following NULL pointer\nexception:\n\n[ 441.554662] Unable to handle kernel NULL pointer dereference at virtual address 00000000000008b0\n[ 441.554699] Mem abort info:\n[ 441.554710] ESR = 0x0000000096000004\n[ 441.554718] EC = 0x25: DABT (current EL), IL = 32 bits\n[ 441.554723] SET = 0, FnV = 0\n[ 441.554726] EA = 0, S1PTW = 0\n[ 441.554730] FSC = 0x04: level 0 translation fault\n[ 441.554735] Data abort info:\n[ 441.554737] ISV = 0, ISS = 0x00000004, ISS2 = 0x00000000\n[ 441.554742] CM = 0, WnR = 0, TnD = 0, TagAccess = 0\n[ 441.554747] GCS = 0, Overlay = 0, DirtyBit = 0, Xs = 0\n[ 441.554752] user pgtable: 4k pages, 48-bit VAs, pgdp=00000828377a6000\n[ 441.554757] [00000000000008b0] pgd=0000000000000000, p4d=0000000000000000\n[ 441.554769] Internal error: Oops: 0000000096000004 [#1] SMP\n[ 441.629589] Modules linked in: arm_spe_pmu arm_smmuv3_pmu tpm_tis_spi hisi_uncore_sllc_pmu hisi_uncore_pa_pmu hisi_uncore_l3c_pmu hisi_uncore_hha_pmu hisi_uncore_ddrc_pmu hisi_uncore_cpa_pmu hns3_pmu hisi_ptt hisi_pcie_pmu tpm_tis_core spidev spi_hisi_sfc_v3xx hisi_uncore_pmu spi_dw_mmio fuse hclge hclge_common hisi_sec2 hisi_hpre hisi_zip hisi_qm hns3 hisi_sas_v3_hw sm3_ce sbsa_gwdt hnae3 hisi_sas_main uacce hisi_dma i2c_hisi dm_mirror dm_region_hash dm_log dm_mod\n[ 441.670819] CPU: 46 UID: 0 PID: 6994 Comm: bash Kdump: loaded Not tainted 7.0.0-rc2+ #84 PREEMPT\n[ 441.691327] pstate: 81400009 (Nzcv daif +PAN -UAO -TCO +DIT -SSBS BTYPE=--)\n[ 441.698277] pc : sas_find_dev_by_rphy+0x44/0x118\n[ 441.702896] lr : sas_find_dev_by_rphy+0x3c/0x118\n[ 441.707502] sp : ffff80009abbba40\n[ 441.710805] x29: ffff80009abbba40 x28: ffff082819a40008 x27: ffff082810c37c08\n[ 441.717930] x26: ffff082810c37c28 x25: ffff082819a40290 x24: ffff082810c37c00\n[ 441.725054] x23: 0000000000000000 x22: 0000000000000001 x21: ffff082819a40000\n[ 441.732179] x20: ffff082819a40290 x19: 0000000000000000 x18: 0000000000000020\n[ 441.739304] x17: 0000000000000000 x16: ffffb5dad6bda690 x15: 00000000ffffffff\n[ 441.746428] x14: ffff082814c3b26c x13: 00000000ffffffff x12: ffff082814c3b26a\n[ 441.753553] x11: 00000000000000c0 x10: 000000000000003a x9 : ffffb5dad5ea94f4\n[ 441.760678] x8 : 000000000000003a x7 : ffff80009abbbab0 x6 : 0000000000000030\n[ 441.767802] x5 : 0000000000000000 x4 : 0000000000000000 x3 : 0000000000000000\n[ 441.774926] x2 : ffff08280f35a300 x1 : ffffb5dad7127180 x0 : 0000000000000000\n[ 441.782053] Call trace:\n[ 441.784488] sas_find_dev_by_rphy+0x44/0x118 (P)\n[ 441.789095] sas_target_alloc+0x24/0xb0\n[ 441.792920] scsi_alloc_target+0x290/0x330\n[ 441.797010] __scsi_scan_target+0x88/0x258\n[ 441.801096] scsi_scan_channel+0x74/0xb8\n[ 441.805008] scsi_scan_host_selected+0x170/0x188\n[ 441.809615] sas_user_scan+0xfc/0x148\n[ 441.813267] store_scan+0x10c/0x180\n[ 441.816743] dev_attr_store+0x20/0x40\n[ 441.820398] sysfs_kf_write+0x84/0xa8\n[ 441.824054] kernfs_fop_write_iter+0x130/0x1c8\n[ 441.828487] vfs_write+0x2c0/0x370\n[ 441.831880] ksys_write+0x74/0x118\n[ 441.835271] __arm64_sys_write+0x24/0x38\n[ 441.839182] invoke_syscall+0x50/0x120\n[ 441.842919] el0_svc_common.constprop.0+0xc8/0xf0\n[ 441.847611] do_el0_svc+0x24/0x38\n[ 441.850913] el0_svc+0x38/0x158\n[ 441.854043] el0t_64_sync_handler+0xa0/0xe8\n[ 441.858214] el0t_64_sync+0x1ac/0x1b0\n[ 441.861865] Code: aa1303e0 97ff70a8 34ffff80 d10a4273 (f9445a75)\n[ 441.867946] ---[ end trace 0000000000000000 ]---\n\nTherefore\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43413",
"url": "https://www.suse.com/security/cve/CVE-2026-43413"
},
{
"category": "external",
"summary": "SUSE Bug 1264671 for CVE-2026-43413",
"url": "https://bugzilla.suse.com/1264671"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43413"
},
{
"cve": "CVE-2026-43414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nscsi: qla2xxx: Completely fix fcport double free\n\nIn qla24xx_els_dcmd_iocb() sp-\u003efree is set to qla2x00_els_dcmd_sp_free().\nWhen an error happens, this function is called by qla2x00_sp_release(),\nwhen kref_put() releases the first and the last reference.\n\nqla2x00_els_dcmd_sp_free() frees fcport by calling qla2x00_free_fcport().\nDoing it one more time after kref_put() is a bad idea.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43414",
"url": "https://www.suse.com/security/cve/CVE-2026-43414"
},
{
"category": "external",
"summary": "SUSE Bug 1264669 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264669"
},
{
"category": "external",
"summary": "SUSE Bug 1264670 for CVE-2026-43414",
"url": "https://bugzilla.suse.com/1264670"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43414"
},
{
"cve": "CVE-2026-43455",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43455"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nmctp: route: hold key-\u003elock in mctp_flow_prepare_output()\n\nmctp_flow_prepare_output() checks key-\u003edev and may call\nmctp_dev_set_key(), but it does not hold key-\u003elock while doing so.\n\nmctp_dev_set_key() and mctp_dev_release_key() are annotated with\n__must_hold(\u0026key-\u003elock), so key-\u003edev access is intended to be\nserialized by key-\u003elock. The mctp_sendmsg() transmit path reaches\nmctp_flow_prepare_output() via mctp_local_output() -\u003e mctp_dst_output()\nwithout holding key-\u003elock, so the check-and-set sequence is racy.\n\nExample interleaving:\n\n CPU0 CPU1\n ---- ----\n mctp_flow_prepare_output(key, devA)\n if (!key-\u003edev) // sees NULL\n mctp_flow_prepare_output(\n key, devB)\n if (!key-\u003edev) // still NULL\n mctp_dev_set_key(devB, key)\n mctp_dev_hold(devB)\n key-\u003edev = devB\n mctp_dev_set_key(devA, key)\n mctp_dev_hold(devA)\n key-\u003edev = devA // overwrites devB\n\nNow both devA and devB references were acquired, but only the final\nkey-\u003edev value is tracked for release. One reference can be lost,\ncausing a resource leak as mctp_dev_release_key() would only decrease\nthe reference on one dev.\n\nFix by taking key-\u003elock around the key-\u003edev check and\nmctp_dev_set_key() call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43455",
"url": "https://www.suse.com/security/cve/CVE-2026-43455"
},
{
"category": "external",
"summary": "SUSE Bug 1264765 for CVE-2026-43455",
"url": "https://bugzilla.suse.com/1264765"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43455"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43470",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43470"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfs: return EISDIR on nfs3_proc_create if d_alias is a dir\n\nIf we found an alias through nfs3_do_create/nfs_add_or_obtain\n/d_splice_alias which happens to be a dir dentry, we don\u0027t return\nany error, and simply forget about this alias, but the original\ndentry we were adding and passed as parameter remains negative.\n\nThis later causes an oops on nfs_atomic_open_v23/finish_open since we\nsupply a negative dentry to do_dentry_open.\n\nThis has been observed running lustre-racer, where dirs and files are\ncreated/removed concurrently with the same name and O_EXCL is not\nused to open files (frequent file redirection).\n\nWhile d_splice_alias typically returns a directory alias or NULL, we\nexplicitly check d_is_dir() to ensure that we don\u0027t attempt to perform\nfile operations (like finish_open) on a directory inode, which triggers\nthe observed oops.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43470",
"url": "https://www.suse.com/security/cve/CVE-2026-43470"
},
{
"category": "external",
"summary": "SUSE Bug 1265128 for CVE-2026-43470",
"url": "https://bugzilla.suse.com/1265128"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43470"
},
{
"cve": "CVE-2026-43483",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43483"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SVM: Set/clear CR8 write interception when AVIC is (de)activated\n\nExplicitly set/clear CR8 write interception when AVIC is (de)activated to\nfix a bug where KVM leaves the interception enabled after AVIC is\nactivated. E.g. if KVM emulates INIT=\u003eWFS while AVIC is deactivated, CR8\nwill remain intercepted in perpetuity.\n\nOn its own, the dangling CR8 intercept is \"just\" a performance issue, but\ncombined with the TPR sync bug fixed by commit d02e48830e3f (\"KVM: SVM:\nSync TPR from LAPIC into VMCB::V_TPR even if AVIC is active\"), the danging\nintercept is fatal to Windows guests as the TPR seen by hardware gets\nwildly out of sync with reality.\n\nNote, VMX isn\u0027t affected by the bug as TPR_THRESHOLD is explicitly ignored\nwhen Virtual Interrupt Delivery is enabled, i.e. when APICv is active in\nKVM\u0027s world. I.e. there\u0027s no need to trigger update_cr8_intercept(), this\nis firmly an SVM implementation flaw/detail.\n\nWARN if KVM gets a CR8 write #VMEXIT while AVIC is active, as KVM should\nnever enter the guest with AVIC enabled and CR8 writes intercepted.\n\n[Squash fix to avic_deactivate_vmcb. - Paolo]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43483",
"url": "https://www.suse.com/security/cve/CVE-2026-43483"
},
{
"category": "external",
"summary": "SUSE Bug 1265240 for CVE-2026-43483",
"url": "https://bugzilla.suse.com/1265240"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43483"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-43499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrtmutex: Use waiter::task instead of current in remove_waiter()\n\nremove_waiter() is used by the slowlock paths, but it is also used for\nproxy-lock rollback in rt_mutex_start_proxy_lock() when invoked from\nfutex_requeue().\n\nIn the latter case waiter::task is not current, but remove_waiter()\noperates on current for the dequeue operation. That results in several\nproblems:\n\n 1) the rbtree dequeue happens without waiter::task::pi_lock being held\n\n 2) the waiter task\u0027s pi_blocked_on state is not cleared, which leaves a\n dangling pointer primed for UAF around.\n\n 3) rt_mutex_adjust_prio_chain() operates on the wrong top priority waiter\n task\n\nUse waiter::task instead of current in all related operations in\nremove_waiter() to cure those problems.\n\n[ tglx: Fixup rt_mutex_adjust_prio_chain(), add a comment and amend the\n \tchangelog ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43499",
"url": "https://www.suse.com/security/cve/CVE-2026-43499"
},
{
"category": "external",
"summary": "SUSE Bug 1266001 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266001"
},
{
"category": "external",
"summary": "SUSE Bug 1266014 for CVE-2026-43499",
"url": "https://bugzilla.suse.com/1266014"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43499"
},
{
"cve": "CVE-2026-43501",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43501"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: rpl: reserve mac_len headroom when recompressed SRH grows\n\nipv6_rpl_srh_rcv() decompresses an RFC 6554 Source Routing Header, swaps\nthe next segment into ipv6_hdr-\u003edaddr, recompresses, then pulls the old\nheader and pushes the new one plus the IPv6 header back. The\nrecompressed header can be larger than the received one when the swap\nreduces the common-prefix length the segments share with daddr (CmprI=0,\nCmprE\u003e0, seg[0][0] != daddr[0] gives the maximum +8 bytes).\n\npskb_expand_head() was gated on segments_left == 0, so on earlier\nsegments the push consumed unchecked headroom. Once skb_push() leaves\nfewer than skb-\u003emac_len bytes in front of data,\nskb_mac_header_rebuild()\u0027s call to:\n\n\tskb_set_mac_header(skb, -skb-\u003emac_len);\n\nwill store (data - head) - mac_len into the u16 mac_header field, which\nwraps to ~65530, and the following memmove() writes mac_len bytes ~64KiB\npast skb-\u003ehead.\n\nA single AF_INET6/SOCK_RAW/IPV6_HDRINCL packet over lo with a two\nsegment type-3 SRH (CmprI=0, CmprE=15) reaches headroom 8 after one\npass; KASAN reports a 14-byte OOB write in ipv6_rthdr_rcv.\n\nFix this by expanding the head whenever the remaining room is less than\nthe push size plus mac_len, and request that much extra so the rebuilt\nMAC header fits afterwards.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43501",
"url": "https://www.suse.com/security/cve/CVE-2026-43501"
},
{
"category": "external",
"summary": "SUSE Bug 1266009 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266009"
},
{
"category": "external",
"summary": "SUSE Bug 1266015 for CVE-2026-43501",
"url": "https://bugzilla.suse.com/1266015"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43501"
},
{
"cve": "CVE-2026-43503",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43503"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: propagate shared-frag marker through frag-transfer helpers\n\nTwo frag-transfer helpers (__pskb_copy_fclone() and skb_shift()) fail\nto propagate the SKBFL_SHARED_FRAG bit in skb_shinfo()-\u003eflags when\nmoving frags from source to destination. __pskb_copy_fclone() defers\nthe rest of the shinfo metadata to skb_copy_header() after copying\nfrag descriptors, but that helper only carries over gso_{size,segs,\ntype} and never touches skb_shinfo()-\u003eflags; skb_shift() moves frag\ndescriptors directly and leaves flags untouched. As a result, the\ndestination skb keeps a reference to the same externally-owned or\npage-cache-backed pages while reporting skb_has_shared_frag() as\nfalse.\n\nThe mismatch is harmful in any in-place writer that uses\nskb_has_shared_frag() to decide whether shared pages must be detoured\nthrough skb_cow_data(). ESP input is one such writer (esp4.c,\nesp6.c), and a single nft \u0027dup to \u003clocal\u003e\u0027 rule -- or any other\nnf_dup_ipv4() / xt_TEE caller -- is enough to land a pskb_copy()\u0027d\nskb in esp_input() with the marker stripped, letting an unprivileged\nuser write into the page cache of a root-owned read-only file via\nauthencesn-ESN stray writes.\n\nSet SKBFL_SHARED_FRAG on the destination whenever frag descriptors\nwere actually moved from the source. skb_copy() and skb_copy_expand()\nshare skb_copy_header() too but linearize all paged data into freshly\nallocated head storage and emerge with nr_frags == 0, so\nskb_has_shared_frag() returns false on its own; they need no change.\n\nThe same omission exists in skb_gro_receive() and skb_gro_receive_list().\nThe former moves the incoming skb\u0027s frag descriptors into the\naccumulator\u0027s last sub-skb via two paths (a direct frag-move loop and\nthe head_frag + memcpy path); the latter chains the incoming skb whole\nonto p\u0027s frag_list. Downstream skb_segment() reads only\nskb_shinfo(p)-\u003eflags, and skb_segment_list() reuses each sub-skb\u0027s\nshinfo as the nskb -- both p and lp must carry the marker.\n\nThe same omission also exists in tcp_clone_payload(), which builds an\nMTU probe skb by moving frag descriptors from skbs on sk_write_queue\ninto a freshly allocated nskb. The helper falls into the same family\nand warrants the same fix for consistency; no TCP TX-side in-place\nwriter is currently known to reach a user page through this gap, but\na future consumer depending on the marker would regress silently.\n\nThe same omission exists in skb_segment(): the per-iteration flag\nmerge takes only head_skb\u0027s flag, and the inner switch that rebinds\nfrag_skb to list_skb on head_skb-frags exhaustion does not fold the\nnew frag_skb\u0027s flag into nskb. Fold frag_skb\u0027s flag at both sites\nso segments drawing frags from frag_list members carry the marker.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43503",
"url": "https://www.suse.com/security/cve/CVE-2026-43503"
},
{
"category": "external",
"summary": "SUSE Bug 1265209 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265209"
},
{
"category": "external",
"summary": "SUSE Bug 1265960 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1265960"
},
{
"category": "external",
"summary": "SUSE Bug 1266229 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1266229"
},
{
"category": "external",
"summary": "SUSE Bug 1269878 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1269878"
},
{
"category": "external",
"summary": "SUSE Bug 1270098 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270098"
},
{
"category": "external",
"summary": "SUSE Bug 1270100 for CVE-2026-43503",
"url": "https://bugzilla.suse.com/1270100"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-43503"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45842",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45842"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: reject VJ receive packets on instances with no rstate array\n\nslhc_init() accepts rslots == 0 as a valid configuration, with the\ndocumented meaning of \u0027no receive compression\u0027. In that case the\nallocation loop in slhc_init() is skipped, so comp-\u003erstate stays\nNULL and comp-\u003erslot_limit stays 0 (from the kzalloc of struct\nslcompress).\n\nThe receive helpers do not defend against that configuration.\nslhc_uncompress() dereferences comp-\u003erstate[x] when the VJ header\ncarries an explicit connection ID, and slhc_remember() later assigns\ncs = \u0026comp-\u003erstate[...] after only comparing the packet\u0027s slot number\nto comp-\u003erslot_limit. Because rslot_limit is 0, slot 0 passes the\nrange check, and the code dereferences a NULL rstate.\n\nThe configuration is reachable in-tree through PPP. PPPIOCSMAXCID\nstores its argument in a signed int, and (val \u003e\u003e 16) uses arithmetic\nshift. Passing 0xffff0000 therefore sign-extends to -1, so val2 + 1\nis 0 and ppp_generic.c ends up calling slhc_init(0, 1). Because\n/dev/ppp open is gated by ns_capable(CAP_NET_ADMIN), the whole path\nis reachable from an unprivileged user namespace. Once the malformed\nVJ state is installed, any inbound VJ-compressed or VJ-uncompressed\nframe that selects slot 0 crashes the kernel in softirq context:\n\n Oops: general protection fault, probably for non-canonical\n address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n RIP: 0010:slhc_uncompress (drivers/net/slip/slhc.c:519)\n Call Trace:\n \u003cTASK\u003e\n ppp_receive_nonmp_frame (drivers/net/ppp/ppp_generic.c:2466)\n ppp_input (drivers/net/ppp/ppp_generic.c:2359)\n ppp_async_process (drivers/net/ppp/ppp_async.c:492)\n tasklet_action_common (kernel/softirq.c:926)\n handle_softirqs (kernel/softirq.c:623)\n run_ksoftirqd (kernel/softirq.c:1055)\n smpboot_thread_fn (kernel/smpboot.c:160)\n kthread (kernel/kthread.c:436)\n ret_from_fork (arch/x86/kernel/process.c:164)\n \u003c/TASK\u003e\n\nReject the receive side on such instances instead of touching rstate.\nslhc_uncompress() falls through to its existing \u0027bad\u0027 label, which\nbumps sls_i_error and enters the toss state. slhc_remember() mirrors\nthat with an explicit sls_i_error increment followed by slhc_toss();\nthe sls_i_runt counter is not used here because a missing rstate is\nan internal configuration state, not a runt packet.\n\nThe transmit path is unaffected: the only in-tree caller that picks\nrslots from userspace (ppp_generic.c) still supplies tslots \u003e= 1, and\nslip.c always calls slhc_init(16, 16), so comp-\u003etstate remains valid\nand slhc_compress() continues to work.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45842",
"url": "https://www.suse.com/security/cve/CVE-2026-45842"
},
{
"category": "external",
"summary": "SUSE Bug 1266400 for CVE-2026-45842",
"url": "https://bugzilla.suse.com/1266400"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45842"
},
{
"cve": "CVE-2026-45843",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45843"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nslip: bound decode() reads against the compressed packet length\n\nslhc_uncompress() parses a VJ-compressed TCP header by advancing a\npointer through the packet via decode() and pull16(). Neither helper\nbounds-checks against isize, and decode() masks its return with\n\u0026 0xffff so it can never return the -1 that callers test for -- those\nerror paths are dead code.\n\nA short compressed frame whose change byte requests optional fields\nlets decode() read past the end of the packet. The over-read bytes\nare folded into the cached cstate and reflected into subsequent\nreconstructed packets.\n\nMake decode() and pull16() take the packet end pointer and return -1\nwhen exhausted. Add a bounds check before the TCP-checksum read.\nThe existing == -1 tests now do what they were always meant to.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45843",
"url": "https://www.suse.com/security/cve/CVE-2026-45843"
},
{
"category": "external",
"summary": "SUSE Bug 1266395 for CVE-2026-45843",
"url": "https://bugzilla.suse.com/1266395"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45843"
},
{
"cve": "CVE-2026-45846",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45846"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbareudp: fix NULL pointer dereference in bareudp_fill_metadata_dst()\n\nbareudp_fill_metadata_dst() passes bareudp-\u003esock to\nudp_tunnel6_dst_lookup() in the IPv6 path without a NULL check.\nThe socket is only created in bareudp_open() and NULLed in\nbareudp_stop(), so calling this function while the device is down\ntriggers a NULL dereference via sock-\u003esk.\n\n BUG: kernel NULL pointer dereference, address: 0000000000000018\n RIP: 0010:udp_tunnel6_dst_lookup (net/ipv6/ip6_udp_tunnel.c:160)\n Call Trace:\n \u003cTASK\u003e\n bareudp_fill_metadata_dst (drivers/net/bareudp.c:532)\n do_execute_actions (net/openvswitch/actions.c:901)\n ovs_execute_actions (net/openvswitch/actions.c:1589)\n ovs_packet_cmd_execute (net/openvswitch/datapath.c:700)\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1114)\n genl_rcv_msg (net/netlink/genetlink.c:1209)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n \u003c/TASK\u003e\n\nAdd a NULL check returning -ESHUTDOWN, consistent with the xmit paths\nin the same driver.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45846",
"url": "https://www.suse.com/security/cve/CVE-2026-45846"
},
{
"category": "external",
"summary": "SUSE Bug 1266394 for CVE-2026-45846",
"url": "https://bugzilla.suse.com/1266394"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45846"
},
{
"cve": "CVE-2026-45852",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45852"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix double free in rxe_srq_from_init\n\nIn rxe_srq_from_init(), the queue pointer \u0027q\u0027 is assigned to\n\u0027srq-\u003erq.queue\u0027 before copying the SRQ number to user space.\nIf copy_to_user() fails, the function calls rxe_queue_cleanup()\nto free the queue, but leaves the now-invalid pointer in\n\u0027srq-\u003erq.queue\u0027.\n\nThe caller of rxe_srq_from_init() (rxe_create_srq) eventually\ncalls rxe_srq_cleanup() upon receiving the error, which triggers\na second rxe_queue_cleanup() on the same memory, leading to a\ndouble free.\n\nThe call trace looks like this:\n kmem_cache_free+0x.../0x...\n rxe_queue_cleanup+0x1a/0x30 [rdma_rxe]\n rxe_srq_cleanup+0x42/0x60 [rdma_rxe]\n rxe_elem_release+0x31/0x70 [rdma_rxe]\n rxe_create_srq+0x12b/0x1a0 [rdma_rxe]\n ib_create_srq_user+0x9a/0x150 [ib_core]\n\nFix this by moving \u0027srq-\u003erq.queue = q\u0027 after copy_to_user.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45852",
"url": "https://www.suse.com/security/cve/CVE-2026-45852"
},
{
"category": "external",
"summary": "SUSE Bug 1266711 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266711"
},
{
"category": "external",
"summary": "SUSE Bug 1266727 for CVE-2026-45852",
"url": "https://bugzilla.suse.com/1266727"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45852"
},
{
"cve": "CVE-2026-45856",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45856"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/uverbs: Validate wqe_size before using it in ib_uverbs_post_send\n\nib_uverbs_post_send() uses cmd.wqe_size from userspace without any\nvalidation before passing it to kmalloc() and using the allocated\nbuffer as struct ib_uverbs_send_wr.\n\nIf a user provides a small wqe_size value (e.g., 1), kmalloc() will\nsucceed, but subsequent accesses to user_wr-\u003eopcode, user_wr-\u003enum_sge,\nand other fields will read beyond the allocated buffer, resulting in\nan out-of-bounds read from kernel heap memory. This could potentially\nleak sensitive kernel information to userspace.\n\nAdditionally, providing an excessively large wqe_size can trigger a\nWARNING in the memory allocation path, as reported by syzkaller.\n\nThis is inconsistent with ib_uverbs_unmarshall_recv() which properly\nvalidates that wqe_size \u003e= sizeof(struct ib_uverbs_recv_wr) before\nproceeding.\n\nAdd the same validation for ib_uverbs_post_send() to ensure wqe_size\nis at least sizeof(struct ib_uverbs_send_wr).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45856",
"url": "https://www.suse.com/security/cve/CVE-2026-45856"
},
{
"category": "external",
"summary": "SUSE Bug 1266720 for CVE-2026-45856",
"url": "https://bugzilla.suse.com/1266720"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45856"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45878",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45878"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nThe address watch clear code receives watch_id as an unsigned value\n(u32), but some helper functions were using a signed int and checked\nbits by shifting with watch_id.\n\nIf a very large watch_id is passed from userspace, it can be converted\nto a negative value. This can cause invalid shifts and may access\nmemory outside the watch_points array.\n\ndrm/amdkfd: Fix watch_id bounds checking in debug address watch v2\n\nFix this by checking that watch_id is within MAX_WATCH_ADDRESSES before\nusing it. Also use BIT(watch_id) to test and clear bits safely.\n\nThis keeps the behavior unchanged for valid watch IDs and avoids\nundefined behavior for invalid ones.\n\nFixes the below:\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c:448\nkfd_dbg_trap_clear_dev_address_watch() error: buffer overflow\n\u0027pdd-\u003ewatch_points\u0027 4 \u003c= u32max user_rl=\u00270-3,2147483648-u32max\u0027 uncapped\n\ndrivers/gpu/drm/amd/amdgpu/../amdkfd/kfd_debug.c\n 433 int kfd_dbg_trap_clear_dev_address_watch(struct kfd_process_device *pdd,\n 434 uint32_t watch_id)\n 435 {\n 436 int r;\n 437\n 438 if (!kfd_dbg_owns_dev_watch_id(pdd, watch_id))\n\nkfd_dbg_owns_dev_watch_id() doesn\u0027t check for negative values so if\nwatch_id is larger than INT_MAX it leads to a buffer overflow.\n(Negative shifts are undefined).\n\n 439 return -EINVAL;\n 440\n 441 if (!pdd-\u003edev-\u003ekfd-\u003eshared_resources.enable_mes) {\n 442 r = debug_lock_and_unmap(pdd-\u003edev-\u003edqm);\n 443 if (r)\n 444 return r;\n 445 }\n 446\n 447 amdgpu_gfx_off_ctrl(pdd-\u003edev-\u003eadev, false);\n--\u003e 448 pdd-\u003ewatch_points[watch_id] = pdd-\u003edev-\u003ekfd2kgd-\u003eclear_address_watch(\n 449 pdd-\u003edev-\u003eadev,\n 450 watch_id);\n\nv2: (as per, Jonathan Kim)\n - Add early watch_id \u003e= MAX_WATCH_ADDRESSES validation in the set path to\n match the clear path.\n - Drop the redundant bounds check in kfd_dbg_owns_dev_watch_id().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45878",
"url": "https://www.suse.com/security/cve/CVE-2026-45878"
},
{
"category": "external",
"summary": "SUSE Bug 1266767 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266767"
},
{
"category": "external",
"summary": "SUSE Bug 1266768 for CVE-2026-45878",
"url": "https://bugzilla.suse.com/1266768"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45878"
},
{
"cve": "CVE-2026-45886",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45886"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix bpf_xdp_store_bytes proto for read-only arg\n\nWhile making some maps in Cilium read-only from the BPF side, we noticed\nthat the bpf_xdp_store_bytes proto is incorrect. In particular, the\nverifier was throwing the following error:\n\n ; ret = ctx_store_bytes(ctx, l3_off + offsetof(struct iphdr, saddr),\n \u0026nat-\u003eaddress, 4, 0);\n 635: (79) r1 = *(u64 *)(r10 -144) ; R1=ctx() R10=fp0 fp-144=ctx()\n 636: (b4) w2 = 26 ; R2=26\n 637: (b4) w4 = 4 ; R4=4\n 638: (b4) w5 = 0 ; R5=0\n 639: (85) call bpf_xdp_store_bytes#190\n write into map forbidden, value_size=6 off=0 size=4\n\nnat comes from a BPF_F_RDONLY_PROG map, so R3 is a PTR_TO_MAP_VALUE.\nThe verifier checks the helper\u0027s memory access to R3 in\ncheck_mem_size_reg, as it reaches ARG_CONST_SIZE argument. The third\nargument has expected type ARG_PTR_TO_UNINIT_MEM, which includes the\nMEM_WRITE flag. The verifier thus checks for a BPF_WRITE access on R3.\nGiven R3 points to a read-only map, the check fails.\n\nConversely, ARG_PTR_TO_UNINIT_MEM can also lead to the helper reading\nfrom uninitialized memory.\n\nThis patch simply fixes the expected argument type to match that of\nbpf_skb_store_bytes.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45886",
"url": "https://www.suse.com/security/cve/CVE-2026-45886"
},
{
"category": "external",
"summary": "SUSE Bug 1266810 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266810"
},
{
"category": "external",
"summary": "SUSE Bug 1266851 for CVE-2026-45886",
"url": "https://bugzilla.suse.com/1266851"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45886"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45910",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45910"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Fix race condition in QP timer handlers\n\nI encontered the following warning:\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:249 at rxe_sched_task+0x1c8/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n libsha1 [last unloaded: ip6_udp_tunnel]\n CPU: 0 UID: 0 PID: 0 Comm: swapper/0 Tainted: G C 6.19.0-rc5-64k-v8+ #37 PREEMPT\n Tainted: [C]=CRAP\n Hardware name: Raspberry Pi 4 Model B Rev 1.2\n Call trace:\n rxe_sched_task+0x1c8/0x238 [rdma_rxe] (P)\n retransmit_timer+0x130/0x188 [rdma_rxe]\n call_timer_fn+0x68/0x4d0\n __run_timers+0x630/0x888\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:38 at rxe_sched_task+0x1c0/0x238 [rdma_rxe], CPU#0: swapper/0/0\n...\n WARNING: drivers/infiniband/sw/rxe/rxe_task.c:111 at do_work+0x488/0x5c8 [rdma_rxe], CPU#3: kworker/u17:4/93400\n...\n refcount_t: underflow; use-after-free.\n WARNING: lib/refcount.c:28 at refcount_warn_saturate+0x138/0x1a0, CPU#3: kworker/u17:4/93400\n\nThe issue is caused by a race condition between retransmit_timer() and\nrxe_destroy_qp, leading to the Queue Pair\u0027s (QP) reference count dropping\nto zero during timer handler execution.\n\nIt seems this warning is harmless because rxe_qp_do_cleanup() will flush\nall pending timers and requests.\n\nExample of flow causing the issue:\n\nCPU0 CPU1\nretransmit_timer() {\n spin_lock_irqsave\n rxe_destroy_qp()\n __rxe_cleanup()\n __rxe_put() // qp-\u003eref_count decrease to 0\n rxe_qp_do_cleanup() {\n if (qp-\u003evalid) {\n rxe_sched_task() {\n WARN_ON(rxe_read(task-\u003eqp) \u003c= 0);\n }\n }\n spin_unlock_irqrestore\n}\n spin_lock_irqsave\n qp-\u003evalid = 0\n spin_unlock_irqrestore\n }\n\nEnsure the QP\u0027s reference count is maintained and its validity is checked\nwithin the timer callbacks by adding calls to rxe_get(qp) and corresponding\nrxe_put(qp) after use.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45910",
"url": "https://www.suse.com/security/cve/CVE-2026-45910"
},
{
"category": "external",
"summary": "SUSE Bug 1266889 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266889"
},
{
"category": "external",
"summary": "SUSE Bug 1266907 for CVE-2026-45910",
"url": "https://bugzilla.suse.com/1266907"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45910"
},
{
"cve": "CVE-2026-45932",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45932"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbpf: Fix tcx/netkit detach permissions when prog fd isn\u0027t given\n\nThis commit fixes a security issue where BPF_PROG_DETACH on tcx or\nnetkit devices could be executed by any user when no program fd was\nprovided, bypassing permission checks. The fix adds a capability\ncheck for CAP_NET_ADMIN or CAP_SYS_ADMIN in this case.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45932",
"url": "https://www.suse.com/security/cve/CVE-2026-45932"
},
{
"category": "external",
"summary": "SUSE Bug 1266827 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266827"
},
{
"category": "external",
"summary": "SUSE Bug 1266829 for CVE-2026-45932",
"url": "https://bugzilla.suse.com/1266829"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45932"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45970",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45970"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbonding: alb: fix UAF in rlb_arp_recv during bond up/down\n\nThe ALB RX path may access rx_hashtbl concurrently with bond\nteardown. During rapid bond up/down cycles, rlb_deinitialize()\nfrees rx_hashtbl while RX handlers are still running, leading\nto a null pointer dereference detected by KASAN.\n\nHowever, the root cause is that rlb_arp_recv() can still be accessed\nafter setting recv_probe to NULL, which is actually a use-after-free\n(UAF) issue. That is the reason for using the referenced commit in the\nFixes tag.\n\n[ 214.174138] Oops: general protection fault, probably for non-canonical address 0xdffffc000000001d: 0000 [#1] SMP KASAN PTI\n[ 214.186478] KASAN: null-ptr-deref in range [0x00000000000000e8-0x00000000000000ef]\n[ 214.194933] CPU: 30 UID: 0 PID: 2375 Comm: ping Kdump: loaded Not tainted 6.19.0-rc8+ #2 PREEMPT(voluntary)\n[ 214.205907] Hardware name: Dell Inc. PowerEdge R730/0WCJNT, BIOS 2.14.0 01/14/2022\n[ 214.214357] RIP: 0010:rlb_arp_recv+0x505/0xab0 [bonding]\n[ 214.220320] Code: 0f 85 2b 05 00 00 48 b8 00 00 00 00 00 fc ff df 40 0f b6 ed 48 c1 e5 06 49 03 ad 78 01 00 00 48 8d 7d 28 48 89 fa 48 c1 ea 03 \u003c0f\u003e b6\n 04 02 84 c0 74 06 0f 8e 12 05 00 00 80 7d 28 00 0f 84 8c 00\n[ 214.241280] RSP: 0018:ffffc900073d8870 EFLAGS: 00010206\n[ 214.247116] RAX: dffffc0000000000 RBX: ffff888168556822 RCX: ffff88816855681e\n[ 214.255082] RDX: 000000000000001d RSI: dffffc0000000000 RDI: 00000000000000e8\n[ 214.263048] RBP: 00000000000000c0 R08: 0000000000000002 R09: ffffed11192021c8\n[ 214.271013] R10: ffff8888c9010e43 R11: 0000000000000001 R12: 1ffff92000e7b119\n[ 214.278978] R13: ffff8888c9010e00 R14: ffff888168556822 R15: ffff888168556810\n[ 214.286943] FS: 00007f85d2d9cb80(0000) GS:ffff88886ccb3000(0000) knlGS:0000000000000000\n[ 214.295966] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 214.302380] CR2: 00007f0d047b5e34 CR3: 00000008a1c2e002 CR4: 00000000001726f0\n[ 214.310347] Call Trace:\n[ 214.313070] \u003cIRQ\u003e\n[ 214.315318] ? __pfx_rlb_arp_recv+0x10/0x10 [bonding]\n[ 214.320975] bond_handle_frame+0x166/0xb60 [bonding]\n[ 214.326537] ? __pfx_bond_handle_frame+0x10/0x10 [bonding]\n[ 214.332680] __netif_receive_skb_core.constprop.0+0x576/0x2710\n[ 214.339199] ? __pfx_arp_process+0x10/0x10\n[ 214.343775] ? sched_balance_find_src_group+0x98/0x630\n[ 214.349513] ? __pfx___netif_receive_skb_core.constprop.0+0x10/0x10\n[ 214.356513] ? arp_rcv+0x307/0x690\n[ 214.360311] ? __pfx_arp_rcv+0x10/0x10\n[ 214.364499] ? __lock_acquire+0x58c/0xbd0\n[ 214.368975] __netif_receive_skb_one_core+0xae/0x1b0\n[ 214.374518] ? __pfx___netif_receive_skb_one_core+0x10/0x10\n[ 214.380743] ? lock_acquire+0x10b/0x140\n[ 214.385026] process_backlog+0x3f1/0x13a0\n[ 214.389502] ? process_backlog+0x3aa/0x13a0\n[ 214.394174] __napi_poll.constprop.0+0x9f/0x370\n[ 214.399233] net_rx_action+0x8c1/0xe60\n[ 214.403423] ? __pfx_net_rx_action+0x10/0x10\n[ 214.408193] ? lock_acquire.part.0+0xbd/0x260\n[ 214.413058] ? sched_clock_cpu+0x6c/0x540\n[ 214.417540] ? mark_held_locks+0x40/0x70\n[ 214.421920] handle_softirqs+0x1fd/0x860\n[ 214.426302] ? __pfx_handle_softirqs+0x10/0x10\n[ 214.431264] ? __neigh_event_send+0x2d6/0xf50\n[ 214.436131] do_softirq+0xb1/0xf0\n[ 214.439830] \u003c/IRQ\u003e\n\nThe issue is reproducible by repeatedly running\nip link set bond0 up/down while receiving ARP messages, where\nrlb_arp_recv() can race with rlb_deinitialize() and dereference\na freed rx_hashtbl entry.\n\nFix this by setting recv_probe to NULL and then calling\nsynchronize_net() to wait for any concurrent RX processing to finish.\nThis ensures that no RX handler can access rx_hashtbl after it is freed\nin bond_alb_deinitialize().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45970",
"url": "https://www.suse.com/security/cve/CVE-2026-45970"
},
{
"category": "external",
"summary": "SUSE Bug 1267205 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267205"
},
{
"category": "external",
"summary": "SUSE Bug 1267206 for CVE-2026-45970",
"url": "https://bugzilla.suse.com/1267206"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45970"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-45983",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45983"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnfsd: never defer requests during idmap lookup\n\nDuring v4 request compound arg decoding, some ops (e.g. SETATTR)\ncan trigger idmap lookup upcalls. When those upcall responses get\ndelayed beyond the allowed time limit, cache_check() will mark the\nrequest for deferral and cause it to be dropped.\n\nThis prevents nfs4svc_encode_compoundres from being executed, and\nthus the session slot flag NFSD4_SLOT_INUSE never gets cleared.\nSubsequent client requests will fail with NFSERR_JUKEBOX, given\nthat the slot will be marked as in-use, making the SEQUENCE op\nfail.\n\nFix this by making sure that the RQ_USEDEFERRAL flag is always\nclear during nfs4svc_decode_compoundargs(), since no v4 request\nshould ever be deferred.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45983",
"url": "https://www.suse.com/security/cve/CVE-2026-45983"
},
{
"category": "external",
"summary": "SUSE Bug 1266697 for CVE-2026-45983",
"url": "https://bugzilla.suse.com/1266697"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-45983"
},
{
"cve": "CVE-2026-45984",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45984"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: Fix use-after-free in iomap inline data write path\n\nThe inline data buffer head (dibh) is being released prematurely in\ngfs2_iomap_begin() via release_metapath() while iomap-\u003einline_data\nstill points to dibh-\u003eb_data. This causes a use-after-free when\niomap_write_end_inline() later attempts to write to the inline data\narea.\n\nThe bug sequence:\n1. gfs2_iomap_begin() calls gfs2_meta_inode_buffer() to read inode\n metadata into dibh\n2. Sets iomap-\u003einline_data = dibh-\u003eb_data + sizeof(struct gfs2_dinode)\n3. Calls release_metapath() which calls brelse(dibh), dropping refcount\n to 0\n4. kswapd reclaims the page (~39ms later in the syzbot report)\n5. iomap_write_end_inline() tries to memcpy() to iomap-\u003einline_data\n6. KASAN detects use-after-free write to freed memory\n\nFix by storing dibh in iomap-\u003eprivate and incrementing its refcount\nwith get_bh() in gfs2_iomap_begin(). The buffer is then properly\nreleased in gfs2_iomap_end() after the inline write completes,\nensuring the page stays alive for the entire iomap operation.\n\nNote: A C reproducer is not available for this issue. The fix is based\non analysis of the KASAN report and code review showing the buffer head\nis freed before use.\n\n[agruenba: Take buffer head reference in gfs2_iomap_begin() to avoid\nleaks in gfs2_iomap_get() and gfs2_iomap_alloc().]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45984",
"url": "https://www.suse.com/security/cve/CVE-2026-45984"
},
{
"category": "external",
"summary": "SUSE Bug 1267214 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267214"
},
{
"category": "external",
"summary": "SUSE Bug 1267215 for CVE-2026-45984",
"url": "https://bugzilla.suse.com/1267215"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-45984"
},
{
"cve": "CVE-2026-46004",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46004"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: caiaq: Handle probe errors properly\n\nThe probe procedure of setup_card() in caiaq driver doesn\u0027t treat the\nerror cases gracefully, e.g. the error from snd_card_register() calls\nsnd_card_free() but continues. This would lead to a UAF for the\nfurther calls like snd_usb_caiaq_control_init(), as Berk suggested in\nanother patch in the link below.\n\nHowever, the problem is not only that; in general, this function drops\nthe all error handlings (as it\u0027s a void function) although its caller\ncan propagate an error to snd_probe(), which eventually calls\nsnd_card_free() as a proper error path. That said, we should treat\neach error case in setup_card(), and just return the error code\npromptly, which is then handled later as a fatal error in snd_probe().\n\nThis patch achieves it by changing the setup_card() to return an error\ncode. Also, the superfluous snd_card_free() call is removed, too.\n\nNote that card-\u003eprivate_free can be set still safely at returning an\nerror. All called functions in card_free() have checks of the\nunassigned resources or NULL checks.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46004",
"url": "https://www.suse.com/security/cve/CVE-2026-46004"
},
{
"category": "external",
"summary": "SUSE Bug 1267222 for CVE-2026-46004",
"url": "https://bugzilla.suse.com/1267222"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:P/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46004"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46021",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46021"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nthermal: core: Fix thermal zone governor cleanup issues\n\nIf thermal_zone_device_register_with_trips() fails after adding\na thermal governor to the thermal zone being registered, the\ngovernor is not removed from it as appropriate which may lead to\na memory leak.\n\nIn turn, thermal_zone_device_unregister() calls thermal_set_governor()\nwithout acquiring the thermal zone lock beforehand which may race with\na governor update via sysfs and may lead to a use-after-free in that\ncase.\n\nAddress these issues by adding two thermal_set_governor() calls, one to\nthermal_release() to remove the governor from the given thermal zone,\nand one to the thermal zone registration error path to cover failures\npreceding the thermal zone device registration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46021",
"url": "https://www.suse.com/security/cve/CVE-2026-46021"
},
{
"category": "external",
"summary": "SUSE Bug 1267220 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267220"
},
{
"category": "external",
"summary": "SUSE Bug 1267221 for CVE-2026-46021",
"url": "https://bugzilla.suse.com/1267221"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46021"
},
{
"cve": "CVE-2026-46024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()\n\nIf a message of type CEPH_MSG_AUTH_REPLY contains a zero value for both\nprotocol and result, this is currently not treated as an error. In case\nof ac-\u003enegotiating == true and ac-\u003eprotocol \u003e 0, this leads to setting\nac-\u003eprotocol = 0 and ac-\u003eops = NULL. Thereafter, the check for\nac-\u003eprotocol != protocol returns false, and init_protocol() is not\ncalled. Subsequently, ac-\u003eops-\u003ehandle_reply() is called, which leads to\na null pointer dereference, because ac-\u003eops is still NULL.\n\nThis patch changes the check for ac-\u003eprotocol != protocol to\n!ac-\u003eprotocol, as this also includes the case when the protocol was set\nto zero in the message. This causes the message to be treated as\ncontaining a bad auth protocol.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46024",
"url": "https://www.suse.com/security/cve/CVE-2026-46024"
},
{
"category": "external",
"summary": "SUSE Bug 1267218 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267218"
},
{
"category": "external",
"summary": "SUSE Bug 1267219 for CVE-2026-46024",
"url": "https://bugzilla.suse.com/1267219"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46024"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46043",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46043"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv\n\nrxe_rcv() currently checks only that the incoming packet is at least\nheader_size(pkt) bytes long before payload_size() is used.\n\nHowever, payload_size() subtracts both the attacker-controlled BTH pad\nfield and RXE_ICRC_SIZE from pkt-\u003epaylen:\n\n payload_size = pkt-\u003epaylen - offset[RXE_PAYLOAD] - bth_pad(pkt)\n - RXE_ICRC_SIZE\n\nThis means a short packet can still make payload_size() underflow even\nif it includes enough bytes for the fixed headers. Simply requiring\nheader_size(pkt) + RXE_ICRC_SIZE is not sufficient either, because a\npacket with a forged non-zero BTH pad can still leave payload_size()\nnegative and pass an underflowed value to later receive-path users.\n\nFix this by validating pkt-\u003epaylen against the full minimum length\nrequired by payload_size(): header_size(pkt) + bth_pad(pkt) +\nRXE_ICRC_SIZE.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46043",
"url": "https://www.suse.com/security/cve/CVE-2026-46043"
},
{
"category": "external",
"summary": "SUSE Bug 1266901 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266901"
},
{
"category": "external",
"summary": "SUSE Bug 1266902 for CVE-2026-46043",
"url": "https://bugzilla.suse.com/1266902"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.5,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46043"
},
{
"cve": "CVE-2026-46079",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46079"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nrbd: fix null-ptr-deref when device_add_disk() fails\n\ndo_rbd_add() publishes the device with device_add() before calling\ndevice_add_disk(). If device_add_disk() fails after device_add()\nsucceeds, the error path calls rbd_free_disk() directly and then later\nfalls through to rbd_dev_device_release(), which calls rbd_free_disk()\nagain. This double teardown can leave blk-mq cleanup operating on\ninvalid state and trigger a null-ptr-deref in\n__blk_mq_free_map_and_rqs(), reached from blk_mq_free_tag_set().\n\nFix this by following the normal remove ordering: call device_del()\nbefore rbd_dev_device_release() when device_add_disk() fails after\ndevice_add(). That keeps the teardown sequence consistent and avoids\nre-entering disk cleanup through the wrong path.\n\nThe bug was first flagged by an experimental analysis tool we are\ndeveloping for kernel memory-management bugs while analyzing\nv6.13-rc1. The tool is still under development and is not yet publicly\navailable.\n\nWe reproduced the bug on v7.0 with a real Ceph backend and a QEMU x86_64\nguest booted with KASAN and CONFIG_FAILSLAB enabled. The reproducer\nconfines failslab injections to the __add_disk() range and injects\nfail-nth while mapping an RBD image through\n/sys/bus/rbd/add_single_major.\n\nOn the unpatched kernel, fail-nth=4 reliably triggered the fault:\n\n\tOops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n\tKASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n\tCPU: 0 UID: 0 PID: 273 Comm: bash Not tainted 7.0.0-01247-gd60bc1401583 #6 PREEMPT(lazy)\n\tHardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS 1.15.0-1 04/01/2014\n\tRIP: 0010:__blk_mq_free_map_and_rqs+0x8c/0x240\n\tCode: 00 00 48 8b 6b 60 41 89 f4 49 c1 e4 03 4c 01 e5 45 85 ed 0f 85 0a 01 00 00 48 b8 00 00 00 00 00 fc ff df 48 89 e9 48 c1 e9 03 \u003c80\u003e 3c 01 00 0f 85 31 01 00 00 4c 8b 6d 00 4d 85 ed 0f 84 e2 00 00\n\tRSP: 0018:ff1100000ab0fac8 EFLAGS: 00000246\n\tRAX: dffffc0000000000 RBX: ff1100000c4806a0 RCX: 0000000000000000\n\tRDX: 0000000000000002 RSI: 0000000000000000 RDI: ff1100000c4806f4\n\tRBP: 0000000000000000 R08: 0000000000000001 R09: ffe21c000189001b\n\tR10: ff1100000c4800df R11: ff1100006cf37be0 R12: 0000000000000000\n\tR13: 0000000000000000 R14: ff1100000c480700 R15: ff1100000c480004\n\tFS: 00007f0fbe8fe740(0000) GS:ff110000e5851000(0000) knlGS:0000000000000000\n\tCS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n\tCR2: 00007fe53473b2e0 CR3: 0000000012eef000 CR4: 00000000007516f0\n\tPKRU: 55555554\n\tCall Trace:\n\t \u003cTASK\u003e\n\t blk_mq_free_tag_set+0x77/0x460\n\t do_rbd_add+0x1446/0x2b80\n\t ? __pfx_do_rbd_add+0x10/0x10\n\t ? lock_acquire+0x18c/0x300\n\t ? find_held_lock+0x2b/0x80\n\t ? sysfs_file_kobj+0xb6/0x1b0\n\t ? __pfx_sysfs_kf_write+0x10/0x10\n\t kernfs_fop_write_iter+0x2f4/0x4a0\n\t vfs_write+0x98e/0x1000\n\t ? expand_files+0x51f/0x850\n\t ? __pfx_vfs_write+0x10/0x10\n\t ksys_write+0xf2/0x1d0\n\t ? __pfx_ksys_write+0x10/0x10\n\t do_syscall_64+0x115/0x690\n\t entry_SYSCALL_64_after_hwframe+0x77/0x7f\n\tRIP: 0033:0x7f0fbea15907\n\tCode: 10 00 f7 d8 64 89 02 48 c7 c0 ff ff ff ff eb b7 0f 1f 00 f3 0f 1e fa 64 8b 04 25 18 00 00 00 85 c0 75 10 b8 01 00 00 00 0f 05 \u003c48\u003e 3d 00 f0 ff ff 77 51 c3 48 83 ec 28 48 89 54 24 18 48 89 74 24\n\tRSP: 002b:00007ffe22346ea8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001\n\tRAX: ffffffffffffffda RBX: 0000000000000058 RCX: 00007f0fbea15907\n\tRDX: 0000000000000058 RSI: 0000563ace6c0ef0 RDI: 0000000000000001\n\tRBP: 0000563ace6c0ef0 R08: 0000563ace6c0ef0 R09: 6b6435726d694141\n\tR10: 5250337279762f78 R11: 0000000000000246 R12: 0000000000000058\n\tR13: 00007f0fbeb1c780 R14: ff1100000c480700 R15: ff1100000c480004\n\t \u003c/TASK\u003e\n\nWith this fix applied, rerunning the reproducer over fail-nth=1..256\nyields no KASAN reports.\n\n[ idryomov: rename err_out_device_del -\u003e err_out_device ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46079",
"url": "https://www.suse.com/security/cve/CVE-2026-46079"
},
{
"category": "external",
"summary": "SUSE Bug 1266452 for CVE-2026-46079",
"url": "https://bugzilla.suse.com/1266452"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46079"
},
{
"cve": "CVE-2026-46083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nspi: fix resource leaks on device setup failure\n\nMake sure to call controller cleanup() if spi_setup() fails while\nregistering a device to avoid leaking any resources allocated by\nsetup().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46083",
"url": "https://www.suse.com/security/cve/CVE-2026-46083"
},
{
"category": "external",
"summary": "SUSE Bug 1266696 for CVE-2026-46083",
"url": "https://bugzilla.suse.com/1266696"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46083"
},
{
"cve": "CVE-2026-46090",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46090"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: aloop: Fix peer runtime UAF during format-change stop\n\nloopback_check_format() may stop the capture side when playback starts\nwith parameters that no longer match a running capture stream. Commit\n826af7fa62e3 (\"ALSA: aloop: Fix racy access at PCM trigger\") moved\nthe peer lookup under cable-\u003elock, but the actual snd_pcm_stop() still\nruns after dropping that lock.\n\nA concurrent close can clear the capture entry from cable-\u003estreams[] and\ndetach or free its runtime while the playback trigger path still holds a\nstale peer substream pointer.\n\nKeep a per-cable count of in-flight peer stops before dropping\ncable-\u003elock, and make free_cable() wait for those stops before\ndetaching the runtime. This preserves the existing behavior while\nmaking the peer runtime lifetime explicit.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46090",
"url": "https://www.suse.com/security/cve/CVE-2026-46090"
},
{
"category": "external",
"summary": "SUSE Bug 1267531 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267531"
},
{
"category": "external",
"summary": "SUSE Bug 1267895 for CVE-2026-46090",
"url": "https://bugzilla.suse.com/1267895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46090"
},
{
"cve": "CVE-2026-46094",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46094"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: fix bounds check in check_xattrs() to prevent out-of-bounds access\n\nThe bounds check for the next xattr entry in check_xattrs() uses\n(void *)next \u003e= end, which allows next to point within sizeof(u32)\nbytes of end. On the next loop iteration, IS_LAST_ENTRY() reads 4\nbytes via *(__u32 *)(entry), which can overrun the valid xattr region.\n\nFor example, if next lands at end - 1, the check passes since\nnext \u003c end, but IS_LAST_ENTRY() reads 4 bytes starting at end - 1,\naccessing 3 bytes beyond the valid region.\n\nFix this by changing the check to (void *)next + sizeof(u32) \u003e end,\nensuring there is always enough space for the IS_LAST_ENTRY() read\non the subsequent iteration.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46094",
"url": "https://www.suse.com/security/cve/CVE-2026-46094"
},
{
"category": "external",
"summary": "SUSE Bug 1266927 for CVE-2026-46094",
"url": "https://bugzilla.suse.com/1266927"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46094"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46110",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46110"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: Prevent NULL deref when RX memory exhausted\n\nThe CPU receives frames from the MAC through conventional DMA: the CPU\nallocates buffers for the MAC, then the MAC fills them and returns\nownership to the CPU. For each hardware RX queue, the CPU and MAC\ncoordinate through a shared ring array of DMA descriptors: one\ndescriptor per DMA buffer. Each descriptor includes the buffer\u0027s\nphysical address and a status flag (\"OWN\") indicating which side owns\nthe buffer: OWN=0 for CPU, OWN=1 for MAC. The CPU is only allowed to set\nthe flag and the MAC is only allowed to clear it, and both must move\nthrough the ring in sequence: thus the ring is used for both\n\"submissions\" and \"completions.\"\n\nIn the stmmac driver, stmmac_rx() bookmarks its position in the ring\nwith the `cur_rx` index. The main receive loop in that function checks\nfor rx_descs[cur_rx].own=0, gives the corresponding buffer to the\nnetwork stack (NULLing the pointer), and increments `cur_rx` modulo the\nring size. After the loop exits, stmmac_rx_refill(), which bookmarks its\nposition with `dirty_rx`, allocates fresh buffers and rearms the\ndescriptors (setting OWN=1). If it fails any allocation, it simply stops\nearly (leaving OWN=0) and will retry where it left off when next called.\n\nThis means descriptors have a three-stage lifecycle (terms my own):\n- `empty` (OWN=1, buffer valid)\n- `full` (OWN=0, buffer valid and populated)\n- `dirty` (OWN=0, buffer NULL)\n\nBut because stmmac_rx() only checks OWN, it confuses `full`/`dirty`. In\nthe past (see \u0027Fixes:\u0027), there was a bug where the loop could cycle\n`cur_rx` all the way back to the first descriptor it dirtied, resulting\nin a NULL dereference when mistaken for `full`. The aforementioned\ncommit resolved that *specific* failure by capping the loop\u0027s iteration\nlimit at `dma_rx_size - 1`, but this is only a partial fix: if the\nprevious stmmac_rx_refill() didn\u0027t complete, then there are leftover\n`dirty` descriptors that the loop might encounter without needing to\ncycle fully around. The current code therefore panics (see \u0027Closes:\u0027)\nwhen stmmac_rx_refill() is memory-starved long enough for `cur_rx` to\ncatch up to `dirty_rx`.\n\nFix this by explicitly checking, before advancing `cur_rx`, if the next\nentry is dirty; exit the loop if so. This prevents processing of the\nfinal, used descriptor until stmmac_rx_refill() succeeds, but\nfully prevents the `cur_rx == dirty_rx` ambiguity as the previous bugfix\nintended: so remove the clamp as well. Since stmmac_rx_zc() is a\ncopy-paste-and-tweak of stmmac_rx() and the code structure is identical,\nany fix to stmmac_rx() will also need a corresponding fix for\nstmmac_rx_zc(). Therefore, apply the same check there.\n\nIn stmmac_rx() (not stmmac_rx_zc()), a related bug remains: after the\nMAC sets OWN=0 on the final descriptor, it will be unable to send any\nfurther DMA-complete IRQs until it\u0027s given more `empty` descriptors.\nCurrently, the driver simply *hopes* that the next stmmac_rx_refill()\nsucceeds, risking an indefinite stall of the receive process if not. But\nthis is not a regression, so it can be addressed in a future change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46110",
"url": "https://www.suse.com/security/cve/CVE-2026-46110"
},
{
"category": "external",
"summary": "SUSE Bug 1266759 for CVE-2026-46110",
"url": "https://bugzilla.suse.com/1266759"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46110"
},
{
"cve": "CVE-2026-46111",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46111"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_conn: fix potential UAF in create_big_sync\n\nAdd hci_conn_valid() check in create_big_sync() to detect stale\nconnections before proceeding with BIG creation. Handle the\nresulting -ECANCELED in create_big_complete() and re-validate the\nconnection under hci_dev_lock() before dereferencing, matching the\npattern used by create_le_conn_complete() and create_pa_complete().\n\nKeep the hci_conn object alive across the async boundary by taking\na reference via hci_conn_get() when queueing create_big_sync(), and\ndropping it in the completion callback. The refcount and the lock\nare complementary: the refcount keeps the object allocated, while\nhci_dev_lock() serializes hci_conn_hash_del()\u0027s list_del_rcu() on\nhdev-\u003econn_hash, as required by hci_conn_del().\n\nhci_conn_put() is called outside hci_dev_unlock() so the final put\n(which resolves to kfree() via bt_link_release) does not run under\nhdev-\u003elock, though the release path would be safe either way.\n\nWithout this, create_big_complete() would unconditionally\ndereference the conn pointer on error, causing a use-after-free\nvia hci_connect_cfm() and hci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46111",
"url": "https://www.suse.com/security/cve/CVE-2026-46111"
},
{
"category": "external",
"summary": "SUSE Bug 1267626 for CVE-2026-46111",
"url": "https://bugzilla.suse.com/1267626"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46111"
},
{
"cve": "CVE-2026-46113",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46113"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: x86: Fix shadow paging use-after-free due to unexpected GFN\n\nThe shadow MMU computes GFNs for direct shadow pages using sp-\u003egfn plus\nthe SPTE index. This assumption breaks for shadow paging if the guest\npage tables are modified between VM entries (similar to commit\naad885e77496, \"KVM: x86/mmu: Drop/zap existing present SPTE even\nwhen creating an MMIO SPTE\", 2026-03-27). The flow is as follows:\n\n- a PDE is installed for a 2MB mapping, and a page in that area is\n accessed. KVM creates a kvm_mmu_page consisting of 512 4KB pages;\n the kvm_mmu_page is marked by FNAME(fetch) as direct-mapped because\n the guest\u0027s mapping is a huge page (and thus contiguous).\n\n- the PDE mapping is changed from outside the guest.\n\n- the guest accesses another page in the same 2MB area. KVM installs\n a new leaf SPTE and rmap entry; the SPTE uses the \"correct\" GFN\n (i.e. based on the new mapping, as changed in the previous step) but\n that GFN is outside of the [sp-\u003egfn, sp-\u003egfn + 511] range; therefore\n the rmap entry cannot be found and removed when the kvm_mmu_page\n is zapped.\n\n- the memslot that covers the first 2MB mapping is deleted, and the\n kvm_mmu_page for the now-invalid GPA is zapped. However, rmap_remove()\n only looks at the [sp-\u003egfn, sp-\u003egfn + 511] range established in step 1,\n and fails to find the rmap entry that was recorded by step 3.\n\n- any operation that causes an rmap walk for the same page accessed\n by step 3 then walks a stale rmap and dereferences a freed kvm_mmu_page.\n This includes dirty logging or MMU notifier invalidations (e.g., from\n MADV_DONTNEED).\n\nThe underlying issue is that KVM\u0027s walking of shadow PTEs assumes that\nif a SPTE is present when KVM wants to install a non-leaf SPTE, then the\nexisting kvm_mmu_page must be for the correct gfn. Because the only way\nfor the gfn to be wrong is if KVM messed up and failed to zap a SPTE...\nwhich shouldn\u0027t happen, but *actually* only happens in response to a\nguest write.\n\nThat bug dates back literally forever, as even the first version of KVM\nassumes that the GFN matches and walks into the \"wrong\" shadow page.\nHowever, that was only an imprecision until 2032a93d66fa (\"KVM: MMU:\nDon\u0027t allocate gfns page for direct mmu pages\") came along.\n\nFix it by checking for a target gfn mismatch and zapping the existing\nSPTE. That way the old SP and rmap entries are gone, KVM installs\nthe rmap in the right location, and everyone is happy.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46113",
"url": "https://www.suse.com/security/cve/CVE-2026-46113"
},
{
"category": "external",
"summary": "SUSE Bug 1266969 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266969"
},
{
"category": "external",
"summary": "SUSE Bug 1266970 for CVE-2026-46113",
"url": "https://bugzilla.suse.com/1266970"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46113"
},
{
"cve": "CVE-2026-46114",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46114"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/rxe: Reject non-8-byte ATOMIC_WRITE payloads\n\natomic_write_reply() at drivers/infiniband/sw/rxe/rxe_resp.c\nunconditionally dereferences 8 bytes at payload_addr(pkt):\n\n value = *(u64 *)payload_addr(pkt);\n\ncheck_rkey() previously accepted an ATOMIC_WRITE request with pktlen ==\nresid == 0 because the length validation only compared pktlen against\nresid. A remote initiator that sets the RETH length to 0 therefore reaches\natomic_write_reply() with a zero-byte logical payload, and the responder\nreads sizeof(u64) bytes from past the logical end of the packet into\nskb-\u003ehead tailroom, then writes those 8 bytes into the attacker\u0027s MR via\nrxe_mr_do_atomic_write(). That is a remote disclosure of 4 bytes of kernel\ntailroom per probe (the other 4 bytes are the packet\u0027s own trailing ICRC).\n\nIBA oA19-28 defines ATOMIC_WRITE as exactly 8 bytes. Anything else is\nprotocol-invalid. Hoist a strict length check into check_rkey() so the\nresponder never reaches the unchecked dereference, and keep the existing\nWRITE-family length logic for the normal RDMA WRITE path.\n\nReproduced on mainline with an unmodified rxe driver: a sustained\nzero-length ATOMIC_WRITE probe repeatedly leaks adjacent skb head-buffer\nbytes into the attacker\u0027s MR, including recognisable kernel strings and\npartial kernel-direct-map pointer words. With this patch applied the\nresponder rejects the PDU and the MR stays all-zero.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46114",
"url": "https://www.suse.com/security/cve/CVE-2026-46114"
},
{
"category": "external",
"summary": "SUSE Bug 1266972 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266972"
},
{
"category": "external",
"summary": "SUSE Bug 1266973 for CVE-2026-46114",
"url": "https://bugzilla.suse.com/1266973"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46114"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46157",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46157"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger\n\nCurrently the runtime.oss.trigger field may be accessed concurrently\nwithout protection, which may lead to the data race. And, in this\ncase, it may lead to more severe problem because it\u0027s a bit field; as\nwriting the data, it may overwrite other bit fields as well, which\nconfuses the operation completely, as spotted by fuzzing.\n\nFix it by covering runtime.oss.trigger bit fled also with the existing\nparams_lock mutex in both snd_pcm_oss_get_trigger() and\nsnd_pcm_oss_poll().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46157",
"url": "https://www.suse.com/security/cve/CVE-2026-46157"
},
{
"category": "external",
"summary": "SUSE Bug 1267726 for CVE-2026-46157",
"url": "https://bugzilla.suse.com/1267726"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46157"
},
{
"cve": "CVE-2026-46159",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46159"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to info-leak\n\nbtrfs_ioctl_space_info() has a TOCTOU race between two passes over the\nblock group RAID type lists. The first pass counts entries to determine\nthe allocation size, then the second pass fills the buffer. The\ngroups_sem rwlock is released between passes, allowing concurrent block\ngroup removal to reduce the entry count.\n\nWhen the second pass fills fewer entries than the first pass counted,\ncopy_to_user() copies the full alloc_size bytes including trailing\nuninitialized kmalloc bytes to userspace.\n\nFix by copying only total_spaces entries (the actually-filled count from\nthe second pass) instead of alloc_size bytes, and switch to kzalloc so\nany future copy size mismatch cannot leak heap data.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46159",
"url": "https://www.suse.com/security/cve/CVE-2026-46159"
},
{
"category": "external",
"summary": "SUSE Bug 1267652 for CVE-2026-46159",
"url": "https://bugzilla.suse.com/1267652"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46159"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46176",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46176"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx5: Fix error path fall-through in mlx5_ib_dev_res_srq_init()\n\nmlx5_ib_dev_res_srq_init() allocates two SRQs, s0 and s1. When\nib_create_srq() fails for s1, the error branch destroys s0 but falls\nthrough and unconditionally assigns the freed s0 and the ERR_PTR s1 to\ndevr-\u003es0 and devr-\u003es1.\n\nThis leads to several problems: the lock-free fast path checks\n\"if (devr-\u003es1) return 0;\" and treats the ERR_PTR as already initialised;\nusers in mlx5_ib_create_qp() dereference the freed SRQ or ERR_PTR via\nto_msrq(devr-\u003es0)-\u003emsrq.srqn; and mlx5_ib_dev_res_cleanup() dereferences\nthe ERR_PTR and double-frees s0 on teardown.\n\nFix by adding the same `goto unlock` in the s1 failure path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46176",
"url": "https://www.suse.com/security/cve/CVE-2026-46176"
},
{
"category": "external",
"summary": "SUSE Bug 1266816 for CVE-2026-46176",
"url": "https://bugzilla.suse.com/1266816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46176"
},
{
"cve": "CVE-2026-46181",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46181"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event()\n\nSashiko points out the radix_tree itself is RCU safe, but nothing ever\nfrees the mlx4_srq struct with RCU, and it isn\u0027t even accessed within the\nRCU critical section. It also will crash if an event is delivered before\nthe srq object is finished initializing.\n\nUse the spinlock since it isn\u0027t easy to make RCU work, use\nrefcount_inc_not_zero() to protect against partially initialized objects,\nand order the refcount_set() to be after the srq is fully initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46181",
"url": "https://www.suse.com/security/cve/CVE-2026-46181"
},
{
"category": "external",
"summary": "SUSE Bug 1266826 for CVE-2026-46181",
"url": "https://bugzilla.suse.com/1266826"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46181"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46209",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46209"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/gem: Fix inconsistent plane dimension calculation in drm_gem_fb_init_with_funcs()\n\ndrm_gem_fb_init_with_funcs() computes sub-sampled plane dimensions\nusing plain integer division:\n\n unsigned int width = mode_cmd-\u003ewidth / (i ? info-\u003ehsub : 1);\n unsigned int height = mode_cmd-\u003eheight / (i ? info-\u003evsub : 1);\n\nHowever, the ioctl-level framebuffer_check() in drm_framebuffer.c uses\ndrm_format_info_plane_width/height() which round up dimensions via\nDIV_ROUND_UP(). This inconsistency corrupts the subsequent GEM object\nsize check for certain pixel format and dimension combinations.\n\nFor example, with NV12 (vsub=2) and a 1-pixel-tall framebuffer the\nGEM size validation path sees height=0 instead of height=1. The\nexpression (height - 1) then wraps to UINT_MAX as an unsigned int,\ncausing min_size to overflow and wrap back to a small value. A tiny\nGEM object therefore passes the size guard, yet when the GPU accesses\nthe chroma plane it will read or write memory beyond the object\u0027s\nbounds.\n\nFix by replacing the open-coded divisions with drm_format_info_plane_width()\nand drm_format_info_plane_height(), which use DIV_ROUND_UP() and match\nthe calculation already used in framebuffer_check().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46209",
"url": "https://www.suse.com/security/cve/CVE-2026-46209"
},
{
"category": "external",
"summary": "SUSE Bug 1267663 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267663"
},
{
"category": "external",
"summary": "SUSE Bug 1267891 for CVE-2026-46209",
"url": "https://bugzilla.suse.com/1267891"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46209"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-devel-rt-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-rt-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-rt-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-source-rt-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T17:41:36Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
SUSE-SU-2026:22436-1
Vulnerability from csaf_suse - Published: 2026-06-30 23:09 - Updated: 2026-06-30 23:09| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| Product | Identifier | Version | Remediation |
|---|---|---|---|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64 | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch | — |
Vendor Fix
|
|
| Unresolved product id: SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch | — |
Vendor Fix
|
| URL | Category |
|---|---|
| https://www.suse.com/support/security/rating/ | external |
| https://ftp.suse.com/pub/projects/security/csaf/s… | self |
| https://www.suse.com/support/update/announcement/… | self |
| https://lists.suse.com/pipermail/sle-updates/2026… | self |
| https://bugzilla.suse.com/1256668 | self |
| https://bugzilla.suse.com/1261256 | self |
| https://bugzilla.suse.com/1262085 | self |
| https://bugzilla.suse.com/1262392 | self |
| https://bugzilla.suse.com/1262617 | self |
| https://bugzilla.suse.com/1262620 | self |
| https://bugzilla.suse.com/1262674 | self |
| https://bugzilla.suse.com/1262748 | self |
| https://bugzilla.suse.com/1262798 | self |
| https://bugzilla.suse.com/1262993 | self |
| https://bugzilla.suse.com/1263123 | self |
| https://bugzilla.suse.com/1263137 | self |
| https://bugzilla.suse.com/1263178 | self |
| https://bugzilla.suse.com/1263563 | self |
| https://bugzilla.suse.com/1263568 | self |
| https://bugzilla.suse.com/1263578 | self |
| https://bugzilla.suse.com/1263879 | self |
| https://bugzilla.suse.com/1263880 | self |
| https://bugzilla.suse.com/1263930 | self |
| https://bugzilla.suse.com/1263934 | self |
| https://bugzilla.suse.com/1263993 | self |
| https://bugzilla.suse.com/1263996 | self |
| https://bugzilla.suse.com/1264045 | self |
| https://bugzilla.suse.com/1264076 | self |
| https://bugzilla.suse.com/1264080 | self |
| https://bugzilla.suse.com/1264084 | self |
| https://bugzilla.suse.com/1264116 | self |
| https://bugzilla.suse.com/1264137 | self |
| https://bugzilla.suse.com/1264145 | self |
| https://bugzilla.suse.com/1264239 | self |
| https://bugzilla.suse.com/1264263 | self |
| https://bugzilla.suse.com/1264266 | self |
| https://bugzilla.suse.com/1264437 | self |
| https://bugzilla.suse.com/1264444 | self |
| https://bugzilla.suse.com/1264470 | self |
| https://bugzilla.suse.com/1264549 | self |
| https://bugzilla.suse.com/1264561 | self |
| https://bugzilla.suse.com/1264595 | self |
| https://bugzilla.suse.com/1264603 | self |
| https://bugzilla.suse.com/1264610 | self |
| https://bugzilla.suse.com/1264741 | self |
| https://bugzilla.suse.com/1264763 | self |
| https://bugzilla.suse.com/1265103 | self |
| https://bugzilla.suse.com/1265143 | self |
| https://bugzilla.suse.com/1265628 | self |
| https://bugzilla.suse.com/1266290 | self |
| https://bugzilla.suse.com/1266390 | self |
| https://bugzilla.suse.com/1266397 | self |
| https://bugzilla.suse.com/1266698 | self |
| https://bugzilla.suse.com/1266704 | self |
| https://bugzilla.suse.com/1266705 | self |
| https://bugzilla.suse.com/1266878 | self |
| https://bugzilla.suse.com/1266895 | self |
| https://bugzilla.suse.com/1266903 | self |
| https://bugzilla.suse.com/1266916 | self |
| https://bugzilla.suse.com/1266922 | self |
| https://bugzilla.suse.com/1266933 | self |
| https://bugzilla.suse.com/1267208 | self |
| https://bugzilla.suse.com/1267361 | self |
| https://bugzilla.suse.com/1267381 | self |
| https://bugzilla.suse.com/1267387 | self |
| https://bugzilla.suse.com/1267431 | self |
| https://bugzilla.suse.com/1267621 | self |
| https://bugzilla.suse.com/1267624 | self |
| https://bugzilla.suse.com/1267628 | self |
| https://bugzilla.suse.com/1267640 | self |
| https://bugzilla.suse.com/1267651 | self |
| https://bugzilla.suse.com/1267654 | self |
| https://bugzilla.suse.com/1267682 | self |
| https://bugzilla.suse.com/1267685 | self |
| https://bugzilla.suse.com/1267697 | self |
| https://bugzilla.suse.com/1267744 | self |
| https://bugzilla.suse.com/1268307 | self |
| https://www.suse.com/security/cve/CVE-2025-10263/ | self |
| https://www.suse.com/security/cve/CVE-2025-68822/ | self |
| https://www.suse.com/security/cve/CVE-2026-31414/ | self |
| https://www.suse.com/security/cve/CVE-2026-31429/ | self |
| https://www.suse.com/security/cve/CVE-2026-31452/ | self |
| https://www.suse.com/security/cve/CVE-2026-31453/ | self |
| https://www.suse.com/security/cve/CVE-2026-31469/ | self |
| https://www.suse.com/security/cve/CVE-2026-31492/ | self |
| https://www.suse.com/security/cve/CVE-2026-31495/ | self |
| https://www.suse.com/security/cve/CVE-2026-31499/ | self |
| https://www.suse.com/security/cve/CVE-2026-31500/ | self |
| https://www.suse.com/security/cve/CVE-2026-31555/ | self |
| https://www.suse.com/security/cve/CVE-2026-31592/ | self |
| https://www.suse.com/security/cve/CVE-2026-31664/ | self |
| https://www.suse.com/security/cve/CVE-2026-31665/ | self |
| https://www.suse.com/security/cve/CVE-2026-31674/ | self |
| https://www.suse.com/security/cve/CVE-2026-31680/ | self |
| https://www.suse.com/security/cve/CVE-2026-31693/ | self |
| https://www.suse.com/security/cve/CVE-2026-31697/ | self |
| https://www.suse.com/security/cve/CVE-2026-31698/ | self |
| https://www.suse.com/security/cve/CVE-2026-31699/ | self |
| https://www.suse.com/security/cve/CVE-2026-31752/ | self |
| https://www.suse.com/security/cve/CVE-2026-31759/ | self |
| https://www.suse.com/security/cve/CVE-2026-31771/ | self |
| https://www.suse.com/security/cve/CVE-2026-43023/ | self |
| https://www.suse.com/security/cve/CVE-2026-43024/ | self |
| https://www.suse.com/security/cve/CVE-2026-43028/ | self |
| https://www.suse.com/security/cve/CVE-2026-43035/ | self |
| https://www.suse.com/security/cve/CVE-2026-43036/ | self |
| https://www.suse.com/security/cve/CVE-2026-43049/ | self |
| https://www.suse.com/security/cve/CVE-2026-43053/ | self |
| https://www.suse.com/security/cve/CVE-2026-43074/ | self |
| https://www.suse.com/security/cve/CVE-2026-43077/ | self |
| https://www.suse.com/security/cve/CVE-2026-43083/ | self |
| https://www.suse.com/security/cve/CVE-2026-43101/ | self |
| https://www.suse.com/security/cve/CVE-2026-43112/ | self |
| https://www.suse.com/security/cve/CVE-2026-43119/ | self |
| https://www.suse.com/security/cve/CVE-2026-43158/ | self |
| https://www.suse.com/security/cve/CVE-2026-43171/ | self |
| https://www.suse.com/security/cve/CVE-2026-43187/ | self |
| https://www.suse.com/security/cve/CVE-2026-43198/ | self |
| https://www.suse.com/security/cve/CVE-2026-43239/ | self |
| https://www.suse.com/security/cve/CVE-2026-43339/ | self |
| https://www.suse.com/security/cve/CVE-2026-43345/ | self |
| https://www.suse.com/security/cve/CVE-2026-43405/ | self |
| https://www.suse.com/security/cve/CVE-2026-43469/ | self |
| https://www.suse.com/security/cve/CVE-2026-43491/ | self |
| https://www.suse.com/security/cve/CVE-2026-45840/ | self |
| https://www.suse.com/security/cve/CVE-2026-45841/ | self |
| https://www.suse.com/security/cve/CVE-2026-45862/ | self |
| https://www.suse.com/security/cve/CVE-2026-45870/ | self |
| https://www.suse.com/security/cve/CVE-2026-45894/ | self |
| https://www.suse.com/security/cve/CVE-2026-45940/ | self |
| https://www.suse.com/security/cve/CVE-2026-45961/ | self |
| https://www.suse.com/security/cve/CVE-2026-45964/ | self |
| https://www.suse.com/security/cve/CVE-2026-45965/ | self |
| https://www.suse.com/security/cve/CVE-2026-45974/ | self |
| https://www.suse.com/security/cve/CVE-2026-46005/ | self |
| https://www.suse.com/security/cve/CVE-2026-46037/ | self |
| https://www.suse.com/security/cve/CVE-2026-46101/ | self |
| https://www.suse.com/security/cve/CVE-2026-46119/ | self |
| https://www.suse.com/security/cve/CVE-2026-46120/ | self |
| https://www.suse.com/security/cve/CVE-2026-46123/ | self |
| https://www.suse.com/security/cve/CVE-2026-46150/ | self |
| https://www.suse.com/security/cve/CVE-2026-46160/ | self |
| https://www.suse.com/security/cve/CVE-2026-46172/ | self |
| https://www.suse.com/security/cve/CVE-2026-46197/ | self |
| https://www.suse.com/security/cve/CVE-2026-46227/ | self |
| https://www.suse.com/security/cve/CVE-2026-46244/ | self |
| https://www.suse.com/security/cve/CVE-2026-46259/ | self |
| https://www.suse.com/security/cve/CVE-2026-46273/ | self |
| https://www.suse.com/security/cve/CVE-2025-10263 | external |
| https://bugzilla.suse.com/1266290 | external |
| https://bugzilla.suse.com/1266954 | external |
| https://bugzilla.suse.com/1270230 | external |
| https://www.suse.com/security/cve/CVE-2025-68822 | external |
| https://bugzilla.suse.com/1256668 | external |
| https://www.suse.com/security/cve/CVE-2026-31414 | external |
| https://bugzilla.suse.com/1262085 | external |
| https://www.suse.com/security/cve/CVE-2026-31429 | external |
| https://bugzilla.suse.com/1262392 | external |
| https://www.suse.com/security/cve/CVE-2026-31452 | external |
| https://bugzilla.suse.com/1262620 | external |
| https://www.suse.com/security/cve/CVE-2026-31453 | external |
| https://bugzilla.suse.com/1262617 | external |
| https://www.suse.com/security/cve/CVE-2026-31469 | external |
| https://bugzilla.suse.com/1267816 | external |
| https://www.suse.com/security/cve/CVE-2026-31492 | external |
| https://bugzilla.suse.com/1262748 | external |
| https://www.suse.com/security/cve/CVE-2026-31495 | external |
| https://bugzilla.suse.com/1262798 | external |
| https://www.suse.com/security/cve/CVE-2026-31499 | external |
| https://bugzilla.suse.com/1262674 | external |
| https://www.suse.com/security/cve/CVE-2026-31500 | external |
| https://bugzilla.suse.com/1262993 | external |
| https://bugzilla.suse.com/1262994 | external |
| https://www.suse.com/security/cve/CVE-2026-31555 | external |
| https://bugzilla.suse.com/1263178 | external |
| https://bugzilla.suse.com/1263179 | external |
| https://www.suse.com/security/cve/CVE-2026-31592 | external |
| https://bugzilla.suse.com/1263123 | external |
| https://www.suse.com/security/cve/CVE-2026-31664 | external |
| https://bugzilla.suse.com/1263578 | external |
| https://www.suse.com/security/cve/CVE-2026-31665 | external |
| https://bugzilla.suse.com/1263137 | external |
| https://www.suse.com/security/cve/CVE-2026-31674 | external |
| https://bugzilla.suse.com/1263568 | external |
| https://www.suse.com/security/cve/CVE-2026-31680 | external |
| https://bugzilla.suse.com/1263563 | external |
| https://www.suse.com/security/cve/CVE-2026-31693 | external |
| https://bugzilla.suse.com/1267744 | external |
| https://www.suse.com/security/cve/CVE-2026-31697 | external |
| https://bugzilla.suse.com/1264116 | external |
| https://bugzilla.suse.com/1264144 | external |
| https://www.suse.com/security/cve/CVE-2026-31698 | external |
| https://bugzilla.suse.com/1263880 | external |
| https://bugzilla.suse.com/1263929 | external |
| https://www.suse.com/security/cve/CVE-2026-31699 | external |
| https://bugzilla.suse.com/1263879 | external |
| https://bugzilla.suse.com/1263928 | external |
| https://www.suse.com/security/cve/CVE-2026-31752 | external |
| https://bugzilla.suse.com/1264045 | external |
| https://www.suse.com/security/cve/CVE-2026-31759 | external |
| https://bugzilla.suse.com/1264076 | external |
| https://bugzilla.suse.com/1264078 | external |
| https://www.suse.com/security/cve/CVE-2026-31771 | external |
| https://bugzilla.suse.com/1264145 | external |
| https://bugzilla.suse.com/1264146 | external |
| https://www.suse.com/security/cve/CVE-2026-43023 | external |
| https://bugzilla.suse.com/1264137 | external |
| https://bugzilla.suse.com/1264138 | external |
| https://www.suse.com/security/cve/CVE-2026-43024 | external |
| https://bugzilla.suse.com/1263930 | external |
| https://www.suse.com/security/cve/CVE-2026-43028 | external |
| https://bugzilla.suse.com/1263934 | external |
| https://www.suse.com/security/cve/CVE-2026-43035 | external |
| https://bugzilla.suse.com/1263996 | external |
| https://www.suse.com/security/cve/CVE-2026-43036 | external |
| https://bugzilla.suse.com/1263993 | external |
| https://www.suse.com/security/cve/CVE-2026-43049 | external |
| https://bugzilla.suse.com/1264080 | external |
| https://www.suse.com/security/cve/CVE-2026-43053 | external |
| https://bugzilla.suse.com/1264084 | external |
| https://www.suse.com/security/cve/CVE-2026-43074 | external |
| https://bugzilla.suse.com/1264263 | external |
| https://bugzilla.suse.com/1265307 | external |
| https://www.suse.com/security/cve/CVE-2026-43077 | external |
| https://bugzilla.suse.com/1264470 | external |
| https://bugzilla.suse.com/1265306 | external |
| https://www.suse.com/security/cve/CVE-2026-43083 | external |
| https://bugzilla.suse.com/1264266 | external |
| https://www.suse.com/security/cve/CVE-2026-43101 | external |
| https://bugzilla.suse.com/1264239 | external |
| https://www.suse.com/security/cve/CVE-2026-43112 | external |
| https://bugzilla.suse.com/1264437 | external |
| https://www.suse.com/security/cve/CVE-2026-43119 | external |
| https://bugzilla.suse.com/1264561 | external |
| https://www.suse.com/security/cve/CVE-2026-43158 | external |
| https://bugzilla.suse.com/1264595 | external |
| https://www.suse.com/security/cve/CVE-2026-43171 | external |
| https://bugzilla.suse.com/1264549 | external |
| https://www.suse.com/security/cve/CVE-2026-43187 | external |
| https://bugzilla.suse.com/1264603 | external |
| https://www.suse.com/security/cve/CVE-2026-43198 | external |
| https://bugzilla.suse.com/1264610 | external |
| https://bugzilla.suse.com/1264611 | external |
| https://www.suse.com/security/cve/CVE-2026-43239 | external |
| https://bugzilla.suse.com/1264444 | external |
| https://www.suse.com/security/cve/CVE-2026-43339 | external |
| https://bugzilla.suse.com/1264763 | external |
| https://www.suse.com/security/cve/CVE-2026-43345 | external |
| https://bugzilla.suse.com/1265103 | external |
| https://www.suse.com/security/cve/CVE-2026-43405 | external |
| https://bugzilla.suse.com/1264741 | external |
| https://www.suse.com/security/cve/CVE-2026-43469 | external |
| https://bugzilla.suse.com/1265143 | external |
| https://www.suse.com/security/cve/CVE-2026-43491 | external |
| https://bugzilla.suse.com/1265628 | external |
| https://www.suse.com/security/cve/CVE-2026-45840 | external |
| https://bugzilla.suse.com/1266397 | external |
| https://www.suse.com/security/cve/CVE-2026-45841 | external |
| https://bugzilla.suse.com/1266390 | external |
| https://www.suse.com/security/cve/CVE-2026-45862 | external |
| https://bugzilla.suse.com/1266705 | external |
| https://www.suse.com/security/cve/CVE-2026-45870 | external |
| https://bugzilla.suse.com/1266704 | external |
| https://www.suse.com/security/cve/CVE-2026-45894 | external |
| https://bugzilla.suse.com/1266895 | external |
| https://www.suse.com/security/cve/CVE-2026-45940 | external |
| https://bugzilla.suse.com/1266916 | external |
| https://www.suse.com/security/cve/CVE-2026-45961 | external |
| https://bugzilla.suse.com/1266933 | external |
| https://www.suse.com/security/cve/CVE-2026-45964 | external |
| https://bugzilla.suse.com/1266698 | external |
| https://www.suse.com/security/cve/CVE-2026-45965 | external |
| https://bugzilla.suse.com/1267208 | external |
| https://www.suse.com/security/cve/CVE-2026-45974 | external |
| https://bugzilla.suse.com/1266922 | external |
| https://www.suse.com/security/cve/CVE-2026-46005 | external |
| https://bugzilla.suse.com/1267431 | external |
| https://www.suse.com/security/cve/CVE-2026-46037 | external |
| https://bugzilla.suse.com/1267361 | external |
| https://bugzilla.suse.com/1267362 | external |
| https://www.suse.com/security/cve/CVE-2026-46101 | external |
| https://bugzilla.suse.com/1266878 | external |
| https://www.suse.com/security/cve/CVE-2026-46119 | external |
| https://bugzilla.suse.com/1267628 | external |
| https://bugzilla.suse.com/1267894 | external |
| https://www.suse.com/security/cve/CVE-2026-46120 | external |
| https://bugzilla.suse.com/1267640 | external |
| https://bugzilla.suse.com/1267893 | external |
| https://www.suse.com/security/cve/CVE-2026-46123 | external |
| https://bugzilla.suse.com/1267621 | external |
| https://bugzilla.suse.com/1267622 | external |
| https://www.suse.com/security/cve/CVE-2026-46150 | external |
| https://bugzilla.suse.com/1267387 | external |
| https://bugzilla.suse.com/1267388 | external |
| https://www.suse.com/security/cve/CVE-2026-46160 | external |
| https://bugzilla.suse.com/1267624 | external |
| https://www.suse.com/security/cve/CVE-2026-46172 | external |
| https://bugzilla.suse.com/1266903 | external |
| https://www.suse.com/security/cve/CVE-2026-46197 | external |
| https://bugzilla.suse.com/1267381 | external |
| https://bugzilla.suse.com/1267382 | external |
| https://www.suse.com/security/cve/CVE-2026-46227 | external |
| https://bugzilla.suse.com/1267697 | external |
| https://bugzilla.suse.com/1267698 | external |
| https://www.suse.com/security/cve/CVE-2026-46244 | external |
| https://bugzilla.suse.com/1267654 | external |
| https://www.suse.com/security/cve/CVE-2026-46259 | external |
| https://bugzilla.suse.com/1267685 | external |
| https://www.suse.com/security/cve/CVE-2026-46273 | external |
| https://bugzilla.suse.com/1267651 | external |
{
"document": {
"aggregate_severity": {
"namespace": "https://www.suse.com/support/security/rating/",
"text": "important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright 2024 SUSE LLC. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Security update for the Linux Kernel",
"title": "Title of the patch"
},
{
"category": "description",
"text": "\nThe SUSE Linux Enterprise Micro 6.0 and 6.1 kernel was updated to receive various security bugfixes.\n\n\nThe following security bugs were fixed:\n\n- CVE-2025-10263: arm64: errata: Mitigate TLBI errata on various Arm CPUs (bsc#1266290).\n- CVE-2025-68822: Input: alps - fix use-after-free bugs caused by dev3_register_work (bsc#1256668).\n- CVE-2026-31414: netfilter: nf_conntrack_expect: use expect-\u003ehelper (bsc#1262085).\n- CVE-2026-31429: net: skb: fix cross-cache free of KFENCE-allocated skb head (bsc#1262392).\n- CVE-2026-31452: ext4: convert inline data to extents when truncate exceeds inline size (bsc#1262620).\n- CVE-2026-31469: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n- CVE-2026-31492: RDMA/irdma: Initialize free_qp completion before using it (bsc#1262748).\n- CVE-2026-31495: netfilter: ctnetlink: use netlink policy range checks (bsc#1262798).\n- CVE-2026-31499: Bluetooth: L2CAP: Fix deadlock in l2cap_conn_del() (bsc#1262674).\n- CVE-2026-31500: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock (bsc#1262993).\n- CVE-2026-31555: futex: Clear stale exiting pointer in futex_lock_pi() retry path (bsc#1263178).\n- CVE-2026-31592: KVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock (bsc#1263123).\n- CVE-2026-31664: string.h: Introduce memset_after() for wiping trailing members/padding (bsc#1263578).\n- CVE-2026-31665: kABI: netfilter: nft_ct: fix use-after-free in timeout object destroy (bsc#1263137).\n- CVE-2026-31674: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() (bsc#1263568).\n- CVE-2026-31680: net: ipv6: flowlabel: defer exclusive option free until RCU teardown (bsc#1263563).\n- CVE-2026-31693: cifs: some missing initializations on replay (bsc#1267744).\n- CVE-2026-31697: crypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed (bsc#1264116).\n- CVE-2026-31698: crypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed (bsc#1263880).\n- CVE-2026-31699: crypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed (bsc#1263879).\n- CVE-2026-31752: bridge: br_nd_send: validate ND option lengths (bsc#1264045).\n- CVE-2026-31759: usb: ulpi: fix double free in ulpi_register_interface() error path (bsc#1264076).\n- CVE-2026-31771: Bluetooth: hci_event: move wake reason storage into validated event handlers (bsc#1264145).\n- CVE-2026-43023: Bluetooth: SCO: fix race conditions in sco_sock_connect() (bsc#1264137).\n- CVE-2026-43024: netfilter: nf_tables: reject immediate NF_QUEUE verdict (bsc#1263930).\n- CVE-2026-43028: netfilter: x_tables: ensure names are nul-terminated (bsc#1263934).\n- CVE-2026-43035: net: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak (bsc#1263996).\n- CVE-2026-43036: net: use skb_header_pointer() for TCPv4 GSO frag_off check (bsc#1263993).\n- CVE-2026-43049: HID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure (bsc#1264080).\n- CVE-2026-43053: xfs: close crash window in attr dabtree inactivation (bsc#1264084).\n- CVE-2026-43074: eventpoll: defer struct eventpoll free to RCU grace period (bsc#1264263).\n- CVE-2026-43077: crypto: algif_aead - Fix minimum RX size check for decryption (bsc#1264470).\n- CVE-2026-43083: net: ioam6: fix OOB and missing lock (bsc#1264266).\n- CVE-2026-43101: ipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data() (bsc#1264239).\n- CVE-2026-43112: fs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath (bsc#1264437).\n- CVE-2026-43119: Bluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status (bsc#1264561).\n- CVE-2026-43158: xfs: fix freemap adjustments when adding xattrs to leaf blocks (bsc#1264595).\n- CVE-2026-43171: EFI/CPER: do not dump the entire memory region (bsc#1264549).\n- CVE-2026-43187: xfs: delete attr leaf freemap entries when empty (bsc#1264603).\n- CVE-2026-43198: tcp: fix potential race in tcp_v6_syn_recv_sock() (bsc#1264610).\n- CVE-2026-43239: smb: client: prevent races in -\u003equery_interfaces() (bsc#1264444).\n- CVE-2026-43339: ipv6: prevent possible UaF in addrconf_permanent_addr() (bsc#1264763).\n- CVE-2026-43345: net: ipa: fix event ring index not programmed for IPA v5.0+ (bsc#1265103).\n- CVE-2026-43405: libceph: Use u32 for non-negative values in ceph_monmap_decode() (bsc#1264741).\n- CVE-2026-43469: xprtrdma: Decrement re_receiving on the early exit paths (bsc#1265143).\n- CVE-2026-43491: net: qrtr: ns: Limit the maximum server registration per node (bsc#1265628).\n- CVE-2026-45840: openvswitch: cap upcall PID array size and pre-size vport replies (bsc#1266397).\n- CVE-2026-45841: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO (bsc#1266390).\n- CVE-2026-45862: iommu/vt-d: Flush cache for PASID table before using it (bsc#1266705).\n- CVE-2026-45870: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths (bsc#1266704).\n- CVE-2026-45894: iommu/vt-d: Clear Present bit before tearing down PASID entry (bsc#1266895).\n- CVE-2026-45940: net: stmmac: fix oops when split header is enabled (bsc#1266916).\n- CVE-2026-45961: gfs2: fix memory leaks in gfs2_fill_super error path (bsc#1266933).\n- CVE-2026-45964: SUNRPC: fix gss_auth kref leak in gss_alloc_msg error path (bsc#1266698).\n- CVE-2026-45965: apparmor: fix invalid deref of rawdata when export_binary is unset (bsc#1267208).\n- CVE-2026-45974: btrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found (bsc#1266922).\n- CVE-2026-46005: xfs: fix a resource leak in xfs_alloc_buftarg() (bsc#1267431).\n- CVE-2026-46037: ipv4: icmp: validate reply type before using icmp_pointers (bsc#1267361).\n- CVE-2026-46101: netfilter: reject zero shift in nft_bitwise (bsc#1266878).\n- CVE-2026-46119: libceph: Fix slab-out-of-bounds access in auth message processing (bsc#1267628).\n- CVE-2026-46120: ip6_gre: Use cached t-\u003enet in ip6erspan_changelink() (bsc#1267640).\n- CVE-2026-46123: Bluetooth: virtio_bt: clamp rx length before skb_put (bsc#1267621).\n- CVE-2026-46150: fanotify: fix false positive on permission events (bsc#1267387).\n- CVE-2026-46160: btrfs: fix missing last_unlink_trans update when removing a directory (bsc#1267624).\n- CVE-2026-46172: ipv6: xfrm6: release dst on error in xfrm6_rcv_encap() (bsc#1266903).\n- CVE-2026-46197: drm/amdkfd: validate SVM ioctl nattr against buffer size (bsc#1267381).\n- CVE-2026-46227: sctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL (bsc#1267697).\n- CVE-2026-46244: netfilter: nft_inner: Fix IPv6 inner_thoff desync (bsc#1267654).\n- CVE-2026-46259: procfs: fix missing RCU protection when reading real_parent in do_task_stat() (bsc#1267685).\n- CVE-2026-46273: ibmveth: Disable GSO for packets with small MSS (bsc#1267651).\n\nThe following non-security bugs were fixed:\n\n- ACPI: CPPC: Suppress UBSAN warning caused by field misuse (git-fixes).\n- ACPI: IPMI: Fix message kref handling on dead device (git-fixes).\n- ACPI: NFIT: core: Fix possible NULL pointer dereference (git-fixes).\n- ALSA: aloop: Drop superfluous break (git-fixes).\n- ALSA: cmipci: check snd_ctl_new1() return value (git-fixes).\n- ALSA: core: Fix unintuitive behavior of snd_power_ref_and_wait() (git-fixes).\n- ALSA: es1938: check snd_ctl_new1() return value (git-fixes).\n- ALSA: gus: check snd_ctl_new1() return value (git-fixes).\n- ALSA: ice1712: check snd_ctl_new1() return value (git-fixes).\n- ALSA: seq: Clear variable event pointer on read (git-fixes).\n- ALSA: seq: Fix partial userptr event expansion (git-fixes).\n- ALSA: seq: midi: Serialize output teardown with event_input (git-fixes).\n- ALSA: usb-audio: Propagate US-16x08 write errors in route/mix EQ-switch put callbacks (git-fixes).\n- ALSA: usb-audio: Propagate errors in scarlett_ctl_enum_put() (git-fixes).\n- ALSA: usb-audio: Roll back quirk control caches on write errors (git-fixes).\n- ALSA: usb-audio: Update Babyface Pro control caches only after successful writes (git-fixes).\n- ALSA: usb-audio: Update US-16x08 EQ/comp shadow state after successful writes (git-fixes).\n- ALSA: virtio: Add missing 384 kHz PCM rate mapping (git-fixes).\n- ALSA: ymfpci: check snd_ctl_new1() return value (git-fixes).\n- ASoC: SOF: ipc3-control: Fix TOCTOU in bytes_put and bytes_get (git-fixes).\n- ASoC: SOF: ipc3-control: Fix heap overflow in bytes_ext put/get (git-fixes).\n- ASoC: SOF: ipc3-control: Use overflow checks in control_update size calc (git-fixes).\n- ASoC: SOF: ipc3-control: Validate size in snd_sof_update_control (git-fixes).\n- ASoC: SOF: ipc4-control: Fix TOCTOU in sof_ipc4_bytes_put (git-fixes).\n- ASoC: SOF: topology: validate vendor array size before parsing (git-fixes).\n- ASoC: adau1372: Clear PLL_EN on failed PLL lock without reset GPIO (git-fixes).\n- ASoC: codecs: hdac_hdmi: Validate written enum value (git-fixes).\n- ASoC: cs35l56: Cleanup if component_probe fails (git-fixes).\n- ASoC: cs35l56: Do not leave parent IRQ disabled if system_suspend fails (git-fixes).\n- ASoC: cs35l56: Fix missing calls to wm_adsp2_remove() (git-fixes).\n- ASoC: fsl: fsl_audmix: Validate written enum values (git-fixes).\n- ASoC: meson: aiu: Validate written enum values (git-fixes).\n- ASoC: tegra: tegra210_ahub: Validate written enum value (git-fixes).\n- ASoC: topology: Check PCM and DAI name strings before use (git-fixes).\n- ASoC: wm_adsp: Fix NULL dereference when removing firmware controls (git-fixes).\n- Bluetooth: btmtksdio: fix infinite loop in btmtksdio_txrx_work() (git-fixes).\n- Bluetooth: btusb: fix use-after-free on marvell probe failure (git-fixes).\n- Bluetooth: btusb: fix use-after-free on registration failure (git-fixes).\n- Bluetooth: btusb: fix wakeup irq devres lifetime (git-fixes).\n- Bluetooth: btusb: fix wakeup source leak on probe failure (git-fixes).\n- Bluetooth: eir: Fix stack OOB write when prepending the Flags AD (git-fixes).\n- Bluetooth: hci: validate codec capability element length (git-fixes).\n- Bluetooth: vhci: validate devcoredump state before side effects (git-fixes).\n- Drivers: hv: vmbus: Improve the logic of reserving fb_mmio on Gen2 VMs (git-fixes).\n- KVM: SEV: Ignore MMIO requests of length \u00270\u0027 (git-fixes).\n- KVM: SEV: Ignore Port I/O requests of length \u00270\u0027 (git-fixes).\n- KVM: SVM: Allow KVM_SET_NESTED_STATE to clear GIF when SVME==0 (git-fixes).\n- KVM: SVM: Do not set GIF when clearing EFER.SVME (git-fixes).\n- KVM: SVM: Flush the current TLB when transitioning from xAVIC =\u003e x2AVIC (git-fixes).\n- KVM: SVM: check validity of VMCB controls when returning from SMM (git-fixes).\n- KVM: arm64: Discard PC update state on vcpu reset (git-fixes).\n- KVM: arm64: Guard against NULL vcpu on VHE hyp panic path (git-fixes).\n- KVM: arm64: PMU: Preserve AArch32 counter low bits (git-fixes).\n- KVM: arm64: Treat vCPU with pending SError as runnable (git-fixes).\n- KVM: arm64: Wake-up from WFI when iqrchip is in userspace (git-fixes).\n- KVM: arm64: vgic-its: Reject restored DTE with out-of-range num_eventid_bits (git-fixes).\n- KVM: arm64: vgic: Fix IIDR revision field extracted from wrong value (git-fixes).\n- KVM: nSVM: Always use vmcb01 in VMLOAD/VMSAVE emulation (git-fixes).\n- KVM: nSVM: Ensure AVIC is inhibited when restoring a vCPU to guest mode (git-fixes).\n- KVM: nSVM: Mark all of vmcb02 dirty when restoring nested state (git-fixes).\n- KVM: nSVM: Set exit_code_hi to -1 when synthesizing SVM_EXIT_ERR (failed VMRUN) (git-fixes).\n- KVM: x86/mmu: Fix UBSAN warning when reading nx_huge_pages parameter (git-fixes).\n- PM: sleep: Use complete() in device_pm_sleep_init() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in build_i2c_fw_hdr() (git-fixes).\n- USB: serial: io_ti: fix heap overflow in get_manuf_info() (git-fixes).\n- USB: serial: kl5kusb105: fix bulk-out buffer overflow (git-fixes).\n- X.509: Fix validation of ASN.1 certificate header (git-fixes).\n- add bugnumber to existing mana_ib change (bsc#1267682)\n- agp/amd64: Fix broken error propagation in agp_amd64_probe() (git-fixes).\n- batman-adv: bla: annotate lasttime access with READ/WRITE_ONCE (git-fixes).\n- batman-adv: tp_meter: add only finished tp_vars to lists (git-fixes).\n- batman-adv: tp_meter: avoid divide-by-zero for dec_cwnd (git-fixes).\n- batman-adv: tp_meter: avoid window underflow (git-fixes).\n- batman-adv: tp_meter: fix fast recovery precondition (git-fixes).\n- batman-adv: tp_meter: handle seqno wrap-around for fast recovery detection (git-fixes).\n- batman-adv: tp_meter: initialize dec_cwnd explicitly (git-fixes).\n- batman-adv: tp_meter: initialize dup_acks explicitly (git-fixes).\n- batman-adv: tp_meter: keep unacked list in ascending ordered (git-fixes).\n- bnxt_en: Fix NULL pointer dereference (bsc#1268307).\n- crypto: af_alg - Cap AEAD AD length to 0x80000000 (git-fixes).\n- crypto: amlogic - avoid double cleanup in meson_crypto_probe() (git-fixes).\n- crypto: asymmetric_keys - fix OOB read in pefile_digest_pe_contents (git-fixes).\n- crypto: atmel-sha204a - fix blocking and non-blocking rng logic (git-fixes).\n- crypto: cavium/cpt - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: ccp - Fix snp_filter_reserved_mem_regions() off-by-one (git-fixes).\n- crypto: ccp - Treat zero-length cert chain as query for blob lengths (git-fixes).\n- crypto: drbg - Fix drbg_max_addtl() on 64-bit kernels (git-fixes).\n- crypto: drbg - Fix returning success on failure in CTR_DRBG (git-fixes).\n- crypto: drbg - Fix the fips_enabled priority boost (git-fixes).\n- crypto: ecc - Fix carry overflow in vli multiplication (git-fixes).\n- crypto: ecrdsa - fix unknown OID check in ecrdsa_param_curve (git-fixes).\n- crypto: hisilicon/qm - disable error report before flr (git-fixes).\n- crypto: marvell/octeontx - fix DMA cleanup using wrong loop index (git-fixes).\n- crypto: pcrypt - restore callback for non-parallel fallback (git-fixes).\n- crypto: qat - protect service table iterations with service_lock (git-fixes).\n- crypto: qat - validate RSA CRT component lengths (git-fixes).\n- crypto: rng - Free default RNG on module exit (git-fixes).\n- driver core: reject devices with unregistered buses (git-fixes).\n- driver core: use READ_ONCE() for dev-\u003edriver in dev_has_sync_state() (git-fixes).\n- drm/amd/display: Add missing kdoc for ALLM parameters (git-fixes).\n- drm/amdgpu: fix integer overflow in amdgpu_gem_align_pitch() (git-fixes).\n- drm/amdgpu: set sub_block_index for mca ras sub-blocks (git-fixes).\n- drm/amdkfd: Validate CRIU-restored IDs before idr_alloc (git-fixes).\n- drm/bridge: cdns-dsi: Replace deprecated UNIVERSAL_DEV_PM_OPS() (git-fixes).\n- drm/dp/mst: fix OOB reads in remote DPCD/I2C sideband reply parsers (git-fixes).\n- drm/dp/mst: fix OOB reads on 2-byte fields in sideband reply parsers (git-fixes).\n- drm/dp/mst: fix buffer overflows in sideband chunk accumulation (git-fixes).\n- drm/hisilicon/hibmc: move display contrl config to hibmc_probe() (git-fixes).\n- drm/hisilicon/hibmc: use clock to look up the PLL value (git-fixes).\n- drm/hyperv: use VMBUS_RING_SIZE() (git-fixes).\n- drm/i915/gem: Fix phys BO pread/pwrite with offset (git-fixes).\n- drm/msm/dp: Fix the ISR_* enum values (git-fixes).\n- drm/msm/dp: fix HPD state status bit shift value (git-fixes).\n- drm/nouveau/bios: specify correct display fuse register for Ampere and Ada (git-fixes).\n- drm/radeon: fix integer overflow in radeon_align_pitch() (git-fixes).\n- drm/radeon: fix memory leak in radeon_ring_restore() on lock failure (git-fixes).\n- drm/rockchip: cdn-dp: add missing check in cdn_dp_config_video() (git-fixes).\n- drm/tegra: Fix iommu_map_sgtable() return value check (git-fixes).\n- drm/tegra: dc: Fix device node reference leak in tegra_dc_has_output() (git-fixes).\n- drm/tidss: Drop extra drm_mode_config_reset() call (git-fixes).\n- drm/tidss: Fix missing drm_bridge_add() call (git-fixes).\n- drm/vc4: fix krealloc() memory leak (git-fixes).\n- drm/virtio: Fix driver removal with disabled KMS (git-fixes).\n- drm/virtio: fix dma_fence refcount leak on error in virtio_gpu_dma_fence_wait() (git-fixes).\n- ethtool: provide customized dim profile management (bsc#1261256).\n- fbdev: broadsheetfb: fix potential memory leak in broadsheetfb_probe() (git-fixes).\n- fbdev: hecubafb: fix potential memory leak in hecubafb_probe() (git-fixes).\n- fbdev: i740fb: fix potential memory leak in i740fb_probe() (git-fixes).\n- fbdev: metronomefb: fix potential memory leak in metronomefb_probe() (git-fixes).\n- fbdev: modedb: Fix misaligned fields in the 1920x1080-60 mode (git-fixes).\n- fbdev: nvidia: fix potential memory leak in nvidiafb_probe() (git-fixes).\n- fbdev: radeon: fix potential memory leak in radeonfb_pci_register() (git-fixes).\n- fbdev: s3fb: fix potential memory leak in s3_pci_probe() (git-fixes).\n- fbdev: sm501fb: Fix buffer errors in OF binding code (git-fixes).\n- fbdev: sm712: Fix operator precedence in big_swap macro (git-fixes).\n- fbdev: tdfxfb: fix potential memory leak in tdfxfb_probe() (git-fixes).\n- fbdev: tridentfb: fix potential memory leak in trident_pci_probe() (git-fixes).\n- fbdev: uvesafb: fix potential memory leak in uvesafb_probe() (git-fixes).\n- fbdev: vesafb: fix memory leak in vesafb_probe() (git-fixes).\n- firmware: arm_scmi: Fix OOB in scmi_power_name_get() (git-fixes).\n- firmware: arm_scmi: Read sensor config as 32-bit value (git-fixes).\n- firmware_loader: Fix recursive lock in device_cache_fw_images() (git-fixes).\n- firmware_loader: fix device reference leak in firmware_upload_register() (git-fixes).\n- gpio: mvebu: fix NULL pointer dereference in suspend/resume (git-fixes).\n- gpu: host1x: Allow entries in BO caches to be freed (git-fixes).\n- gpu: host1x: Fix iommu_map_sgtable() return value check (git-fixes).\n- hv: utils: handle and propagate errors in kvp_register (git-fixes).\n- hwmon: (it87) Clamp negative values to zero in set_fan() (git-fixes).\n- hwrng: jh7110 - fix refcount leak in starfive_trng_read() (git-fixes).\n- hwrng: virtio: clamp device-reported used.len at copy_data() (git-fixes).\n- hyperv: Clean up and fix the guest ID comment in hvgdk.h (git-fixes).\n- i2c: core: fix irq domain leak on adapter registration failure (git-fixes).\n- i2c: qcom-cci: Fix NULL pointer dereference in cci_remove() (git-fixes).\n- i2c: stm32f7: fix timing computation ignoring i2c-analog-filter (git-fixes).\n- i2c: tegra: Fix NOIRQ suspend/resume (git-fixes).\n- linux/dim: move useful macros to .h file (bsc#1261256).\n- misc: fastrpc: Fix NULL pointer dereference in rpmsg callback (git-fixes).\n- misc: fastrpc: fix DMA address corruption due to find_vma misuse (git-fixes).\n- misc: fastrpc: fix use-after-free of fastrpc_user in workqueue context (git-fixes).\n- misc: fastrpc: fix use-after-free race in fastrpc_map_create (git-fixes).\n- net: ethtool: add ethtool COALESCE_RX_CQE_FRAMES/NSECS (bsc#1261256).\n- net: mana: Add ethtool counters for RX CQEs in coalesced type (bsc#1261256).\n- net: mana: Add support for RX CQE Coalescing (bsc#1261256).\n- of: cpu: add check in __of_find_n_match_cpu_property() (git-fixes).\n- slimbus: qcom-ngd-ctrl: fix OF node refcount (git-fixes).\n- soc: fsl: qe: panic on ioremap() failure in qe_reset() (git-fixes).\n- soc: ti: k3-ringacc: Fix access mode for k3_ringacc_ring_pop_tail_io/proxy (git-fixes).\n- spi: at91-usart: drop dead runtime pm support (git-fixes).\n- spi: ep93xx: fix double-free of zeropage on DMA setup failure (git-fixes).\n- spi: fsl-lpspi: replace dmaengine_terminate_all() with dmaengine_terminate_sync() (git-fixes).\n- spi: fsl-lpspi: terminate the RX channel on TX prepare failure path (git-fixes).\n- spi: meson-spifc: fix runtime PM leak on remove (git-fixes).\n- spi: xilinx: use FIFO occupancy register to determine buffer size (git-fixes).\n- thermal: hwmon: Fix critical temperature attribute removal (git-fixes).\n- thunderbolt: Bound root directory content to block size (git-fixes).\n- thunderbolt: Clamp XDomain response data copy to allocation size (git-fixes).\n- thunderbolt: Limit XDomain response copy to actual frame size (git-fixes).\n- thunderbolt: Reject zero-length property entries in validator (git-fixes).\n- thunderbolt: Validate XDomain request packet size before type cast (git-fixes).\n- watchdog: apple: Add \"apple,t8103-wdt\" compatible (git-fixes).\n- watchdog: sp5100_tco: Use EFCH MMIO for newer Hygon FCH (git-fixes).\n- watchdog: sprd_wdt: Remove redundant sprd_wdt_disable() on register failure (git-fixes).\n- watchdog: unregister PM notifier on watchdog unregister (git-fixes).\n- wifi: ath11k: fix warning when unbinding (git-fixes).\n- wifi: ath9k: fix OOB access from firmware tx status queue ID (git-fixes).\n- wifi: cfg80211: fix grammar in MLO group key error message (git-fixes).\n- wifi: mac80211: fix monitor mode frame capture for real chanctx drivers (git-fixes).\n- wifi: mt76: fix argument to ieee80211_is_first_frag() (git-fixes).\n- wifi: mt76: mt7915: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7921: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7925: clean up DMA on probe failure (git-fixes).\n- wifi: mt76: mt7925: fix potential tx_retries underflow (git-fixes).\n- wifi: mt76: mt7996: fix potential tx_retries underflow (git-fixes).\n- wifi: rtlwifi: rtl8821ae: Fix C2H bit location in RX descriptor (git-fixes).\n- wifi: rtw88: fix OOB read from firmware RX descriptor exceeding DMA buffer (git-fixes).\n- wifi: rtw88: increase TX report timeout to fix race condition (git-fixes).\n- wifi: rtw88: usb: fix memory leaks on USB write failures (git-fixes).\n- wifi: rtw89: Correct data type for scan index to avoid infinite loop (git-fixes).\n- wifi: wcn36xx: fix OOB read from firmware count in PRINT_REG_INFO indication (git-fixes).\n- wifi: wcn36xx: fix OOB read from short trigger BA firmware response (git-fixes).\n- wifi: wcn36xx: fix heap overflow from oversized firmware HAL response (git-fixes).\n",
"title": "Description of the patch"
},
{
"category": "details",
"text": "SUSE-SLE-Micro-6.0-kernel-496",
"title": "Patchnames"
},
{
"category": "legal_disclaimer",
"text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
"title": "Terms of use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://www.suse.com/support/security/contact/",
"name": "SUSE Product Security Team",
"namespace": "https://www.suse.com/"
},
"references": [
{
"category": "external",
"summary": "SUSE ratings",
"url": "https://www.suse.com/support/security/rating/"
},
{
"category": "self",
"summary": "URL of this CSAF notice",
"url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22436-1.json"
},
{
"category": "self",
"summary": "URL for SUSE-SU-2026:22436-1",
"url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622436-1/"
},
{
"category": "self",
"summary": "E-Mail link for SUSE-SU-2026:22436-1",
"url": "https://lists.suse.com/pipermail/sle-updates/2026-July/047859.html"
},
{
"category": "self",
"summary": "SUSE Bug 1256668",
"url": "https://bugzilla.suse.com/1256668"
},
{
"category": "self",
"summary": "SUSE Bug 1261256",
"url": "https://bugzilla.suse.com/1261256"
},
{
"category": "self",
"summary": "SUSE Bug 1262085",
"url": "https://bugzilla.suse.com/1262085"
},
{
"category": "self",
"summary": "SUSE Bug 1262392",
"url": "https://bugzilla.suse.com/1262392"
},
{
"category": "self",
"summary": "SUSE Bug 1262617",
"url": "https://bugzilla.suse.com/1262617"
},
{
"category": "self",
"summary": "SUSE Bug 1262620",
"url": "https://bugzilla.suse.com/1262620"
},
{
"category": "self",
"summary": "SUSE Bug 1262674",
"url": "https://bugzilla.suse.com/1262674"
},
{
"category": "self",
"summary": "SUSE Bug 1262748",
"url": "https://bugzilla.suse.com/1262748"
},
{
"category": "self",
"summary": "SUSE Bug 1262798",
"url": "https://bugzilla.suse.com/1262798"
},
{
"category": "self",
"summary": "SUSE Bug 1262993",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "self",
"summary": "SUSE Bug 1263123",
"url": "https://bugzilla.suse.com/1263123"
},
{
"category": "self",
"summary": "SUSE Bug 1263137",
"url": "https://bugzilla.suse.com/1263137"
},
{
"category": "self",
"summary": "SUSE Bug 1263178",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "self",
"summary": "SUSE Bug 1263563",
"url": "https://bugzilla.suse.com/1263563"
},
{
"category": "self",
"summary": "SUSE Bug 1263568",
"url": "https://bugzilla.suse.com/1263568"
},
{
"category": "self",
"summary": "SUSE Bug 1263578",
"url": "https://bugzilla.suse.com/1263578"
},
{
"category": "self",
"summary": "SUSE Bug 1263879",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "self",
"summary": "SUSE Bug 1263880",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "self",
"summary": "SUSE Bug 1263930",
"url": "https://bugzilla.suse.com/1263930"
},
{
"category": "self",
"summary": "SUSE Bug 1263934",
"url": "https://bugzilla.suse.com/1263934"
},
{
"category": "self",
"summary": "SUSE Bug 1263993",
"url": "https://bugzilla.suse.com/1263993"
},
{
"category": "self",
"summary": "SUSE Bug 1263996",
"url": "https://bugzilla.suse.com/1263996"
},
{
"category": "self",
"summary": "SUSE Bug 1264045",
"url": "https://bugzilla.suse.com/1264045"
},
{
"category": "self",
"summary": "SUSE Bug 1264076",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "self",
"summary": "SUSE Bug 1264080",
"url": "https://bugzilla.suse.com/1264080"
},
{
"category": "self",
"summary": "SUSE Bug 1264084",
"url": "https://bugzilla.suse.com/1264084"
},
{
"category": "self",
"summary": "SUSE Bug 1264116",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "self",
"summary": "SUSE Bug 1264137",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "self",
"summary": "SUSE Bug 1264145",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "self",
"summary": "SUSE Bug 1264239",
"url": "https://bugzilla.suse.com/1264239"
},
{
"category": "self",
"summary": "SUSE Bug 1264263",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "self",
"summary": "SUSE Bug 1264266",
"url": "https://bugzilla.suse.com/1264266"
},
{
"category": "self",
"summary": "SUSE Bug 1264437",
"url": "https://bugzilla.suse.com/1264437"
},
{
"category": "self",
"summary": "SUSE Bug 1264444",
"url": "https://bugzilla.suse.com/1264444"
},
{
"category": "self",
"summary": "SUSE Bug 1264470",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "self",
"summary": "SUSE Bug 1264549",
"url": "https://bugzilla.suse.com/1264549"
},
{
"category": "self",
"summary": "SUSE Bug 1264561",
"url": "https://bugzilla.suse.com/1264561"
},
{
"category": "self",
"summary": "SUSE Bug 1264595",
"url": "https://bugzilla.suse.com/1264595"
},
{
"category": "self",
"summary": "SUSE Bug 1264603",
"url": "https://bugzilla.suse.com/1264603"
},
{
"category": "self",
"summary": "SUSE Bug 1264610",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "self",
"summary": "SUSE Bug 1264741",
"url": "https://bugzilla.suse.com/1264741"
},
{
"category": "self",
"summary": "SUSE Bug 1264763",
"url": "https://bugzilla.suse.com/1264763"
},
{
"category": "self",
"summary": "SUSE Bug 1265103",
"url": "https://bugzilla.suse.com/1265103"
},
{
"category": "self",
"summary": "SUSE Bug 1265143",
"url": "https://bugzilla.suse.com/1265143"
},
{
"category": "self",
"summary": "SUSE Bug 1265628",
"url": "https://bugzilla.suse.com/1265628"
},
{
"category": "self",
"summary": "SUSE Bug 1266290",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "self",
"summary": "SUSE Bug 1266390",
"url": "https://bugzilla.suse.com/1266390"
},
{
"category": "self",
"summary": "SUSE Bug 1266397",
"url": "https://bugzilla.suse.com/1266397"
},
{
"category": "self",
"summary": "SUSE Bug 1266698",
"url": "https://bugzilla.suse.com/1266698"
},
{
"category": "self",
"summary": "SUSE Bug 1266704",
"url": "https://bugzilla.suse.com/1266704"
},
{
"category": "self",
"summary": "SUSE Bug 1266705",
"url": "https://bugzilla.suse.com/1266705"
},
{
"category": "self",
"summary": "SUSE Bug 1266878",
"url": "https://bugzilla.suse.com/1266878"
},
{
"category": "self",
"summary": "SUSE Bug 1266895",
"url": "https://bugzilla.suse.com/1266895"
},
{
"category": "self",
"summary": "SUSE Bug 1266903",
"url": "https://bugzilla.suse.com/1266903"
},
{
"category": "self",
"summary": "SUSE Bug 1266916",
"url": "https://bugzilla.suse.com/1266916"
},
{
"category": "self",
"summary": "SUSE Bug 1266922",
"url": "https://bugzilla.suse.com/1266922"
},
{
"category": "self",
"summary": "SUSE Bug 1266933",
"url": "https://bugzilla.suse.com/1266933"
},
{
"category": "self",
"summary": "SUSE Bug 1267208",
"url": "https://bugzilla.suse.com/1267208"
},
{
"category": "self",
"summary": "SUSE Bug 1267361",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "self",
"summary": "SUSE Bug 1267381",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "self",
"summary": "SUSE Bug 1267387",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "self",
"summary": "SUSE Bug 1267431",
"url": "https://bugzilla.suse.com/1267431"
},
{
"category": "self",
"summary": "SUSE Bug 1267621",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "self",
"summary": "SUSE Bug 1267624",
"url": "https://bugzilla.suse.com/1267624"
},
{
"category": "self",
"summary": "SUSE Bug 1267628",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "self",
"summary": "SUSE Bug 1267640",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "self",
"summary": "SUSE Bug 1267651",
"url": "https://bugzilla.suse.com/1267651"
},
{
"category": "self",
"summary": "SUSE Bug 1267654",
"url": "https://bugzilla.suse.com/1267654"
},
{
"category": "self",
"summary": "SUSE Bug 1267682",
"url": "https://bugzilla.suse.com/1267682"
},
{
"category": "self",
"summary": "SUSE Bug 1267685",
"url": "https://bugzilla.suse.com/1267685"
},
{
"category": "self",
"summary": "SUSE Bug 1267697",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "self",
"summary": "SUSE Bug 1267744",
"url": "https://bugzilla.suse.com/1267744"
},
{
"category": "self",
"summary": "SUSE Bug 1268307",
"url": "https://bugzilla.suse.com/1268307"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-10263 page",
"url": "https://www.suse.com/security/cve/CVE-2025-10263/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2025-68822 page",
"url": "https://www.suse.com/security/cve/CVE-2025-68822/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31414 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31414/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31429 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31429/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31452 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31452/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31453 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31453/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31492 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31492/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31495 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31495/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31499 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31499/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31500 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31500/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31555 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31555/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31592 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31592/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31664 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31664/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31665 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31665/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31674 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31674/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31680 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31680/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31693 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31693/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31697 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31697/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31698 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31698/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31699 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31699/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31752 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31752/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31759 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31759/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-31771 page",
"url": "https://www.suse.com/security/cve/CVE-2026-31771/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43023 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43023/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43024 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43024/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43028 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43028/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43035 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43035/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43036 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43036/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43049 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43049/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43053 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43053/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43074 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43074/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43077 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43077/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43083 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43083/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43112 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43112/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43158 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43158/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43171 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43171/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43187 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43187/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43198 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43198/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43239 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43239/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43339 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43339/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43345 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43345/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43405 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43405/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43469 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43469/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-43491 page",
"url": "https://www.suse.com/security/cve/CVE-2026-43491/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45840 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45840/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45841 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45841/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45862 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45862/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45870 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45870/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45894 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45894/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45940 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45940/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45961 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45961/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45964 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45964/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45965 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45965/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-45974 page",
"url": "https://www.suse.com/security/cve/CVE-2026-45974/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46005 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46005/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46037 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46037/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46101 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46101/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46119 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46119/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46120 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46120/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46123 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46123/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46150 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46150/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46160 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46160/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46172 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46172/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46197 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46197/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46227 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46227/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46244 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46244/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46259 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46259/"
},
{
"category": "self",
"summary": "SUSE CVE CVE-2026-46273 page",
"url": "https://www.suse.com/security/cve/CVE-2026-46273/"
}
],
"title": "Security update for the Linux Kernel",
"tracking": {
"current_release_date": "2026-06-30T23:09:03Z",
"generator": {
"date": "2026-06-30T23:09:03Z",
"engine": {
"name": "cve-database.git:bin/generate-csaf.pl",
"version": "1"
}
},
"id": "SUSE-SU-2026:22436-1",
"initial_release_date": "2026-06-30T23:09:03Z",
"revision_history": [
{
"date": "2026-06-30T23:09:03Z",
"number": "1",
"summary": "Current version"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.aarch64",
"product": {
"name": "kernel-default-6.4.0-48.1.aarch64",
"product_id": "kernel-default-6.4.0-48.1.aarch64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.aarch64"
}
}
],
"category": "architecture",
"name": "aarch64"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-devel-6.4.0-48.1.noarch",
"product": {
"name": "kernel-devel-6.4.0-48.1.noarch",
"product_id": "kernel-devel-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-macros-6.4.0-48.1.noarch",
"product": {
"name": "kernel-macros-6.4.0-48.1.noarch",
"product_id": "kernel-macros-6.4.0-48.1.noarch"
}
},
{
"category": "product_version",
"name": "kernel-source-6.4.0-48.1.noarch",
"product": {
"name": "kernel-source-6.4.0-48.1.noarch",
"product_id": "kernel-source-6.4.0-48.1.noarch"
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-6.4.0-48.1.s390x",
"product_id": "kernel-default-6.4.0-48.1.s390x"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x",
"product_id": "kernel-default-livepatch-6.4.0-48.1.s390x"
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "kernel-default-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-6.4.0-48.1.x86_64",
"product_id": "kernel-default-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"product_id": "kernel-default-base-6.4.0-48.1.21.25.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"product_id": "kernel-default-livepatch-6.4.0-48.1.x86_64"
}
},
{
"category": "product_version",
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"product_id": "kernel-kvmsmall-6.4.0-48.1.x86_64"
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_name",
"name": "SUSE Linux Micro 6.0",
"product": {
"name": "SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0",
"product_identification_helper": {
"cpe": "cpe:/o:suse:sl-micro:6.0"
}
}
}
],
"category": "product_family",
"name": "SUSE Linux Enterprise"
}
],
"category": "vendor",
"name": "SUSE"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64"
},
"product_reference": "kernel-default-6.4.0-48.1.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.aarch64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.aarch64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-base-6.4.0-48.1.21.25.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64"
},
"product_reference": "kernel-default-base-6.4.0-48.1.21.25.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.s390x as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.s390x",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-default-livepatch-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-default-livepatch-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-devel-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch"
},
"product_reference": "kernel-devel-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-kvmsmall-6.4.0-48.1.x86_64 as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64"
},
"product_reference": "kernel-kvmsmall-6.4.0-48.1.x86_64",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-macros-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch"
},
"product_reference": "kernel-macros-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "kernel-source-6.4.0-48.1.noarch as component of SUSE Linux Micro 6.0",
"product_id": "SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
},
"product_reference": "kernel-source-6.4.0-48.1.noarch",
"relates_to_product_reference": "SUSE Linux Micro 6.0"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2025-10263",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-10263"
}
],
"notes": [
{
"category": "general",
"text": "Arm C1-Ultra, C1-Premium, Neoverse V3 \u0026 V3AE, Neoverse V2, Neoverse V1, Neoverse-N2, Neoverse-N1, Cortex-X925, Cortex-X4, Cortex-X3, Cortex-X2, Cortex-X1 \u0026 X1C, Cortex-A710, Cortex-A78, A78AE \u0026 A78C, Cortex-A77, Cortex-A76 \u0026 A76A may allow writes to resources owned by a higher exception level.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-10263",
"url": "https://www.suse.com/security/cve/CVE-2025-10263"
},
{
"category": "external",
"summary": "SUSE Bug 1266290 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266290"
},
{
"category": "external",
"summary": "SUSE Bug 1266954 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1266954"
},
{
"category": "external",
"summary": "SUSE Bug 1270230 for CVE-2025-10263",
"url": "https://bugzilla.suse.com/1270230"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "critical"
}
],
"title": "CVE-2025-10263"
},
{
"cve": "CVE-2025-68822",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2025-68822"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nInput: alps - fix use-after-free bugs caused by dev3_register_work\n\nThe dev3_register_work delayed work item is initialized within\nalps_reconnect() and scheduled upon receipt of the first bare\nPS/2 packet from an external PS/2 device connected to the ALPS\ntouchpad. During device detachment, the original implementation\ncalls flush_workqueue() in psmouse_disconnect() to ensure\ncompletion of dev3_register_work. However, the flush_workqueue()\nin psmouse_disconnect() only blocks and waits for work items that\nwere already queued to the workqueue prior to its invocation. Any\nwork items submitted after flush_workqueue() is called are not\nincluded in the set of tasks that the flush operation awaits.\nThis means that after flush_workqueue() has finished executing,\nthe dev3_register_work could still be scheduled. Although the\npsmouse state is set to PSMOUSE_CMD_MODE in psmouse_disconnect(),\nthe scheduling of dev3_register_work remains unaffected.\n\nThe race condition can occur as follows:\n\nCPU 0 (cleanup path) | CPU 1 (delayed work)\npsmouse_disconnect() |\n psmouse_set_state() |\n flush_workqueue() | alps_report_bare_ps2_packet()\n alps_disconnect() | psmouse_queue_work()\n kfree(priv); // FREE | alps_register_bare_ps2_mouse()\n | priv = container_of(work...); // USE\n | priv-\u003edev3 // USE\n\nAdd disable_delayed_work_sync() in alps_disconnect() to ensure\nthat dev3_register_work is properly canceled and prevented from\nexecuting after the alps_data structure has been deallocated.\n\nThis bug is identified by static analysis.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2025-68822",
"url": "https://www.suse.com/security/cve/CVE-2025-68822"
},
{
"category": "external",
"summary": "SUSE Bug 1256668 for CVE-2025-68822",
"url": "https://bugzilla.suse.com/1256668"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2025-68822"
},
{
"cve": "CVE-2026-31414",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31414"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_conntrack_expect: use expect-\u003ehelper\n\nUse expect-\u003ehelper in ctnetlink and /proc to dump the helper name.\nUsing nfct_help() without holding a reference to the master conntrack\nis unsafe.\n\nUse exp-\u003emaster-\u003ehelper in ctnetlink path if userspace does not provide\nan explicit helper when creating an expectation to retain the existing\nbehaviour. The ctnetlink expectation path holds the reference on the\nmaster conntrack and nf_conntrack_expect lock and the nfnetlink glue\npath refers to the master ct that is attached to the skb.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31414",
"url": "https://www.suse.com/security/cve/CVE-2026-31414"
},
{
"category": "external",
"summary": "SUSE Bug 1262085 for CVE-2026-31414",
"url": "https://bugzilla.suse.com/1262085"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31414"
},
{
"cve": "CVE-2026-31429",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31429"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skb: fix cross-cache free of KFENCE-allocated skb head\n\nSKB_SMALL_HEAD_CACHE_SIZE is intentionally set to a non-power-of-2\nvalue (e.g. 704 on x86_64) to avoid collisions with generic kmalloc\nbucket sizes. This ensures that skb_kfree_head() can reliably use\nskb_end_offset to distinguish skb heads allocated from\nskb_small_head_cache vs. generic kmalloc caches.\n\nHowever, when KFENCE is enabled, kfence_ksize() returns the exact\nrequested allocation size instead of the slab bucket size. If a caller\n(e.g. bpf_test_init) allocates skb head data via kzalloc() and the\nrequested size happens to equal SKB_SMALL_HEAD_CACHE_SIZE, then\nslab_build_skb() -\u003e ksize() returns that exact value. After subtracting\nskb_shared_info overhead, skb_end_offset ends up matching\nSKB_SMALL_HEAD_HEADROOM, causing skb_kfree_head() to incorrectly free\nthe object to skb_small_head_cache instead of back to the original\nkmalloc cache, resulting in a slab cross-cache free:\n\n kmem_cache_free(skbuff_small_head): Wrong slab cache. Expected\n skbuff_small_head but got kmalloc-1k\n\nFix this by always calling kfree(head) in skb_kfree_head(). This keeps\nthe free path generic and avoids allocator-specific misclassification\nfor KFENCE objects.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31429",
"url": "https://www.suse.com/security/cve/CVE-2026-31429"
},
{
"category": "external",
"summary": "SUSE Bug 1262392 for CVE-2026-31429",
"url": "https://bugzilla.suse.com/1262392"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31452",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31452"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\next4: convert inline data to extents when truncate exceeds inline size\n\nAdd a check in ext4_setattr() to convert files from inline data storage\nto extent-based storage when truncate() grows the file size beyond the\ninline capacity. This prevents the filesystem from entering an\ninconsistent state where the inline data flag is set but the file size\nexceeds what can be stored inline.\n\nWithout this fix, the following sequence causes a kernel BUG_ON():\n\n1. Mount filesystem with inode that has inline flag set and small size\n2. truncate(file, 50MB) - grows size but inline flag remains set\n3. sendfile() attempts to write data\n4. ext4_write_inline_data() hits BUG_ON(write_size \u003e inline_capacity)\n\nThe crash occurs because ext4_write_inline_data() expects inline storage\nto accommodate the write, but the actual inline capacity (~60 bytes for\ni_block + ~96 bytes for xattrs) is far smaller than the file size and\nwrite request.\n\nThe fix checks if the new size from setattr exceeds the inode\u0027s actual\ninline capacity (EXT4_I(inode)-\u003ei_inline_size) and converts the file to\nextent-based storage before proceeding with the size change.\n\nThis addresses the root cause by ensuring the inline data flag and file\nsize remain consistent during truncate operations.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31452",
"url": "https://www.suse.com/security/cve/CVE-2026-31452"
},
{
"category": "external",
"summary": "SUSE Bug 1262620 for CVE-2026-31452",
"url": "https://bugzilla.suse.com/1262620"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31452"
},
{
"cve": "CVE-2026-31453",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31453"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: avoid dereferencing log items after push callbacks\n\nAfter xfsaild_push_item() calls iop_push(), the log item may have been\nfreed if the AIL lock was dropped during the push. Background inode\nreclaim or the dquot shrinker can free the log item while the AIL lock\nis not held, and the tracepoints in the switch statement dereference\nthe log item after iop_push() returns.\n\nFix this by capturing the log item type, flags, and LSN before calling\nxfsaild_push_item(), and introducing a new xfs_ail_push_class trace\nevent class that takes these pre-captured values and the ailp pointer\ninstead of the log item pointer.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31453",
"url": "https://www.suse.com/security/cve/CVE-2026-31453"
},
{
"category": "external",
"summary": "SUSE Bug 1262617 for CVE-2026-31453",
"url": "https://bugzilla.suse.com/1262617"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31453"
},
{
"cve": "CVE-2026-31469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nvirtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and napi_tx is false\n\nA UAF issue occurs when the virtio_net driver is configured with napi_tx=N\nand the device\u0027s IFF_XMIT_DST_RELEASE flag is cleared\n(e.g., during the configuration of tc route filter rules).\n\nWhen IFF_XMIT_DST_RELEASE is removed from the net_device, the network stack\nexpects the driver to hold the reference to skb-\u003edst until the packet\nis fully transmitted and freed. In virtio_net with napi_tx=N,\nskbs may remain in the virtio transmit ring for an extended period.\n\nIf the network namespace is destroyed while these skbs are still pending,\nthe corresponding dst_ops structure has freed. When a subsequent packet\nis transmitted, free_old_xmit() is triggered to clean up old skbs.\nIt then calls dst_release() on the skb associated with the stale dst_entry.\nSince the dst_ops (referenced by the dst_entry) has already been freed,\na UAF kernel paging request occurs.\n\nfix it by adds skb_dst_drop(skb) in start_xmit to explicitly release\nthe dst reference before the skb is queued in virtio_net.\n\nCall Trace:\n Unable to handle kernel paging request at virtual address ffff80007e150000\n CPU: 2 UID: 0 PID: 6236 Comm: ping Kdump: loaded Not tainted 7.0.0-rc1+ #6 PREEMPT\n ...\n percpu_counter_add_batch+0x3c/0x158 lib/percpu_counter.c:98 (P)\n dst_release+0xe0/0x110 net/core/dst.c:177\n skb_release_head_state+0xe8/0x108 net/core/skbuff.c:1177\n sk_skb_reason_drop+0x54/0x2d8 net/core/skbuff.c:1255\n dev_kfree_skb_any_reason+0x64/0x78 net/core/dev.c:3469\n napi_consume_skb+0x1c4/0x3a0 net/core/skbuff.c:1527\n __free_old_xmit+0x164/0x230 drivers/net/virtio_net.c:611 [virtio_net]\n free_old_xmit drivers/net/virtio_net.c:1081 [virtio_net]\n start_xmit+0x7c/0x530 drivers/net/virtio_net.c:3329 [virtio_net]\n ...\n\nReproduction Steps:\nNETDEV=\"enp3s0\"\n\nconfig_qdisc_route_filter() {\n tc qdisc del dev $NETDEV root\n tc qdisc add dev $NETDEV root handle 1: prio\n tc filter add dev $NETDEV parent 1:0 \\\n\tprotocol ip prio 100 route to 100 flowid 1:1\n ip route add 192.168.1.100/32 dev $NETDEV realm 100\n}\n\ntest_ns() {\n ip netns add testns\n ip link set $NETDEV netns testns\n ip netns exec testns ifconfig $NETDEV 10.0.32.46/24\n ip netns exec testns ping -c 1 10.0.32.1\n ip netns del testns\n}\n\nconfig_qdisc_route_filter\n\ntest_ns\nsleep 2\ntest_ns",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31469",
"url": "https://www.suse.com/security/cve/CVE-2026-31469"
},
{
"category": "external",
"summary": "SUSE Bug 1267816 for CVE-2026-31469",
"url": "https://bugzilla.suse.com/1267816"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31469"
},
{
"cve": "CVE-2026-31492",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31492"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/irdma: Initialize free_qp completion before using it\n\nIn irdma_create_qp, if ib_copy_to_udata fails, it will call\nirdma_destroy_qp to clean up which will attempt to wait on\nthe free_qp completion, which is not initialized yet. Fix this\nby initializing the completion before the ib_copy_to_udata call.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31492",
"url": "https://www.suse.com/security/cve/CVE-2026-31492"
},
{
"category": "external",
"summary": "SUSE Bug 1262748 for CVE-2026-31492",
"url": "https://bugzilla.suse.com/1262748"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31492"
},
{
"cve": "CVE-2026-31495",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31495"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ctnetlink: use netlink policy range checks\n\nReplace manual range and mask validations with netlink policy\nannotations in ctnetlink code paths, so that the netlink core rejects\ninvalid values early and can generate extack errors.\n\n- CTA_PROTOINFO_TCP_STATE: reject values \u003e TCP_CONNTRACK_SYN_SENT2 at\n policy level, removing the manual \u003e= TCP_CONNTRACK_MAX check.\n- CTA_PROTOINFO_TCP_WSCALE_ORIGINAL/REPLY: reject values \u003e TCP_MAX_WSCALE\n (14). The normal TCP option parsing path already clamps to this value,\n but the ctnetlink path accepted 0-255, causing undefined behavior when\n used as a u32 shift count.\n- CTA_FILTER_ORIG_FLAGS/REPLY_FLAGS: use NLA_POLICY_MASK with\n CTA_FILTER_F_ALL, removing the manual mask checks.\n- CTA_EXPECT_FLAGS: use NLA_POLICY_MASK with NF_CT_EXPECT_MASK, adding\n a new mask define grouping all valid expect flags.\n\nExtracted from a broader nf-next patch by Florian Westphal, scoped to\nctnetlink for the fixes tree.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31495",
"url": "https://www.suse.com/security/cve/CVE-2026-31495"
},
{
"category": "external",
"summary": "SUSE Bug 1262798 for CVE-2026-31495",
"url": "https://bugzilla.suse.com/1262798"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31495"
},
{
"cve": "CVE-2026-31499",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31499"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: L2CAP: Fix deadlock in l2cap_conn_del()\n\nl2cap_conn_del() calls cancel_delayed_work_sync() for both info_timer\nand id_addr_timer while holding conn-\u003elock. However, the work functions\nl2cap_info_timeout() and l2cap_conn_update_id_addr() both acquire\nconn-\u003elock, creating a potential AB-BA deadlock if the work is already\nexecuting when l2cap_conn_del() takes the lock.\n\nMove the work cancellations before acquiring conn-\u003elock and use\ndisable_delayed_work_sync() to additionally prevent the works from\nbeing rearmed after cancellation, consistent with the pattern used in\nhci_conn_del().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31499",
"url": "https://www.suse.com/security/cve/CVE-2026-31499"
},
{
"category": "external",
"summary": "SUSE Bug 1262674 for CVE-2026-31499",
"url": "https://bugzilla.suse.com/1262674"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31499"
},
{
"cve": "CVE-2026-31500",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31500"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock\n\nbtintel_hw_error() issues two __hci_cmd_sync() calls (HCI_OP_RESET\nand Intel exception-info retrieval) without holding\nhci_req_sync_lock(). This lets it race against\nhci_dev_do_close() -\u003e btintel_shutdown_combined(), which also runs\n__hci_cmd_sync() under the same lock. When both paths manipulate\nhdev-\u003ereq_status/req_rsp concurrently, the close path may free the\nresponse skb first, and the still-running hw_error path hits a\nslab-use-after-free in kfree_skb().\n\nWrap the whole recovery sequence in hci_req_sync_lock/unlock so it\nis serialized with every other synchronous HCI command issuer.\n\nBelow is the data race report and the kasan report:\n\n BUG: data-race in __hci_cmd_sync_sk / btintel_shutdown_combined\n\n read of hdev-\u003ereq_rsp at net/bluetooth/hci_sync.c:199\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x114/0x670 drivers/bluetooth/btintel.c:254\n hci_error_reset+0x348/0xa30 net/bluetooth/hci_core.c:1030\n\n write/free by task ioctl/22580:\n btintel_shutdown_combined+0xd0/0x360\n drivers/bluetooth/btintel.c:3648\n hci_dev_close_sync+0x9ae/0x2c10 net/bluetooth/hci_sync.c:5246\n hci_dev_do_close+0x232/0x460 net/bluetooth/hci_core.c:526\n\n BUG: KASAN: slab-use-after-free in\n sk_skb_reason_drop+0x43/0x380 net/core/skbuff.c:1202\n Read of size 4 at addr ffff888144a738dc\n by task kworker/u17:1/83:\n __hci_cmd_sync_sk+0x12f2/0x1c30 net/bluetooth/hci_sync.c:200\n __hci_cmd_sync+0x55/0x80 net/bluetooth/hci_sync.c:223\n btintel_hw_error+0x186/0x670 drivers/bluetooth/btintel.c:260",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31500",
"url": "https://www.suse.com/security/cve/CVE-2026-31500"
},
{
"category": "external",
"summary": "SUSE Bug 1262993 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262993"
},
{
"category": "external",
"summary": "SUSE Bug 1262994 for CVE-2026-31500",
"url": "https://bugzilla.suse.com/1262994"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31500"
},
{
"cve": "CVE-2026-31555",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31555"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfutex: Clear stale exiting pointer in futex_lock_pi() retry path\n\nFuzzying/stressing futexes triggered:\n\n WARNING: kernel/futex/core.c:825 at wait_for_owner_exiting+0x7a/0x80, CPU#11: futex_lock_pi_s/524\n\nWhen futex_lock_pi_atomic() sees the owner is exiting, it returns -EBUSY\nand stores a refcounted task pointer in \u0027exiting\u0027.\n\nAfter wait_for_owner_exiting() consumes that reference, the local pointer\nis never reset to nil. Upon a retry, if futex_lock_pi_atomic() returns a\ndifferent error, the bogus pointer is passed to wait_for_owner_exiting().\n\n CPU0\t\t\t CPU1\t\t CPU2\n futex_lock_pi(uaddr)\n // acquires the PI futex\n exit()\n futex_cleanup_begin()\n futex_state = EXITING;\n\t\t\t futex_lock_pi(uaddr)\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t attach_to_pi_owner()\n\t\t\t\t // observes EXITING\n\t\t\t\t *exiting = owner; // takes ref\n\t\t\t\t return -EBUSY\n\t\t\t wait_for_owner_exiting(-EBUSY, owner)\n\t\t\t\t put_task_struct(); // drops ref\n\t\t\t // exiting still points to owner\n\t\t\t goto retry;\n\t\t\t futex_lock_pi_atomic()\n\t\t\t\t lock_pi_update_atomic()\n\t\t\t\t cmpxchg(uaddr)\n\t\t\t\t\t*uaddr ^= WAITERS // whatever\n\t\t\t\t // value changed\n\t\t\t\t return -EAGAIN;\n\t\t\t wait_for_owner_exiting(-EAGAIN, exiting) // stale\n\t\t\t\t WARN_ON_ONCE(exiting)\n\nFix this by resetting upon retry, essentially aligning it with requeue_pi.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31555",
"url": "https://www.suse.com/security/cve/CVE-2026-31555"
},
{
"category": "external",
"summary": "SUSE Bug 1263178 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263178"
},
{
"category": "external",
"summary": "SUSE Bug 1263179 for CVE-2026-31555",
"url": "https://bugzilla.suse.com/1263179"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31555"
},
{
"cve": "CVE-2026-31592",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31592"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nKVM: SEV: Protect *all* of sev_mem_enc_register_region() with kvm-\u003elock\n\nTake and hold kvm-\u003elock for before checking sev_guest() in\nsev_mem_enc_register_region(), as sev_guest() isn\u0027t stable unless kvm-\u003elock\nis held (or KVM can guarantee KVM_SEV_INIT{2} has completed and can\u0027t\nrollack state). If KVM_SEV_INIT{2} fails, KVM can end up trying to add to\na not-yet-initialized sev-\u003eregions_list, e.g. triggering a #GP\n\n Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN NOPTI\n KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]\n CPU: 110 UID: 0 PID: 72717 Comm: syz.15.11462 Tainted: G U W O 6.16.0-smp-DEV #1 NONE\n Tainted: [U]=USER, [W]=WARN, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.52.0-0 10/28/2024\n RIP: 0010:sev_mem_enc_register_region+0x3f0/0x4f0 ../include/linux/list.h:83\n Code: \u003c41\u003e 80 3c 04 00 74 08 4c 89 ff e8 f1 c7 a2 00 49 39 ed 0f 84 c6 00\n RSP: 0018:ffff88838647fbb8 EFLAGS: 00010256\n RAX: dffffc0000000000 RBX: 1ffff92015cf1e0b RCX: dffffc0000000000\n RDX: 0000000000000000 RSI: 0000000000001000 RDI: ffff888367870000\n RBP: ffffc900ae78f050 R08: ffffea000d9e0007 R09: 1ffffd4001b3c000\n R10: dffffc0000000000 R11: fffff94001b3c001 R12: 0000000000000000\n R13: ffff8982ab0bde00 R14: ffffc900ae78f058 R15: 0000000000000000\n FS: 00007f34e9dc66c0(0000) GS:ffff89ee64d33000(0000) knlGS:0000000000000000\n CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n CR2: 00007fe180adef98 CR3: 000000047210e000 CR4: 0000000000350ef0\n Call Trace:\n \u003cTASK\u003e\n kvm_arch_vm_ioctl+0xa72/0x1240 ../arch/x86/kvm/x86.c:7371\n kvm_vm_ioctl+0x649/0x990 ../virt/kvm/kvm_main.c:5363\n __se_sys_ioctl+0x101/0x170 ../fs/ioctl.c:51\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0x6f/0x1f0 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n RIP: 0033:0x7f34e9f7e9a9\n Code: \u003c48\u003e 3d 01 f0 ff ff 73 01 c3 48 c7 c1 a8 ff ff ff f7 d8 64 89 01 48\n RSP: 002b:00007f34e9dc6038 EFLAGS: 00000246 ORIG_RAX: 0000000000000010\n RAX: ffffffffffffffda RBX: 00007f34ea1a6080 RCX: 00007f34e9f7e9a9\n RDX: 0000200000000280 RSI: 000000008010aebb RDI: 0000000000000007\n RBP: 00007f34ea000d69 R08: 0000000000000000 R09: 0000000000000000\n R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000000\n R13: 0000000000000000 R14: 00007f34ea1a6080 R15: 00007ffce77197a8\n \u003c/TASK\u003e\n\nwith a syzlang reproducer that looks like:\n\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000040)={0x0, \u0026(0x7f0000000180)=ANY=[], 0x70}) (async)\n syz_kvm_add_vcpu$x86(0x0, \u0026(0x7f0000000080)={0x0, \u0026(0x7f0000000180)=ANY=[@ANYBLOB=\"...\"], 0x4f}) (async)\n r0 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000200), 0x0, 0x0)\n r1 = ioctl$KVM_CREATE_VM(r0, 0xae01, 0x0)\n r2 = openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000240), 0x0, 0x0)\n r3 = ioctl$KVM_CREATE_VM(r2, 0xae01, 0x0)\n ioctl$KVM_SET_CLOCK(r3, 0xc008aeba, \u0026(0x7f0000000040)={0x1, 0x8, 0x0, 0x5625e9b0}) (async)\n ioctl$KVM_SET_PIT2(r3, 0x8010aebb, \u0026(0x7f0000000280)={[...], 0x5}) (async)\n ioctl$KVM_SET_PIT2(r1, 0x4070aea0, 0x0) (async)\n r4 = ioctl$KVM_CREATE_VM(0xffffffffffffffff, 0xae01, 0x0)\n openat$kvm(0xffffffffffffff9c, 0x0, 0x0, 0x0) (async)\n ioctl$KVM_SET_USER_MEMORY_REGION(r4, 0x4020ae46, \u0026(0x7f0000000400)={0x0, 0x0, 0x0, 0x2000, \u0026(0x7f0000001000/0x2000)=nil}) (async)\n r5 = ioctl$KVM_CREATE_VCPU(r4, 0xae41, 0x2)\n close(r0) (async)\n openat$kvm(0xffffffffffffff9c, \u0026(0x7f0000000000), 0x8000, 0x0) (async)\n ioctl$KVM_SET_GUEST_DEBUG(r5, 0x4048ae9b, \u0026(0x7f0000000300)={0x4376ea830d46549b, 0x0, [0x46, 0x0, 0x0, 0x0, 0x0, 0x1000]}) (async)\n ioctl$KVM_RUN(r5, 0xae80, 0x0)\n\nOpportunistically use guard() to avoid having to define a new error label\nand goto usage.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31592",
"url": "https://www.suse.com/security/cve/CVE-2026-31592"
},
{
"category": "external",
"summary": "SUSE Bug 1263123 for CVE-2026-31592",
"url": "https://bugzilla.suse.com/1263123"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31592"
},
{
"cve": "CVE-2026-31664",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31664"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfrm: clear trailing padding in build_polexpire()\n\nbuild_expire() clears the trailing padding bytes of struct\nxfrm_user_expire after setting the hard field via memset_after(),\nbut the analogous function build_polexpire() does not do this for\nstruct xfrm_user_polexpire.\n\nThe padding bytes after the __u8 hard field are left\nuninitialized from the heap allocation, and are then sent to\nuserspace via netlink multicast to XFRMNLGRP_EXPIRE listeners,\nleaking kernel heap memory contents.\n\nAdd the missing memset_after() call, matching build_expire().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31664",
"url": "https://www.suse.com/security/cve/CVE-2026-31664"
},
{
"category": "external",
"summary": "SUSE Bug 1263578 for CVE-2026-31664",
"url": "https://bugzilla.suse.com/1263578"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31664"
},
{
"cve": "CVE-2026-31665",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31665"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_ct: fix use-after-free in timeout object destroy\n\nnft_ct_timeout_obj_destroy() frees the timeout object with kfree()\nimmediately after nf_ct_untimeout(), without waiting for an RCU grace\nperiod. Concurrent packet processing on other CPUs may still hold\nRCU-protected references to the timeout object obtained via\nrcu_dereference() in nf_ct_timeout_data().\n\nAdd an rcu_head to struct nf_ct_timeout and use kfree_rcu() to defer\nfreeing until after an RCU grace period, matching the approach already\nused in nfnetlink_cttimeout.c.\n\nKASAN report:\n BUG: KASAN: slab-use-after-free in nf_conntrack_tcp_packet+0x1381/0x29d0\n Read of size 4 at addr ffff8881035fe19c by task exploit/80\n\n Call Trace:\n nf_conntrack_tcp_packet+0x1381/0x29d0\n nf_conntrack_in+0x612/0x8b0\n nf_hook_slow+0x70/0x100\n __ip_local_out+0x1b2/0x210\n tcp_sendmsg_locked+0x722/0x1580\n __sys_sendto+0x2d8/0x320\n\n Allocated by task 75:\n nft_ct_timeout_obj_init+0xf6/0x290\n nft_obj_init+0x107/0x1b0\n nf_tables_newobj+0x680/0x9c0\n nfnetlink_rcv_batch+0xc29/0xe00\n\n Freed by task 26:\n nft_obj_destroy+0x3f/0xa0\n nf_tables_trans_destroy_work+0x51c/0x5c0\n process_one_work+0x2c4/0x5a0",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31665",
"url": "https://www.suse.com/security/cve/CVE-2026-31665"
},
{
"category": "external",
"summary": "SUSE Bug 1263137 for CVE-2026-31665",
"url": "https://bugzilla.suse.com/1263137"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31665"
},
{
"cve": "CVE-2026-31674",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31674"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check()\n\nReject rt match rules whose addrnr exceeds IP6T_RT_HOPS.\n\nrt_mt6() expects addrnr to stay within the bounds of rtinfo-\u003eaddrs[].\nValidate addrnr during rule installation so malformed rules are rejected\nbefore the match logic can use an out-of-range value.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31674",
"url": "https://www.suse.com/security/cve/CVE-2026-31674"
},
{
"category": "external",
"summary": "SUSE Bug 1263568 for CVE-2026-31674",
"url": "https://bugzilla.suse.com/1263568"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31674"
},
{
"cve": "CVE-2026-31680",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31680"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipv6: flowlabel: defer exclusive option free until RCU teardown\n\n`ip6fl_seq_show()` walks the global flowlabel hash under the seq-file\nRCU read-side lock and prints `fl-\u003eopt-\u003eopt_nflen` when an option block\nis present.\n\nExclusive flowlabels currently free `fl-\u003eopt` as soon as `fl-\u003eusers`\ndrops to zero in `fl_release()`. However, the surrounding\n`struct ip6_flowlabel` remains visible in the global hash table until\nlater garbage collection removes it and `fl_free_rcu()` finally tears it\ndown.\n\nA concurrent `/proc/net/ip6_flowlabel` reader can therefore race that\nearly `kfree()` and dereference freed option state, triggering a crash\nin `ip6fl_seq_show()`.\n\nFix this by keeping `fl-\u003eopt` alive until `fl_free_rcu()`. That matches\nthe lifetime already required for the enclosing flowlabel while readers\ncan still reach it under RCU.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31680",
"url": "https://www.suse.com/security/cve/CVE-2026-31680"
},
{
"category": "external",
"summary": "SUSE Bug 1263563 for CVE-2026-31680",
"url": "https://bugzilla.suse.com/1263563"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 4.7,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31680"
},
{
"cve": "CVE-2026-31693",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31693"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncifs: some missing initializations on replay\n\nIn several places in the code, we have a label to signify\nthe start of the code where a request can be replayed if\nnecessary. However, some of these places were missing the\nnecessary reinitializations of certain local variables\nbefore replay.\n\nThis change makes sure that these variables get initialized\nafter the label.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31693",
"url": "https://www.suse.com/security/cve/CVE-2026-31693"
},
{
"category": "external",
"summary": "SUSE Bug 1267744 for CVE-2026-31693",
"url": "https://bugzilla.suse.com/1267744"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31693"
},
{
"cve": "CVE-2026-31697",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31697"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy ID to userspace if PSP command failed\n\nWhen retrieving the ID for the CPU, don\u0027t attempt to copy the ID blob to\nuserspace if the firmware command failed. If the failure was due to an\ninvalid length, i.e. the userspace buffer+length was too small, copying\nthe number of bytes _firmware_ requires will overflow the kernel-allocated\nbuffer and leak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 64 at addr ffff8881867f5960 by task syz.0.906/24388\n\n CPU: 130 UID: 0 PID: 24388 Comm: syz.0.906 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_get_id2+0x361/0x490 ../drivers/crypto/ccp/sev-dev.c:2222\n sev_ioctl+0x25f/0x490 ../drivers/crypto/ccp/sev-dev.c:2575\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31697",
"url": "https://www.suse.com/security/cve/CVE-2026-31697"
},
{
"category": "external",
"summary": "SUSE Bug 1264116 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264116"
},
{
"category": "external",
"summary": "SUSE Bug 1264144 for CVE-2026-31697",
"url": "https://bugzilla.suse.com/1264144"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31697"
},
{
"cve": "CVE-2026-31698",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31698"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy PDH cert to userspace if PSP command failed\n\nWhen retrieving the PDH cert, don\u0027t attempt to copy the blobs to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff8885c4ab8aa0 by task syz.0.186/21033\n\n CPU: 51 UID: 0 PID: 21033 Comm: syz.0.186 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 34.84.12-0 11/17/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pdh_export+0x3d3/0x7c0 ../drivers/crypto/ccp/sev-dev.c:2347\n sev_ioctl+0x2a2/0x490 ../drivers/crypto/ccp/sev-dev.c:2568\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31698",
"url": "https://www.suse.com/security/cve/CVE-2026-31698"
},
{
"category": "external",
"summary": "SUSE Bug 1263880 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263880"
},
{
"category": "external",
"summary": "SUSE Bug 1263929 for CVE-2026-31698",
"url": "https://bugzilla.suse.com/1263929"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31698"
},
{
"cve": "CVE-2026-31699",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31699"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: ccp: Don\u0027t attempt to copy CSR to userspace if PSP command failed\n\nWhen retrieving the PEK CSR, don\u0027t attempt to copy the blob to userspace\nif the firmware command failed. If the failure was due to an invalid\nlength, i.e. the userspace buffer+length was too small, copying the number\nof bytes _firmware_ requires will overflow the kernel-allocated buffer and\nleak data to userspace.\n\n BUG: KASAN: slab-out-of-bounds in instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n BUG: KASAN: slab-out-of-bounds in _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n BUG: KASAN: slab-out-of-bounds in _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n Read of size 2084 at addr ffff898144612e20 by task syz.9.219/21405\n\n CPU: 14 UID: 0 PID: 21405 Comm: syz.9.219 Tainted: G U O 7.0.0-smp-DEV #28 PREEMPTLAZY\n Tainted: [U]=USER, [O]=OOT_MODULE\n Hardware name: Google, Inc. Arcadia_IT_80/Arcadia_IT_80, BIOS 12.62.0-0 11/19/2025\n Call Trace:\n \u003cTASK\u003e\n dump_stack_lvl+0xc5/0x110 ../lib/dump_stack.c:120\n print_address_description ../mm/kasan/report.c:378 [inline]\n print_report+0xbc/0x260 ../mm/kasan/report.c:482\n kasan_report+0xa2/0xe0 ../mm/kasan/report.c:595\n check_region_inline ../mm/kasan/generic.c:-1 [inline]\n kasan_check_range+0x264/0x2c0 ../mm/kasan/generic.c:200\n instrument_copy_to_user ../include/linux/instrumented.h:129 [inline]\n _inline_copy_to_user ../include/linux/uaccess.h:205 [inline]\n _copy_to_user+0x66/0xa0 ../lib/usercopy.c:26\n copy_to_user ../include/linux/uaccess.h:236 [inline]\n sev_ioctl_do_pek_csr+0x31f/0x590 ../drivers/crypto/ccp/sev-dev.c:1872\n sev_ioctl+0x3a4/0x490 ../drivers/crypto/ccp/sev-dev.c:2562\n vfs_ioctl ../fs/ioctl.c:51 [inline]\n __do_sys_ioctl ../fs/ioctl.c:597 [inline]\n __se_sys_ioctl+0x11d/0x1b0 ../fs/ioctl.c:583\n do_syscall_x64 ../arch/x86/entry/syscall_64.c:63 [inline]\n do_syscall_64+0xe0/0x800 ../arch/x86/entry/syscall_64.c:94\n entry_SYSCALL_64_after_hwframe+0x76/0x7e\n \u003c/TASK\u003e\n\nWARN if the driver says the command succeeded, but the firmware error code\nsays otherwise, as __sev_do_cmd_locked() is expected to return -EIO on any\nfirwmware error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31699",
"url": "https://www.suse.com/security/cve/CVE-2026-31699"
},
{
"category": "external",
"summary": "SUSE Bug 1263879 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263879"
},
{
"category": "external",
"summary": "SUSE Bug 1263928 for CVE-2026-31699",
"url": "https://bugzilla.suse.com/1263928"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.4,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31699"
},
{
"cve": "CVE-2026-31752",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31752"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbridge: br_nd_send: validate ND option lengths\n\nbr_nd_send() walks ND options according to option-provided lengths.\nA malformed option can make the parser advance beyond the computed\noption span or use a too-short source LLADDR option payload.\n\nValidate option lengths against the remaining NS option area before\nadvancing, and only read source LLADDR when the option is large enough\nfor an Ethernet address.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31752",
"url": "https://www.suse.com/security/cve/CVE-2026-31752"
},
{
"category": "external",
"summary": "SUSE Bug 1264045 for CVE-2026-31752",
"url": "https://bugzilla.suse.com/1264045"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-31752"
},
{
"cve": "CVE-2026-31759",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31759"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nusb: ulpi: fix double free in ulpi_register_interface() error path\n\nWhen device_register() fails, ulpi_register() calls put_device() on\nulpi-\u003edev.\n\nThe device release callback ulpi_dev_release() drops the OF node\nreference and frees ulpi, but the current error path in\nulpi_register_interface() then calls kfree(ulpi) again, causing a\ndouble free.\n\nLet put_device() handle the cleanup through ulpi_dev_release() and\navoid freeing ulpi again in ulpi_register_interface().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31759",
"url": "https://www.suse.com/security/cve/CVE-2026-31759"
},
{
"category": "external",
"summary": "SUSE Bug 1264076 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264076"
},
{
"category": "external",
"summary": "SUSE Bug 1264078 for CVE-2026-31759",
"url": "https://bugzilla.suse.com/1264078"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31759"
},
{
"cve": "CVE-2026-31771",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-31771"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_event: move wake reason storage into validated event handlers\n\nhci_store_wake_reason() is called from hci_event_packet() immediately\nafter stripping the HCI event header but before hci_event_func()\nenforces the per-event minimum payload length from hci_ev_table.\nThis means a short HCI event frame can reach bacpy() before any bounds\ncheck runs.\n\nRather than duplicating skb parsing and per-event length checks inside\nhci_store_wake_reason(), move wake-address storage into the individual\nevent handlers after their existing event-length validation has\nsucceeded. Convert hci_store_wake_reason() into a small helper that only\nstores an already-validated bdaddr while the caller holds hci_dev_lock().\nUse the same helper after hci_event_func() with a NULL address to\npreserve the existing unexpected-wake fallback semantics when no\nvalidated event handler records a wake address.\n\nAnnotate the helper with __must_hold(\u0026hdev-\u003elock) and add\nlockdep_assert_held(\u0026hdev-\u003elock) so future call paths keep the lock\ncontract explicit.\n\nCall the helper from hci_conn_request_evt(), hci_conn_complete_evt(),\nhci_sync_conn_complete_evt(), le_conn_complete_evt(),\nhci_le_adv_report_evt(), hci_le_ext_adv_report_evt(),\nhci_le_direct_adv_report_evt(), hci_le_pa_sync_established_evt(), and\nhci_le_past_received_evt().",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-31771",
"url": "https://www.suse.com/security/cve/CVE-2026-31771"
},
{
"category": "external",
"summary": "SUSE Bug 1264145 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264145"
},
{
"category": "external",
"summary": "SUSE Bug 1264146 for CVE-2026-31771",
"url": "https://bugzilla.suse.com/1264146"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-31771"
},
{
"cve": "CVE-2026-43023",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43023"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: SCO: fix race conditions in sco_sock_connect()\n\nsco_sock_connect() checks sk_state and sk_type without holding\nthe socket lock. Two concurrent connect() syscalls on the same\nsocket can both pass the check and enter sco_connect(), leading\nto use-after-free.\n\nThe buggy scenario involves three participants and was confirmed\nwith additional logging instrumentation:\n\n Thread A (connect): HCI disconnect: Thread B (connect):\n\n sco_sock_connect(sk) sco_sock_connect(sk)\n sk_state==BT_OPEN sk_state==BT_OPEN\n (pass, no lock) (pass, no lock)\n sco_connect(sk): sco_connect(sk):\n hci_dev_lock hci_dev_lock\n hci_connect_sco \u003c- blocked\n -\u003e hcon1\n sco_conn_add-\u003econn1\n lock_sock(sk)\n sco_chan_add:\n conn1-\u003esk = sk\n sk-\u003econn = conn1\n sk_state=BT_CONNECT\n release_sock\n hci_dev_unlock\n hci_dev_lock\n sco_conn_del:\n lock_sock(sk)\n sco_chan_del:\n sk-\u003econn=NULL\n conn1-\u003esk=NULL\n sk_state=\n BT_CLOSED\n SOCK_ZAPPED\n release_sock\n hci_dev_unlock\n (unblocked)\n hci_connect_sco\n -\u003e hcon2\n sco_conn_add\n -\u003e conn2\n lock_sock(sk)\n sco_chan_add:\n sk-\u003econn=conn2\n sk_state=\n BT_CONNECT\n // zombie sk!\n release_sock\n hci_dev_unlock\n\nThread B revives a BT_CLOSED + SOCK_ZAPPED socket back to\nBT_CONNECT. Subsequent cleanup triggers double sock_put() and\nuse-after-free. Meanwhile conn1 is leaked as it was orphaned\nwhen sco_conn_del() cleared the association.\n\nFix this by:\n- Moving lock_sock() before the sk_state/sk_type checks in\n sco_sock_connect() to serialize concurrent connect attempts\n- Fixing the sk_type != SOCK_SEQPACKET check to actually\n return the error instead of just assigning it\n- Adding a state re-check in sco_connect() after lock_sock()\n to catch state changes during the window between the locks\n- Adding sco_pi(sk)-\u003econn check in sco_chan_add() to prevent\n double-attach of a socket to multiple connections\n- Adding hci_conn_drop() on sco_chan_add failure to prevent\n HCI connection leaks",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43023",
"url": "https://www.suse.com/security/cve/CVE-2026-43023"
},
{
"category": "external",
"summary": "SUSE Bug 1264137 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264137"
},
{
"category": "external",
"summary": "SUSE Bug 1264138 for CVE-2026-43023",
"url": "https://bugzilla.suse.com/1264138"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43023"
},
{
"cve": "CVE-2026-43024",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43024"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nf_tables: reject immediate NF_QUEUE verdict\n\nnft_queue is always used from userspace nftables to deliver the NF_QUEUE\nverdict. Immediately emitting an NF_QUEUE verdict is never used by the\nuserspace nft tools, so reject immediate NF_QUEUE verdicts.\n\nThe arp family does not provide queue support, but such an immediate\nverdict is still reachable. Globally reject NF_QUEUE immediate verdicts\nto address this issue.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43024",
"url": "https://www.suse.com/security/cve/CVE-2026-43024"
},
{
"category": "external",
"summary": "SUSE Bug 1263930 for CVE-2026-43024",
"url": "https://bugzilla.suse.com/1263930"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43024"
},
{
"cve": "CVE-2026-43028",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43028"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: x_tables: ensure names are nul-terminated\n\nReject names that lack a \\0 character before feeding them\nto functions that expect c-strings.\n\nFixes tag is the most recent commit that needs this change.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43028",
"url": "https://www.suse.com/security/cve/CVE-2026-43028"
},
{
"category": "external",
"summary": "SUSE Bug 1263934 for CVE-2026-43028",
"url": "https://bugzilla.suse.com/1263934"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43028"
},
{
"cve": "CVE-2026-43035",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43035"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: sched: cls_api: fix tc_chain_fill_node to initialize tcm_info to zero to prevent an info-leak\n\nWhen building netlink messages, tc_chain_fill_node() never initializes\nthe tcm_info field of struct tcmsg. Since the allocation is not zeroed,\nkernel heap memory is leaked to userspace through this 4-byte field.\n\nThe fix simply zeroes tcm_info alongside the other fields that are\nalready initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43035",
"url": "https://www.suse.com/security/cve/CVE-2026-43035"
},
{
"category": "external",
"summary": "SUSE Bug 1263996 for CVE-2026-43035",
"url": "https://bugzilla.suse.com/1263996"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43035"
},
{
"cve": "CVE-2026-43036",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43036"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: use skb_header_pointer() for TCPv4 GSO frag_off check\n\nSyzbot reported a KMSAN uninit-value warning in gso_features_check()\ncalled from netif_skb_features() [1].\n\ngso_features_check() reads iph-\u003efrag_off to decide whether to clear\nmangleid_features. Accessing the IPv4 header via ip_hdr()/inner_ip_hdr()\ncan rely on skb header offsets that are not always safe for direct\ndereference on packets injected from PF_PACKET paths.\n\nUse skb_header_pointer() for the TCPv4 frag_off check so the header read\nis robust whether data is already linear or needs copying.\n\n[1] https://syzkaller.appspot.com/bug?extid=1543a7d954d9c6d00407",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43036",
"url": "https://www.suse.com/security/cve/CVE-2026-43036"
},
{
"category": "external",
"summary": "SUSE Bug 1263993 for CVE-2026-43036",
"url": "https://bugzilla.suse.com/1263993"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43036"
},
{
"cve": "CVE-2026-43049",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43049"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nHID: logitech-hidpp: Prevent use-after-free on force feedback initialisation failure\n\nPresently, if the force feedback initialisation fails when probing the\nLogitech G920 Driving Force Racing Wheel for Xbox One, an error number\nwill be returned and propagated before the userspace infrastructure\n(sysfs and /dev/input) has been torn down. If userspace ignores the\nerrors and continues to use its references to these dangling entities, a\nUAF will promptly follow.\n\nWe have 2 options; continue to return the error, but ensure that all of\nthe infrastructure is torn down accordingly or continue to treat this\ncondition as a warning by emitting the message but returning success.\nIt is thought that the original author\u0027s intention was to emit the\nwarning but keep the device functional, less the force feedback feature,\nso let\u0027s go with that.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43049",
"url": "https://www.suse.com/security/cve/CVE-2026-43049"
},
{
"category": "external",
"summary": "SUSE Bug 1264080 for CVE-2026-43049",
"url": "https://bugzilla.suse.com/1264080"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43049"
},
{
"cve": "CVE-2026-43053",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43053"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: close crash window in attr dabtree inactivation\n\nWhen inactivating an inode with node-format extended attributes,\nxfs_attr3_node_inactive() invalidates all child leaf/node blocks via\nxfs_trans_binval(), but intentionally does not remove the corresponding\nentries from their parent node blocks. The implicit assumption is that\nxfs_attr_inactive() will truncate the entire attr fork to zero extents\nafterwards, so log recovery will never reach the root node and follow\nthose stale pointers.\n\nHowever, if a log shutdown occurs after the leaf/node block cancellations\ncommit but before the attr bmap truncation commits, this assumption\nbreaks. Recovery replays the attr bmap intact (the inode still has\nattr fork extents), but suppresses replay of all cancelled leaf/node\nblocks, maybe leaving them as stale data on disk. On the next mount,\nxlog_recover_process_iunlinks() retries inactivation and attempts to\nread the root node via the attr bmap. If the root node was not replayed,\nreading the unreplayed root block triggers a metadata verification\nfailure immediately; if it was replayed, following its child pointers\nto unreplayed child blocks triggers the same failure:\n\n XFS (pmem0): Metadata corruption detected at\n xfs_da3_node_read_verify+0x53/0x220, xfs_da3_node block 0x78\n XFS (pmem0): Unmount and run xfs_repair\n XFS (pmem0): First 128 bytes of corrupted metadata buffer:\n 00000000: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000010: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000020: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000030: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000040: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000050: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000060: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n 00000070: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................\n XFS (pmem0): metadata I/O error in \"xfs_da_read_buf+0x104/0x190\" at daddr 0x78 len 8 error 117\n\nFix this in two places:\n\nIn xfs_attr3_node_inactive(), after calling xfs_trans_binval() on a\nchild block, immediately remove the entry that references it from the\nparent node in the same transaction. This eliminates the window where\nthe parent holds a pointer to a cancelled block. Once all children are\nremoved, the now-empty root node is converted to a leaf block within the\nsame transaction. This node-to-leaf conversion is necessary for crash\nsafety. If the system shutdown after the empty node is written to the\nlog but before the second-phase bmap truncation commits, log recovery\nwill attempt to verify the root block on disk. xfs_da3_node_verify()\ndoes not permit a node block with count == 0; such a block will fail\nverification and trigger a metadata corruption shutdown. on the other\nhand, leaf blocks are allowed to have this transient state.\n\nIn xfs_attr_inactive(), split the attr fork truncation into two explicit\nphases. First, truncate all extents beyond the root block (the child\nextents whose parent references have already been removed above).\nSecond, invalidate the root block and truncate the attr bmap to zero in\na single transaction. The two operations in the second phase must be\natomic: as long as the attr bmap has any non-zero length, recovery can\nfollow it to the root block, so the root block invalidation must commit\ntogether with the bmap-to-zero truncation.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43053",
"url": "https://www.suse.com/security/cve/CVE-2026-43053"
},
{
"category": "external",
"summary": "SUSE Bug 1264084 for CVE-2026-43053",
"url": "https://bugzilla.suse.com/1264084"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43053"
},
{
"cve": "CVE-2026-43074",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43074"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\neventpoll: defer struct eventpoll free to RCU grace period\n\nIn certain situations, ep_free() in eventpoll.c will kfree the epi-\u003eep\neventpoll struct while it still being used by another concurrent thread.\nDefer the kfree() to an RCU callback to prevent UAF.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43074",
"url": "https://www.suse.com/security/cve/CVE-2026-43074"
},
{
"category": "external",
"summary": "SUSE Bug 1264263 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1264263"
},
{
"category": "external",
"summary": "SUSE Bug 1265307 for CVE-2026-43074",
"url": "https://bugzilla.suse.com/1265307"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43074"
},
{
"cve": "CVE-2026-43077",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43077"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ncrypto: algif_aead - Fix minimum RX size check for decryption\n\nThe check for the minimum receive buffer size did not take the\ntag size into account during decryption. Fix this by adding the\nrequired extra length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43077",
"url": "https://www.suse.com/security/cve/CVE-2026-43077"
},
{
"category": "external",
"summary": "SUSE Bug 1264470 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1264470"
},
{
"category": "external",
"summary": "SUSE Bug 1265306 for CVE-2026-43077",
"url": "https://bugzilla.suse.com/1265306"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43077"
},
{
"cve": "CVE-2026-43083",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43083"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ioam6: fix OOB and missing lock\n\nWhen trace-\u003etype.bit6 is set:\n\n if (trace-\u003etype.bit6) {\n ...\n queue = skb_get_tx_queue(dev, skb);\n qdisc = rcu_dereference(queue-\u003eqdisc);\n\nThis code can lead to an out-of-bounds access of the dev-\u003e_tx[] array\nwhen is_input is true. In such a case, the packet is on the RX path and\nskb-\u003equeue_mapping contains the RX queue index of the ingress device. If\nthe ingress device has more RX queues than the egress device (dev) has\nTX queues, skb_get_queue_mapping(skb) will exceed dev-\u003enum_tx_queues.\nAdd a check to avoid this situation since skb_get_tx_queue() does not\nclamp the index. This issue has also revealed that per queue visibility\ncannot be accurate and will be replaced later as a new feature.\n\nWhile at it, add missing lock around qdisc_qstats_qlen_backlog(). The\nfunction __ioam6_fill_trace_data() is called from both softirq and\nprocess contexts, hence the use of spin_lock_bh() here.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43083",
"url": "https://www.suse.com/security/cve/CVE-2026-43083"
},
{
"category": "external",
"summary": "SUSE Bug 1264266 for CVE-2026-43083",
"url": "https://bugzilla.suse.com/1264266"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43083"
},
{
"cve": "CVE-2026-43101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: ioam: fix potential NULL dereferences in __ioam6_fill_trace_data()\n\nWe need to check __in6_dev_get() for possible NULL value, as\nsuggested by Yiming Qian.\n\nAlso add skb_dst_dev_rcu() instead of skb_dst_dev(),\nand two missing READ_ONCE().\n\nNote that @dev can\u0027t be NULL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43101",
"url": "https://www.suse.com/security/cve/CVE-2026-43101"
},
{
"category": "external",
"summary": "SUSE Bug 1264239 for CVE-2026-43101",
"url": "https://bugzilla.suse.com/1264239"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43101"
},
{
"cve": "CVE-2026-43112",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43112"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfs/smb/client: fix out-of-bounds read in cifs_sanitize_prepath\n\nWhen cifs_sanitize_prepath is called with an empty string or a string\ncontaining only delimiters (e.g., \"/\"), the current logic attempts to\ncheck *(cursor2 - 1) before cursor2 has advanced. This results in an\nout-of-bounds read.\n\nThis patch adds an early exit check after stripping prepended\ndelimiters. If no path content remains, the function returns NULL.\n\nThe bug was identified via manual audit and verified using a\nstandalone test case compiled with AddressSanitizer, which\ntriggered a SEGV on affected inputs.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43112",
"url": "https://www.suse.com/security/cve/CVE-2026-43112"
},
{
"category": "external",
"summary": "SUSE Bug 1264437 for CVE-2026-43112",
"url": "https://bugzilla.suse.com/1264437"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43112"
},
{
"cve": "CVE-2026-43119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: hci_sync: annotate data-races around hdev-\u003ereq_status\n\n__hci_cmd_sync_sk() sets hdev-\u003ereq_status under hdev-\u003ereq_lock:\n\n hdev-\u003ereq_status = HCI_REQ_PEND;\n\nHowever, several other functions read or write hdev-\u003ereq_status without\nholding any lock:\n\n - hci_send_cmd_sync() reads req_status in hci_cmd_work (workqueue)\n - hci_cmd_sync_complete() reads/writes from HCI event completion\n - hci_cmd_sync_cancel() / hci_cmd_sync_cancel_sync() read/write\n - hci_abort_conn() reads in connection abort path\n\nSince __hci_cmd_sync_sk() runs on hdev-\u003ereq_workqueue while\nhci_send_cmd_sync() runs on hdev-\u003eworkqueue, these are different\nworkqueues that can execute concurrently on different CPUs. The plain\nC accesses constitute a data race.\n\nAdd READ_ONCE()/WRITE_ONCE() annotations on all concurrent accesses\nto hdev-\u003ereq_status to prevent potential compiler optimizations that\ncould affect correctness (e.g., load fusing in the wait_event\ncondition or store reordering).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43119",
"url": "https://www.suse.com/security/cve/CVE-2026-43119"
},
{
"category": "external",
"summary": "SUSE Bug 1264561 for CVE-2026-43119",
"url": "https://bugzilla.suse.com/1264561"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43119"
},
{
"cve": "CVE-2026-43158",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43158"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix freemap adjustments when adding xattrs to leaf blocks\n\nxfs/592 and xfs/794 both trip this assertion in the leaf block freemap\nadjustment code after ~20 minutes of running on my test VMs:\n\n ASSERT(ichdr-\u003efirstused \u003e= ichdr-\u003ecount * sizeof(xfs_attr_leaf_entry_t)\n\t\t\t\t\t+ xfs_attr3_leaf_hdr_size(leaf));\n\nUpon enabling quite a lot more debugging code, I narrowed this down to\nfsstress trying to set a local extended attribute with namelen=3 and\nvaluelen=71. This results in an entry size of 80 bytes.\n\nAt the start of xfs_attr3_leaf_add_work, the freemap looks like this:\n\ni 0 base 448 size 0 rhs 448 count 46\ni 1 base 388 size 132 rhs 448 count 46\ni 2 base 2120 size 4 rhs 448 count 46\nfirstused = 520\n\nwhere \"rhs\" is the first byte past the end of the leaf entry array.\nThis is inconsistent -- the entries array ends at byte 448, but\nfreemap[1] says there\u0027s free space starting at byte 388!\n\nBy the end of the function, the freemap is in worse shape:\n\ni 0 base 456 size 0 rhs 456 count 47\ni 1 base 388 size 52 rhs 456 count 47\ni 2 base 2120 size 4 rhs 456 count 47\nfirstused = 440\n\nImportant note: 388 is not aligned with the entries array element size\nof 8 bytes.\n\nBased on the incorrect freemap, the name area starts at byte 440, which\nis below the end of the entries array! That\u0027s why the assertion\ntriggers and the filesystem shuts down.\n\nHow did we end up here? First, recall from the previous patch that the\nfreemap array in an xattr leaf block is not intended to be a\ncomprehensive map of all free space in the leaf block. In other words,\nit\u0027s perfectly legal to have a leaf block with:\n\n * 376 bytes in use by the entries array\n * freemap[0] has [base = 376, size = 8]\n * freemap[1] has [base = 388, size = 1500]\n * the space between 376 and 388 is free, but the freemap stopped\n tracking that some time ago\n\nIf we add one xattr, the entries array grows to 384 bytes, and\nfreemap[0] becomes [base = 384, size = 0]. So far, so good. But if we\nadd a second xattr, the entries array grows to 392 bytes, and freemap[0]\ngets pushed up to [base = 392, size = 0]. This is bad, because\nfreemap[1] hasn\u0027t been updated, and now the entries array and the free\nspace claim the same space.\n\nThe fix here is to adjust all freemap entries so that none of them\ncollide with the entries array. Note that this fix relies on commit\n2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size underflow\") and\nthe previous patch that resets zero length freemap entries to have\nbase = 0.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43158",
"url": "https://www.suse.com/security/cve/CVE-2026-43158"
},
{
"category": "external",
"summary": "SUSE Bug 1264595 for CVE-2026-43158",
"url": "https://bugzilla.suse.com/1264595"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43158"
},
{
"cve": "CVE-2026-43171",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43171"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nEFI/CPER: don\u0027t dump the entire memory region\n\nThe current logic at cper_print_fw_err() doesn\u0027t check if the\nerror record length is big enough to handle offset. On a bad firmware,\nif the ofset is above the actual record, length -= offset will\nunderflow, making it dump the entire memory.\n\nThe end result can be:\n\n - the logic taking a lot of time dumping large regions of memory;\n - data disclosure due to the memory dumps;\n - an OOPS, if it tries to dump an unmapped memory region.\n\nFix it by checking if the section length is too small before doing\na hex dump.\n\n[ rjw: Subject tweaks ]",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43171",
"url": "https://www.suse.com/security/cve/CVE-2026-43171"
},
{
"category": "external",
"summary": "SUSE Bug 1264549 for CVE-2026-43171",
"url": "https://bugzilla.suse.com/1264549"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43171"
},
{
"cve": "CVE-2026-43187",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43187"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: delete attr leaf freemap entries when empty\n\nBack in commit 2a2b5932db6758 (\"xfs: fix attr leaf header freemap.size\nunderflow\"), Brian Foster observed that it\u0027s possible for a small\nfreemap at the end of the end of the xattr entries array to experience\na size underflow when subtracting the space consumed by an expansion of\nthe entries array. There are only three freemap entries, which means\nthat it is not a complete index of all free space in the leaf block.\n\nThis code can leave behind a zero-length freemap entry with a nonzero\nbase. Subsequent setxattr operations can increase the base up to the\npoint that it overlaps with another freemap entry. This isn\u0027t in and of\nitself a problem because the code in _leaf_add that finds free space\nignores any freemap entry with zero size.\n\nHowever, there\u0027s another bug in the freemap update code in _leaf_add,\nwhich is that it fails to update a freemap entry that begins midway\nthrough the xattr entry that was just appended to the array. That can\nresult in the freemap containing two entries with the same base but\ndifferent sizes (0 for the \"pushed-up\" entry, nonzero for the entry\nthat\u0027s actually tracking free space). A subsequent _leaf_add can then\nallocate xattr namevalue entries on top of the entries array, leading to\ndata loss. But fixing that is for later.\n\nFor now, eliminate the possibility of confusion by zeroing out the base\nof any freemap entry that has zero size. Because the freemap is not\nintended to be a complete index of free space, a subsequent failure to\nfind any free space for a new xattr will trigger block compaction, which\nregenerates the freemap.\n\nIt looks like this bug has been in the codebase for quite a long time.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43187",
"url": "https://www.suse.com/security/cve/CVE-2026-43187"
},
{
"category": "external",
"summary": "SUSE Bug 1264603 for CVE-2026-43187",
"url": "https://bugzilla.suse.com/1264603"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43187"
},
{
"cve": "CVE-2026-43198",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43198"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ntcp: fix potential race in tcp_v6_syn_recv_sock()\n\nCode in tcp_v6_syn_recv_sock() after the call to tcp_v4_syn_recv_sock()\nis done too late.\n\nAfter tcp_v4_syn_recv_sock(), the child socket is already visible\nfrom TCP ehash table and other cpus might use it.\n\nSince newinet-\u003epinet6 is still pointing to the listener ipv6_pinfo\nbad things can happen as syzbot found.\n\nMove the problematic code in tcp_v6_mapped_child_init()\nand call this new helper from tcp_v4_syn_recv_sock() before\nthe ehash insertion.\n\nThis allows the removal of one tcp_sync_mss(), since\ntcp_v4_syn_recv_sock() will call it with the correct\ncontext.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43198",
"url": "https://www.suse.com/security/cve/CVE-2026-43198"
},
{
"category": "external",
"summary": "SUSE Bug 1264610 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264610"
},
{
"category": "external",
"summary": "SUSE Bug 1264611 for CVE-2026-43198",
"url": "https://bugzilla.suse.com/1264611"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-43198"
},
{
"cve": "CVE-2026-43239",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43239"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsmb: client: prevent races in -\u003equery_interfaces()\n\nIt was possible for two query interface works to be concurrently trying\nto update the interfaces.\n\nPrevent this by checking and updating iface_last_update under\niface_lock.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43239",
"url": "https://www.suse.com/security/cve/CVE-2026-43239"
},
{
"category": "external",
"summary": "SUSE Bug 1264444 for CVE-2026-43239",
"url": "https://bugzilla.suse.com/1264444"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43239"
},
{
"cve": "CVE-2026-43339",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43339"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: prevent possible UaF in addrconf_permanent_addr()\n\nThe mentioned helper try to warn the user about an exceptional\ncondition, but the message is delivered too late, accessing the ipv6\nafter its possible deletion.\n\nReorder the statement to avoid the possible UaF; while at it, place the\nwarning outside the idev-\u003elock as it needs no protection.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43339",
"url": "https://www.suse.com/security/cve/CVE-2026-43339"
},
{
"category": "external",
"summary": "SUSE Bug 1264763 for CVE-2026-43339",
"url": "https://bugzilla.suse.com/1264763"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43339"
},
{
"cve": "CVE-2026-43345",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43345"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: ipa: fix event ring index not programmed for IPA v5.0+\n\nFor IPA v5.0+, the event ring index field moved from CH_C_CNTXT_0 to\nCH_C_CNTXT_1. The v5.0 register definition intended to define this\nfield in the CH_C_CNTXT_1 fmask array but used the old identifier of\nERINDEX instead of CH_ERINDEX.\n\nWithout a valid event ring, GSI channels could never signal transfer\ncompletions. This caused gsi_channel_trans_quiesce() to block\nforever in wait_for_completion().\n\nAt least for IPA v5.2 this resolves an issue seen where runtime\nsuspend, system suspend, and remoteproc stop all hanged forever. It\nalso meant the IPA data path was completely non functional.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43345",
"url": "https://www.suse.com/security/cve/CVE-2026-43345"
},
{
"category": "external",
"summary": "SUSE Bug 1265103 for CVE-2026-43345",
"url": "https://bugzilla.suse.com/1265103"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43345"
},
{
"cve": "CVE-2026-43405",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43405"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Use u32 for non-negative values in ceph_monmap_decode()\n\nThis patch fixes unnecessary implicit conversions that change signedness\nof blob_len and num_mon in ceph_monmap_decode().\nCurrently blob_len and num_mon are (signed) int variables. They are used\nto hold values that are always non-negative and get assigned in\nceph_decode_32_safe(), which is meant to assign u32 values. Both\nvariables are subsequently used as unsigned values, and the value of\nnum_mon is further assigned to monmap-\u003enum_mon, which is of type u32.\nTherefore, both variables should be of type u32. This is especially\nrelevant for num_mon. If the value read from the incoming message is\nvery large, it is interpreted as a negative value, and the check for\nnum_mon \u003e CEPH_MAX_MON does not catch it. This leads to the attempt to\nallocate a very large chunk of memory for monmap, which will most likely\nfail. In this case, an unnecessary attempt to allocate memory is\nperformed, and -ENOMEM is returned instead of -EINVAL.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43405",
"url": "https://www.suse.com/security/cve/CVE-2026-43405"
},
{
"category": "external",
"summary": "SUSE Bug 1264741 for CVE-2026-43405",
"url": "https://bugzilla.suse.com/1264741"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43405"
},
{
"cve": "CVE-2026-43469",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43469"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxprtrdma: Decrement re_receiving on the early exit paths\n\nIn the event that rpcrdma_post_recvs() fails to create a work request\n(due to memory allocation failure, say) or otherwise exits early, we\nshould decrement ep-\u003ere_receiving before returning. Otherwise we will\nhang in rpcrdma_xprt_drain() as re_receiving will never reach zero and\nthe completion will never be triggered.\n\nOn a system with high memory pressure, this can appear as the following\nhung task:\n\n INFO: task kworker/u385:17:8393 blocked for more than 122 seconds.\n Tainted: G S E 6.19.0 #3\n \"echo 0 \u003e /proc/sys/kernel/hung_task_timeout_secs\" disables this message.\n task:kworker/u385:17 state:D stack:0 pid:8393 tgid:8393 ppid:2 task_flags:0x4248060 flags:0x00080000\n Workqueue: xprtiod xprt_autoclose [sunrpc]\n Call Trace:\n \u003cTASK\u003e\n __schedule+0x48b/0x18b0\n ? ib_post_send_mad+0x247/0xae0 [ib_core]\n schedule+0x27/0xf0\n schedule_timeout+0x104/0x110\n __wait_for_common+0x98/0x180\n ? __pfx_schedule_timeout+0x10/0x10\n wait_for_completion+0x24/0x40\n rpcrdma_xprt_disconnect+0x444/0x460 [rpcrdma]\n xprt_rdma_close+0x12/0x40 [rpcrdma]\n xprt_autoclose+0x5f/0x120 [sunrpc]\n process_one_work+0x191/0x3e0\n worker_thread+0x2e3/0x420\n ? __pfx_worker_thread+0x10/0x10\n kthread+0x10d/0x230\n ? __pfx_kthread+0x10/0x10\n ret_from_fork+0x273/0x2b0\n ? __pfx_kthread+0x10/0x10\n ret_from_fork_asm+0x1a/0x30",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43469",
"url": "https://www.suse.com/security/cve/CVE-2026-43469"
},
{
"category": "external",
"summary": "SUSE Bug 1265143 for CVE-2026-43469",
"url": "https://bugzilla.suse.com/1265143"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43469"
},
{
"cve": "CVE-2026-43491",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-43491"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: qrtr: ns: Limit the maximum server registration per node\n\nCurrent code does no bound checking on the number of servers added per\nnode. A malicious client can flood NEW_SERVER messages and exhaust memory.\n\nFix this issue by limiting the maximum number of server registrations to\n256 per node. If the NEW_SERVER message is received for an old port, then\ndon\u0027t restrict it as it will get replaced. While at it, also rate limit\nthe error messages in the failure path of qrtr_ns_worker().\n\nNote that the limit of 256 is chosen based on the current platform\nrequirements. If requirement changes in the future, this limit can be\nincreased.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-43491",
"url": "https://www.suse.com/security/cve/CVE-2026-43491"
},
{
"category": "external",
"summary": "SUSE Bug 1265628 for CVE-2026-43491",
"url": "https://bugzilla.suse.com/1265628"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-43491"
},
{
"cve": "CVE-2026-45840",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45840"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nopenvswitch: cap upcall PID array size and pre-size vport replies\n\nThe vport netlink reply helpers allocate a fixed-size skb with\nnlmsg_new(NLMSG_DEFAULT_SIZE, ...) but serialize the full upcall PID\narray via ovs_vport_get_upcall_portids(). Since\novs_vport_set_upcall_portids() accepts any non-zero multiple of\nsizeof(u32) with no upper bound, a CAP_NET_ADMIN user can install a PID\narray large enough to overflow the reply buffer, causing nla_put() to\nfail with -EMSGSIZE and hitting BUG_ON(err \u003c 0). On systems with\nunprivileged user namespaces enabled (e.g., Ubuntu default), this is\nreachable via unshare -Urn since OVS vport mutation operations use\nGENL_UNS_ADMIN_PERM.\n\n kernel BUG at net/openvswitch/datapath.c:2414!\n Oops: invalid opcode: 0000 [#1] SMP KASAN NOPTI\n CPU: 1 UID: 0 PID: 65 Comm: poc Not tainted 7.0.0-rc7-00195-geb216e422044 #1\n RIP: 0010:ovs_vport_cmd_set+0x34c/0x400\n Call Trace:\n \u003cTASK\u003e\n genl_family_rcv_msg_doit (net/netlink/genetlink.c:1116)\n genl_rcv_msg (net/netlink/genetlink.c:1194)\n netlink_rcv_skb (net/netlink/af_netlink.c:2550)\n genl_rcv (net/netlink/genetlink.c:1219)\n netlink_unicast (net/netlink/af_netlink.c:1344)\n netlink_sendmsg (net/netlink/af_netlink.c:1894)\n __sys_sendto (net/socket.c:2206)\n __x64_sys_sendto (net/socket.c:2209)\n do_syscall_64 (arch/x86/entry/syscall_64.c:63)\n entry_SYSCALL_64_after_hwframe (arch/x86/entry/entry_64.S:130)\n \u003c/TASK\u003e\n Kernel panic - not syncing: Fatal exception\n\nReject attempts to set more PIDs than nr_cpu_ids in\novs_vport_set_upcall_portids(), and pre-compute the worst-case reply\nsize in ovs_vport_cmd_msg_size() based on that bound, similar to the\nexisting ovs_dp_cmd_msg_size(). nr_cpu_ids matches the cap already\nused by the per-CPU dispatch configuration on the datapath side\n(ovs_dp_cmd_fill_info() serialises at most nr_cpu_ids PIDs), so the\ntwo sides stay consistent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45840",
"url": "https://www.suse.com/security/cve/CVE-2026-45840"
},
{
"category": "external",
"summary": "SUSE Bug 1266397 for CVE-2026-45840",
"url": "https://bugzilla.suse.com/1266397"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45840"
},
{
"cve": "CVE-2026-45841",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45841"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO\n\nnf_osf_match_one() computes ctx-\u003ewindow % f-\u003ewss.val in the\nOSF_WSS_MODULO branch with no guard for f-\u003ewss.val == 0. A\nCAP_NET_ADMIN user can add such a fingerprint via nfnetlink; a\nsubsequent matching TCP SYN divides by zero and panics the kernel.\n\nReject the bogus fingerprint in nfnl_osf_add_callback() above the\nper-option for-loop. f-\u003ewss is per-fingerprint, not per-option, so\nthe check must run regardless of f-\u003eopt_num (including 0). Also\nreject wss.wc \u003e= OSF_WSS_MAX; nf_osf_match_one() already treats that\nas \"should not happen\".\n\nCrash:\n Oops: divide error: 0000 [#1] SMP KASAN NOPTI\n RIP: 0010:nf_osf_match_one (net/netfilter/nfnetlink_osf.c:98)\n Call Trace:\n \u003cIRQ\u003e\n nf_osf_match (net/netfilter/nfnetlink_osf.c:220)\n xt_osf_match_packet (net/netfilter/xt_osf.c:32)\n ipt_do_table (net/ipv4/netfilter/ip_tables.c:348)\n nf_hook_slow (net/netfilter/core.c:622)\n ip_local_deliver (net/ipv4/ip_input.c:265)\n ip_rcv (include/linux/skbuff.h:1162)\n __netif_receive_skb_one_core (net/core/dev.c:6181)\n process_backlog (net/core/dev.c:6642)\n __napi_poll (net/core/dev.c:7710)\n net_rx_action (net/core/dev.c:7945)\n handle_softirqs (kernel/softirq.c:622)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45841",
"url": "https://www.suse.com/security/cve/CVE-2026-45841"
},
{
"category": "external",
"summary": "SUSE Bug 1266390 for CVE-2026-45841",
"url": "https://bugzilla.suse.com/1266390"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45841"
},
{
"cve": "CVE-2026-45862",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45862"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Flush cache for PASID table before using it\n\nWhen writing the address of a freshly allocated zero-initialized PASID\ntable to a PASID directory entry, do that after the CPU cache flush for\nthis PASID table, not before it, to avoid the time window when this\nPASID table may be already used by non-coherent IOMMU hardware while\nits contents in RAM is still some random old data, not zero-initialized.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45862",
"url": "https://www.suse.com/security/cve/CVE-2026-45862"
},
{
"category": "external",
"summary": "SUSE Bug 1266705 for CVE-2026-45862",
"url": "https://bugzilla.suse.com/1266705"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45862"
},
{
"cve": "CVE-2026-45870",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45870"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: auth_gss: fix memory leaks in XDR decoding error paths\n\nThe gssx_dec_ctx(), gssx_dec_status(), and gssx_dec_name()\nfunctions allocate memory via gssx_dec_buffer(), which calls\nkmemdup(). When a subsequent decode operation fails, these\nfunctions return immediately without freeing previously\nallocated buffers, causing memory leaks.\n\nThe leak in gssx_dec_ctx() is particularly relevant because\nthe caller (gssp_accept_sec_context_upcall) initializes several\nbuffer length fields to non-zero values, resulting in memory\nallocation:\n\n struct gssx_ctx rctxh = {\n .exported_context_token.len = GSSX_max_output_handle_sz,\n .mech.len = GSS_OID_MAX_LEN,\n .src_name.display_name.len = GSSX_max_princ_sz,\n .targ_name.display_name.len = GSSX_max_princ_sz\n };\n\nIf, for example, gssx_dec_name() succeeds for src_name but\nfails for targ_name, the memory allocated for\nexported_context_token, mech, and src_name.display_name\nremains unreferenced and cannot be reclaimed.\n\nAdd error handling with goto-based cleanup to free any\npreviously allocated buffers before returning an error.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45870",
"url": "https://www.suse.com/security/cve/CVE-2026-45870"
},
{
"category": "external",
"summary": "SUSE Bug 1266704 for CVE-2026-45870",
"url": "https://bugzilla.suse.com/1266704"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45870"
},
{
"cve": "CVE-2026-45894",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45894"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\niommu/vt-d: Clear Present bit before tearing down PASID entry\n\nThe Intel VT-d Scalable Mode PASID table entry consists of 512 bits (64\nbytes). When tearing down an entry, the current implementation zeros the\nentire 64-byte structure immediately using multiple 64-bit writes.\n\nSince the IOMMU hardware may fetch these 64 bytes using multiple\ninternal transactions (e.g., four 128-bit bursts), updating or zeroing\nthe entire entry while it is active (P=1) risks a \"torn\" read. If a\nhardware fetch occurs simultaneously with the CPU zeroing the entry, the\nhardware could observe an inconsistent state, leading to unpredictable\nbehavior or spurious faults.\n\nFollow the \"Guidance to Software for Invalidations\" in the VT-d spec\n(Section 6.5.3.3) by implementing the recommended ownership handshake:\n\n1. Clear only the \u0027Present\u0027 (P) bit of the PASID entry.\n2. Use a dma_wmb() to ensure the cleared bit is visible to hardware\n before proceeding.\n3. Execute the required invalidation sequence (PASID cache, IOTLB, and\n Device-TLB flush) to ensure the hardware has released all cached\n references.\n4. Only after the flushes are complete, zero out the remaining fields\n of the PASID entry.\n\nAlso, add a dma_wmb() in pasid_set_present() to ensure that all other\nfields of the PASID entry are visible to the hardware before the Present\nbit is set.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45894",
"url": "https://www.suse.com/security/cve/CVE-2026-45894"
},
{
"category": "external",
"summary": "SUSE Bug 1266895 for CVE-2026-45894",
"url": "https://bugzilla.suse.com/1266895"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45894"
},
{
"cve": "CVE-2026-45940",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45940"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: stmmac: fix oops when split header is enabled\n\nFor GMAC4, when split header is enabled, in some rare cases, the\nhardware does not fill buf2 of the first descriptor with payload.\nThus we cannot assume buf2 is always fully filled if it is not\nthe last descriptor. Otherwise, the length of buf2 of the second\ndescriptor will be calculated wrong and cause an oops:\n\nUnable to handle kernel paging request at virtual address ffff00019246bfc0\n...\nx2 : 0000000000000040 x1 : ffff00019246bfc0 x0 : ffff00009246c000\nCall trace:\n dcache_inval_poc+0x28/0x58 (P)\n dma_direct_sync_single_for_cpu+0x38/0x6c\n __dma_sync_single_for_cpu+0x34/0x6c\n stmmac_napi_poll_rx+0x8f0/0xb60\n __napi_poll.constprop.0+0x30/0x144\n net_rx_action+0x160/0x274\n handle_softirqs+0x1b8/0x1fc\n...\n\nTo fix this, the PL bit-field in RDES3 register is used for all\ndescriptors, whether it is the last descriptor or not.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45940",
"url": "https://www.suse.com/security/cve/CVE-2026-45940"
},
{
"category": "external",
"summary": "SUSE Bug 1266916 for CVE-2026-45940",
"url": "https://bugzilla.suse.com/1266916"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45940"
},
{
"cve": "CVE-2026-45961",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45961"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ngfs2: fix memory leaks in gfs2_fill_super error path\n\nFix two memory leaks in the gfs2_fill_super() error handling path when\ntransitioning a filesystem to read-write mode fails.\n\nFirst leak: kthread objects (thread_struct, task_struct, etc.)\nWhen gfs2_freeze_lock_shared() fails after init_threads() succeeds, the\ncreated kernel threads (logd and quotad) are never destroyed. This\noccurs because the fail_per_node label doesn\u0027t call\ngfs2_destroy_threads().\n\nSecond leak: quota bitmap buffer (8192 bytes)\nWhen gfs2_make_fs_rw() fails after gfs2_quota_init() succeeds but\nbefore other operations complete, the allocated quota bitmap is never\nfreed.\n\nThe fix moves thread cleanup to the fail_per_node label to handle all\nerror paths uniformly. gfs2_destroy_threads() is safe to call\nunconditionally as it checks for NULL pointers. Quota cleanup is added\nin gfs2_make_fs_rw() to properly handle the withdrawal case where\nquota initialization succeeds but the filesystem is then withdrawn.\n\nThread leak backtrace (gfs2_freeze_lock_shared failure):\n unreferenced object 0xffff88801d7bca80 (size 4480):\n copy_process+0x3a1/0x4670 kernel/fork.c:2422\n kernel_clone+0xf3/0x6e0 kernel/fork.c:2779\n kthread_create_on_node+0x100/0x150 kernel/kthread.c:478\n init_threads+0xab/0x350 fs/gfs2/ops_fstype.c:611\n gfs2_fill_super+0xe5c/0x1240 fs/gfs2/ops_fstype.c:1265\n\nQuota leak backtrace (gfs2_make_fs_rw failure):\n unreferenced object 0xffff88812de7c000 (size 8192):\n gfs2_quota_init+0xe5/0x820 fs/gfs2/quota.c:1409\n gfs2_make_fs_rw+0x7a/0xe0 fs/gfs2/super.c:149\n gfs2_fill_super+0xfbb/0x1240 fs/gfs2/ops_fstype.c:1275",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45961",
"url": "https://www.suse.com/security/cve/CVE-2026-45961"
},
{
"category": "external",
"summary": "SUSE Bug 1266933 for CVE-2026-45961",
"url": "https://bugzilla.suse.com/1266933"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 3.3,
"baseSeverity": "LOW",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "low"
}
],
"title": "CVE-2026-45961"
},
{
"cve": "CVE-2026-45964",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45964"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nSUNRPC: fix gss_auth kref leak in gss_alloc_msg error path\n\nCommit 5940d1cf9f42 (\"SUNRPC: Rebalance a kref in auth_gss.c\") added\na kref_get(\u0026gss_auth-\u003ekref) call to balance the gss_put_auth() done\nin gss_release_msg(), but forgot to add a corresponding kref_put()\non the error path when kstrdup_const() fails.\n\nIf service_name is non-NULL and kstrdup_const() fails, the function\njumps to err_put_pipe_version which calls put_pipe_version() and\nkfree(gss_msg), but never releases the gss_auth reference. This leads\nto a kref leak where the gss_auth structure is never freed.\n\nAdd a forward declaration for gss_free_callback() and call kref_put()\nin the err_put_pipe_version error path to properly release the\nreference taken earlier.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45964",
"url": "https://www.suse.com/security/cve/CVE-2026-45964"
},
{
"category": "external",
"summary": "SUSE Bug 1266698 for CVE-2026-45964",
"url": "https://bugzilla.suse.com/1266698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45964"
},
{
"cve": "CVE-2026-45965",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45965"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\napparmor: fix invalid deref of rawdata when export_binary is unset\n\nIf the export_binary parameter is disabled on runtime, profiles that\nwere loaded before that will still have their rawdata stored in\napparmorfs, with a symbolic link to the rawdata on the policy\ndirectory. When one of those profiles are replaced, the rawdata is set\nto NULL, but when trying to resolve the symbolic links to rawdata for\nthat profile, it will try to dereference profile-\u003erawdata-\u003ename when\nprofile-\u003erawdata is now NULL causing an oops. Fix it by checking if\nrawdata is set.\n\n[ 168.653080] BUG: kernel NULL pointer dereference, address: 0000000000000088\n[ 168.657420] #PF: supervisor read access in kernel mode\n[ 168.660619] #PF: error_code(0x0000) - not-present page\n[ 168.663613] PGD 0 P4D 0\n[ 168.665450] Oops: Oops: 0000 [#1] SMP NOPTI\n[ 168.667836] CPU: 1 UID: 0 PID: 1729 Comm: ls Not tainted 6.19.0-rc7+ #3 PREEMPT(voluntary)\n[ 168.672308] Hardware name: QEMU Ubuntu 24.04 PC (i440FX + PIIX, 1996), BIOS 1.16.3-debian-1.16.3-2 04/01/2014\n[ 168.679327] RIP: 0010:rawdata_get_link_base.isra.0+0x23/0x330\n[ 168.682768] Code: 90 90 90 90 90 90 90 0f 1f 44 00 00 55 48 89 e5 41 57 41 56 41 55 41 54 53 48 83 ec 18 48 89 55 d0 48 85 ff 0f 84 e3 01 00 00 \u003c48\u003e 83 3c 25 88 00 00 00 00 0f 84 d4 01 00 00 49 89 f6 49 89 cc e8\n[ 168.689818] RSP: 0018:ffffcdcb8200fb80 EFLAGS: 00010282\n[ 168.690871] RAX: ffffffffaee74ec0 RBX: 0000000000000000 RCX: ffffffffb0120158\n[ 168.692251] RDX: ffffcdcb8200fbe0 RSI: ffff88c187c9fa80 RDI: ffff88c186c98a80\n[ 168.693593] RBP: ffffcdcb8200fbc0 R08: 0000000000000000 R09: 0000000000000000\n[ 168.694941] R10: 0000000000000000 R11: 0000000000000000 R12: ffff88c186c98a80\n[ 168.696289] R13: 00007fff005aaa20 R14: 0000000000000080 R15: ffff88c188f4fce0\n[ 168.697637] FS: 0000790e81c58280(0000) GS:ffff88c20a957000(0000) knlGS:0000000000000000\n[ 168.699227] CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033\n[ 168.700349] CR2: 0000000000000088 CR3: 000000012fd3e000 CR4: 0000000000350ef0\n[ 168.701696] Call Trace:\n[ 168.702325] \u003cTASK\u003e\n[ 168.702995] rawdata_get_link_data+0x1c/0x30\n[ 168.704145] vfs_readlink+0xd4/0x160\n[ 168.705152] do_readlinkat+0x114/0x180\n[ 168.706214] __x64_sys_readlink+0x1e/0x30\n[ 168.708653] x64_sys_call+0x1d77/0x26b0\n[ 168.709525] do_syscall_64+0x81/0x500\n[ 168.710348] ? do_statx+0x72/0xb0\n[ 168.711109] ? putname+0x3e/0x80\n[ 168.711845] ? __x64_sys_statx+0xb7/0x100\n[ 168.712711] ? x64_sys_call+0x10fc/0x26b0\n[ 168.713577] ? do_syscall_64+0xbf/0x500\n[ 168.714412] ? do_user_addr_fault+0x1d2/0x8d0\n[ 168.715404] ? irqentry_exit+0xb2/0x740\n[ 168.716359] ? exc_page_fault+0x90/0x1b0\n[ 168.717307] entry_SYSCALL_64_after_hwframe+0x76/0x7e",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45965",
"url": "https://www.suse.com/security/cve/CVE-2026-45965"
},
{
"category": "external",
"summary": "SUSE Bug 1267208 for CVE-2026-45965",
"url": "https://bugzilla.suse.com/1267208"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45965"
},
{
"cve": "CVE-2026-45974",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-45974"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix invalid leaf access in btrfs_quota_enable() if ref key not found\n\nIf btrfs_search_slot_for_read() returns 1, it means we did not find any\nkey greater than or equals to the key we asked for, meaning we have\nreached the end of the tree and therefore the path is not valid. If\nthis happens we need to break out of the loop and stop, instead of\ncontinuing and accessing an invalid path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-45974",
"url": "https://www.suse.com/security/cve/CVE-2026-45974"
},
{
"category": "external",
"summary": "SUSE Bug 1266922 for CVE-2026-45974",
"url": "https://bugzilla.suse.com/1266922"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-45974"
},
{
"cve": "CVE-2026-46005",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46005"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nxfs: fix a resource leak in xfs_alloc_buftarg()\n\nIn the error path, call fs_put_dax() to drop the DAX\ndevice reference.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46005",
"url": "https://www.suse.com/security/cve/CVE-2026-46005"
},
{
"category": "external",
"summary": "SUSE Bug 1267431 for CVE-2026-46005",
"url": "https://bugzilla.suse.com/1267431"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46005"
},
{
"cve": "CVE-2026-46037",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46037"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv4: icmp: validate reply type before using icmp_pointers\n\nExtended echo replies use ICMP_EXT_ECHOREPLY as the outbound reply type.\nThat value is outside the range covered by icmp_pointers[], which only\ndescribes the traditional ICMP types up to NR_ICMP_TYPES.\n\nAvoid consulting icmp_pointers[] for reply types outside that range, and\nuse array_index_nospec() for the remaining in-range lookup. Normal ICMP\nreplies keep their existing behavior unchanged.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46037",
"url": "https://www.suse.com/security/cve/CVE-2026-46037"
},
{
"category": "external",
"summary": "SUSE Bug 1267361 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267361"
},
{
"category": "external",
"summary": "SUSE Bug 1267362 for CVE-2026-46037",
"url": "https://bugzilla.suse.com/1267362"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 8.2,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46037"
},
{
"cve": "CVE-2026-46101",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46101"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: reject zero shift in nft_bitwise\n\nReject zero shift operands for nft_bitwise left and right shift\nexpressions during initialization.\n\nThe carry propagation logic computes the carry from the adjacent 32-bit\nword using BITS_PER_TYPE(u32) - shift. A zero shift operand turns this\ninto a 32-bit shift, which is undefined behaviour.\n\nReject zero shift operands in the control plane, alongside the existing\ncheck for values greater than or equal to 32, so malformed rules never\nreach the packet path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46101",
"url": "https://www.suse.com/security/cve/CVE-2026-46101"
},
{
"category": "external",
"summary": "SUSE Bug 1266878 for CVE-2026-46101",
"url": "https://bugzilla.suse.com/1266878"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.6,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46101"
},
{
"cve": "CVE-2026-46119",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46119"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nlibceph: Fix slab-out-of-bounds access in auth message processing\n\nIf a (potentially corrupted) message of type CEPH_MSG_AUTH_REPLY\ncontains a positive value in its result field, it is treated as an\nerror code by ceph_handle_auth_reply() and returned to\nhandle_auth_reply(). Thereafter, an attempt is made to send the\npreallocated message of type CEPH_MSG_AUTH, where the returned value is\ninterpreted as the size of the front segment to send. If the result\nvalue in the message is greater than the size of the memory buffer\nallocated for the front segment, an out-of-bounds access occurs, and\nthe content of the memory region beyond this buffer is sent out.\n\nThis patch fixes the issue by treating only negative values in the\nresult field as errors. Positive values are therefore treated as success\nin the same way as a zero value. Additionally, a BUG_ON is added to\n__send_prepared_auth_request() comparing the len parameter to\nfront_alloc_len to prevent sending the message if it exceeds the bounds\nof the allocation and to make it easier to catch any logic flaws leading\nto this.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46119",
"url": "https://www.suse.com/security/cve/CVE-2026-46119"
},
{
"category": "external",
"summary": "SUSE Bug 1267628 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267628"
},
{
"category": "external",
"summary": "SUSE Bug 1267894 for CVE-2026-46119",
"url": "https://bugzilla.suse.com/1267894"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46119"
},
{
"cve": "CVE-2026-46120",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46120"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nip6_gre: Use cached t-\u003enet in ip6erspan_changelink().\n\nAfter commit 5e72ce3e3980 (\"net: ipv6: Use link netns in newlink() of\nrtnl_link_ops\"), ip6erspan_newlink() correctly resolves the per-netns\nip6gre hash via link_net. ip6erspan_changelink() was not converted in\nthat series and still uses dev_net(dev), which diverges from the\ndevice\u0027s creation netns after IFLA_NET_NS_FD migration.\n\nThis re-inserts the tunnel into the wrong per-netns hash. The\noriginal netns keeps a stale entry. When that netns is later\ndestroyed, ip6gre_exit_rtnl_net() walks the stale entry, producing a\nslab-use-after-free reported by KASAN, followed by a kernel BUG at\nnet/core/dev.c (LIST_POISON1) in unregister_netdevice_many_notify().\n\nReachable from an unprivileged user namespace (unshare --user\n--map-root-user --net).\n\nip6gre_changelink() earlier in the same file already uses the cached\nt-\u003enet; only ip6erspan_changelink() has the wrong shape.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46120",
"url": "https://www.suse.com/security/cve/CVE-2026-46120"
},
{
"category": "external",
"summary": "SUSE Bug 1267640 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267640"
},
{
"category": "external",
"summary": "SUSE Bug 1267893 for CVE-2026-46120",
"url": "https://bugzilla.suse.com/1267893"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46120"
},
{
"cve": "CVE-2026-46123",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46123"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nBluetooth: virtio_bt: clamp rx length before skb_put\n\nvirtbt_rx_work() calls skb_put(skb, len) where len comes directly\nfrom virtqueue_get_buf() with no validation against the buffer we\nposted to the device. The RX skb is allocated in virtbt_add_inbuf()\nand exposed to virtio as exactly 1000 bytes via sg_init_one().\n\nChecking len against skb_tailroom(skb) is not sufficient because\nalloc_skb() can leave more tailroom than the 1000 bytes actually\nhanded to the device. A malicious or buggy backend can therefore\nreport used.len between 1001 and skb_tailroom(skb), causing skb_put()\nto include uninitialized kernel heap bytes that were never written by\nthe device.\n\nThe same path also accepts len == 0, in which case skb_put(skb, 0)\nleaves the skb empty but virtbt_rx_handle() still reads the pkt_type\nbyte from skb-\u003edata, consuming uninitialized memory.\n\nDefine VIRTBT_RX_BUF_SIZE once and reuse it in alloc_skb() and\nsg_init_one(), and gate virtbt_rx_work() on that same constant so\nthe bound checked matches the buffer actually exposed to the device.\nReject used.len == 0 in the same gate so an empty completion can\nno longer reach virtbt_rx_handle().\n\nUse bt_dev_err_ratelimited() because the length value comes from an\nuntrusted backend that can otherwise flood the kernel log.\n\nSame class of bug as commit c04db81cd028 (\"net/9p: Fix buffer\noverflow in USB transport layer\"), which hardened the USB 9p\ntransport against unchecked device-reported length.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46123",
"url": "https://www.suse.com/security/cve/CVE-2026-46123"
},
{
"category": "external",
"summary": "SUSE Bug 1267621 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267621"
},
{
"category": "external",
"summary": "SUSE Bug 1267622 for CVE-2026-46123",
"url": "https://bugzilla.suse.com/1267622"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46123"
},
{
"cve": "CVE-2026-46150",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46150"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nfanotify: fix false positive on permission events\n\nfsnotify_get_mark_safe() may return false for a mark on an unrelated group,\nwhich results in bypassing the permission check.\n\nFix by skipping over detached marks that are not in the current group.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46150",
"url": "https://www.suse.com/security/cve/CVE-2026-46150"
},
{
"category": "external",
"summary": "SUSE Bug 1267387 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267387"
},
{
"category": "external",
"summary": "SUSE Bug 1267388 for CVE-2026-46150",
"url": "https://bugzilla.suse.com/1267388"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46150"
},
{
"cve": "CVE-2026-46160",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46160"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nbtrfs: fix missing last_unlink_trans update when removing a directory\n\nWhen removing a directory we are not updating its last_unlink_trans field,\nwhich can result in incorrect fsync behaviour in case some one fsyncs the\ndirectory after it was removed because it\u0027s holding a file descriptor on\nit.\n\nExample scenario:\n\n mkdir /mnt/dir1\n mkdir /mnt/dir1/dir2\n mkdir /mnt/dir3\n\n sync -f /mnt\n\n # Do some change to the directory and fsync it.\n chmod 700 /mnt/dir1\n xfs_io -c fsync /mnt/dir1\n\n # Move dir2 out of dir1 so that dir1 becomes empty.\n mv /mnt/dir1/dir2 /mnt/dir3/\n\n open fd on /mnt/dir1\n call rmdir(2) on path \"/mnt/dir1\"\n fsync fd\n\n \u003ctrigger power failure\u003e\n\nWhen attempting to mount the filesystem, the log replay will fail with\nan -EIO error and dmesg/syslog has the following:\n\n [445771.626482] BTRFS info (device dm-0): first mount of filesystem 0368bbea-6c5e-44b5-b409-09abe496e650\n [445771.626486] BTRFS info (device dm-0): using crc32c checksum algorithm\n [445771.627912] BTRFS info (device dm-0): start tree-log replay\n [445771.628335] page: refcount:2 mapcount:0 mapping:0000000061443ddc index:0x1d00 pfn:0x7072a5\n [445771.629453] memcg:ffff89f400351b00\n [445771.629892] aops:btree_aops [btrfs] ino:1\n [445771.630737] flags: 0x17fffc00000402a(uptodate|lru|private|writeback|node=0|zone=2|lastcpupid=0x1ffff)\n [445771.632359] raw: 017fffc00000402a fffff47284d950c8 fffff472907b7c08 ffff89f458e412b8\n [445771.633713] raw: 0000000000001d00 ffff89f6c51d1a90 00000002ffffffff ffff89f400351b00\n [445771.635029] page dumped because: eb page dump\n [445771.635825] BTRFS critical (device dm-0): corrupt leaf: root=5 block=30408704 slot=10 ino=258, invalid nlink: has 2 expect no more than 1 for dir\n [445771.638088] BTRFS info (device dm-0): leaf 30408704 gen 10 total ptrs 17 free space 14878 owner 5\n [445771.638091] BTRFS info (device dm-0): refs 4 lock_owner 0 current 3581087\n [445771.638094] \titem 0 key (256 INODE_ITEM 0) itemoff 16123 itemsize 160\n [445771.638097] \t\tinode generation 3 transid 9 size 16 nbytes 16384\n [445771.638098] \t\tblock group 0 mode 40755 links 1 uid 0 gid 0\n [445771.638100] \t\trdev 0 sequence 2 flags 0x0\n [445771.638102] \t\tatime 1775744884.0\n [445771.660056] \t\tctime 1775744885.645502983\n [445771.660058] \t\tmtime 1775744885.645502983\n [445771.660060] \t\totime 1775744884.0\n [445771.660062] \titem 1 key (256 INODE_REF 256) itemoff 16111 itemsize 12\n [445771.660064] \t\tindex 0 name_len 2\n [445771.660066] \titem 2 key (256 DIR_ITEM 1843588421) itemoff 16077 itemsize 34\n [445771.660068] \t\tlocation key (259 1 0) type 2\n [445771.660070] \t\ttransid 9 data_len 0 name_len 4\n [445771.660075] \titem 3 key (256 DIR_ITEM 2363071922) itemoff 16043 itemsize 34\n [445771.660076] \t\tlocation key (257 1 0) type 2\n [445771.660077] \t\ttransid 9 data_len 0 name_len 4\n [445771.660078] \titem 4 key (256 DIR_INDEX 2) itemoff 16009 itemsize 34\n [445771.660079] \t\tlocation key (257 1 0) type 2\n [445771.660080] \t\ttransid 9 data_len 0 name_len 4\n [445771.660081] \titem 5 key (256 DIR_INDEX 3) itemoff 15975 itemsize 34\n [445771.660082] \t\tlocation key (259 1 0) type 2\n [445771.660083] \t\ttransid 9 data_len 0 name_len 4\n [445771.660084] \titem 6 key (257 INODE_ITEM 0) itemoff 15815 itemsize 160\n [445771.660086] \t\tinode generation 9 transid 9 size 8 nbytes 0\n [445771.660087] \t\tblock group 0 mode 40777 links 1 uid 0 gid 0\n [445771.660088] \t\trdev 0 sequence 2 flags 0x0\n [445771.660089] \t\tatime 1775744885.641174097\n [445771.660090] \t\tctime 1775744885.645502983\n [445771.660091] \t\tmtime 1775744885.645502983\n [445771.660105] \t\totime 1775744885.641174097\n [445771.660106] \titem 7 key (257 INODE_REF 256) itemoff 15801 itemsize 14\n [445771.660107] \t\tindex 2 name_len 4\n [445771.660108] \titem 8 key (257 DIR_ITEM 2676584006) itemoff 15767 itemsize 34\n [445771.660109] \t\tlocation key (2\n---truncated---",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46160",
"url": "https://www.suse.com/security/cve/CVE-2026-46160"
},
{
"category": "external",
"summary": "SUSE Bug 1267624 for CVE-2026-46160",
"url": "https://bugzilla.suse.com/1267624"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46160"
},
{
"cve": "CVE-2026-46172",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46172"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nipv6: xfrm6: release dst on error in xfrm6_rcv_encap()\n\nxfrm6_rcv_encap() performs an IPv6 route lookup when the skb does not\nalready have a dst attached. ip6_route_input_lookup() returns a\nreferenced dst entry even when the lookup resolves to an error route.\n\nIf dst-\u003eerror is set, xfrm6_rcv_encap() drops the skb without attaching\nthe dst to the skb and without releasing the reference returned by the\nlookup. Repeated packets hitting this path therefore leak dst entries.\n\nRelease the dst before jumping to the drop path.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46172",
"url": "https://www.suse.com/security/cve/CVE-2026-46172"
},
{
"category": "external",
"summary": "SUSE Bug 1266903 for CVE-2026-46172",
"url": "https://bugzilla.suse.com/1266903"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46172"
},
{
"cve": "CVE-2026-46197",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46197"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/amdkfd: validate SVM ioctl nattr against buffer size\n\nValidate nattr field against the buffer size, preventing\nout-of-bounds buffer access via user-controlled attribute count.\n\n(cherry picked from commit 5eca8bfdfa456c3304ca77523718fe24254c172f)",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46197",
"url": "https://www.suse.com/security/cve/CVE-2026-46197"
},
{
"category": "external",
"summary": "SUSE Bug 1267381 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267381"
},
{
"category": "external",
"summary": "SUSE Bug 1267382 for CVE-2026-46197",
"url": "https://bugzilla.suse.com/1267382"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46197"
},
{
"cve": "CVE-2026-46227",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46227"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nsctp: revalidate list cursor after sctp_sendmsg_to_asoc() in SCTP_SENDALL\n\nThe SCTP_SENDALL path in sctp_sendmsg() iterates ep-\u003easocs with\nlist_for_each_entry_safe(), which caches the next entry in @tmp before\nthe loop body runs. The body calls sctp_sendmsg_to_asoc(), which may\ndrop the socket lock inside sctp_wait_for_sndbuf().\n\nWhile the lock is dropped, another thread can SCTP_SOCKOPT_PEELOFF the\nassociation cached in @tmp, migrating it to a new endpoint via\nsctp_sock_migrate() (list_del_init() + list_add_tail() to\nnewep-\u003easocs), and optionally close the new socket which frees the\nassociation via kfree_rcu(). The cached @tmp can also be freed by a\nnetwork ABORT for that association, processed in softirq while the\nlock is dropped.\n\nsctp_wait_for_sndbuf() revalidates @asoc (the current entry) on re-lock\nvia the \"sk != asoc-\u003ebase.sk\" and \"asoc-\u003ebase.dead\" checks, but nothing\nrevalidates @tmp. After a successful return, the iterator advances to\nthe stale @tmp, yielding either a use-after-free (if the peeled socket\nwas closed) or a list-walk onto the new endpoint\u0027s list head (type\nconfusion of \u0026newep-\u003easocs as a struct sctp_association *).\n\nBoth are reachable from CapEff=0; the type-confusion path gives\ncontrolled indirect call via the outqueue.sched-\u003einit_sid pointer.\n\nFix by re-deriving @tmp from @asoc after sctp_sendmsg_to_asoc()\nreturns. @asoc is known to still be on ep-\u003easocs at that point: the\nonly callers that list_del an association from ep-\u003easocs are\nsctp_association_free() (which sets asoc-\u003ebase.dead) and\nsctp_assoc_migrate() (which changes asoc-\u003ebase.sk), and\nsctp_wait_for_sndbuf() checks both under the lock before any\nsuccessful return; a tripped check propagates as err \u003c 0 and the loop\nbails before the re-derive.\n\nThe SCTP_ABORT path in sctp_sendmsg_check_sflags() returns 0 and the\nloop hits \u0027continue\u0027 before sctp_sendmsg_to_asoc() is ever called, so\nthe @tmp cached by list_for_each_entry_safe() still covers the\nlock-held free that ba59fb027307 (\"sctp: walk the list of asoc\nsafely\") was added for.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46227",
"url": "https://www.suse.com/security/cve/CVE-2026-46227"
},
{
"category": "external",
"summary": "SUSE Bug 1267697 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267697"
},
{
"category": "external",
"summary": "SUSE Bug 1267698 for CVE-2026-46227",
"url": "https://bugzilla.suse.com/1267698"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "important"
}
],
"title": "CVE-2026-46227"
},
{
"cve": "CVE-2026-46244",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46244"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: nft_inner: Fix IPv6 inner_thoff desync\n\nIn nft_inner_parse_l2l3(), when processing inner IPv6 packets,\nipv6_find_hdr() correctly computes the transport header offset\ntraversing all extension headers, but the result is immediately\noverwritten with nhoff + sizeof(_ip6h) (40 bytes), which only\naccounts for the IPv6 base header. This creates a desync between\ninner_thoff (wrong - points to extension header start) and l4proto\n(correct - e.g., IPPROTO_TCP), enabling transport header forgery\nand potential firewall bypass. This issue affects stable versions\nfrom Linux 6.2.\n\nFor comparison, the normal (non-inner) IPv6 path correctly\npreserves ipv6_find_hdr()\u0027s result. Removing the incorrect overwrite\nensures that ipv6_find_hdr()\u0027s calculated transport header offset is\npreserved, thereby fixing the desynchronization.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46244",
"url": "https://www.suse.com/security/cve/CVE-2026-46244"
},
{
"category": "external",
"summary": "SUSE Bug 1267654 for CVE-2026-46244",
"url": "https://bugzilla.suse.com/1267654"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46244"
},
{
"cve": "CVE-2026-46259",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46259"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nprocfs: fix missing RCU protection when reading real_parent in do_task_stat()\n\nWhen reading /proc/[pid]/stat, do_task_stat() accesses task-\u003ereal_parent\nwithout proper RCU protection, which leads to:\n\n cpu 0 cpu 1\n ----- -----\n do_task_stat\n var = task-\u003ereal_parent\n release_task\n call_rcu(delayed_put_task_struct)\n task_tgid_nr_ns(var)\n rcu_read_lock \u003c--- Too late to protect task-\u003ereal_parent!\n task_pid_ptr \u003c--- UAF!\n rcu_read_unlock\n\nThis patch uses task_ppid_nr_ns() instead of task_tgid_nr_ns() to add\nproper RCU protection for accessing task-\u003ereal_parent.",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46259",
"url": "https://www.suse.com/security/cve/CVE-2026-46259"
},
{
"category": "external",
"summary": "SUSE Bug 1267685 for CVE-2026-46259",
"url": "https://bugzilla.suse.com/1267685"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46259"
},
{
"cve": "CVE-2026-46273",
"ids": [
{
"system_name": "SUSE CVE Page",
"text": "https://www.suse.com/security/cve/CVE-2026-46273"
}
],
"notes": [
{
"category": "general",
"text": "In the Linux kernel, the following vulnerability has been resolved:\n\nibmveth: Disable GSO for packets with small MSS\n\nSome physical adapters on Power systems do not support segmentation\noffload when the MSS is less than 224 bytes. Attempting to send such\npackets causes the adapter to freeze, stopping all traffic until\nmanually reset.\n\nImplement ndo_features_check to disable GSO for packets with small MSS\nvalues. The network stack will perform software segmentation instead.\n\nThe 224-byte minimum matches ibmvnic\ncommit \u003cf10b09ef687f\u003e (\"ibmvnic: Enforce stronger sanity checks\non GSO packets\")\nwhich uses the same physical adapters in SEA configurations.\n\nThe issue occurs specifically when the hardware attempts to perform\nsegmentation (gso_segs \u003e 1) with a small MSS. Single-segment GSO packets\n(gso_segs == 1) do not trigger the problematic LSO code path and are\ntransmitted normally without segmentation.\n\nAdd an ndo_features_check callback to disable GSO when MSS \u003c 224 bytes.\nAlso call vlan_features_check() to ensure proper handling of VLAN packets,\nparticularly QinQ (802.1ad) configurations where the hardware parser may\nnot support certain offload features.\n\nValidated using iptables to force small MSS values. Without the fix,\nthe adapter freezes. With the fix, packets are segmented in software\nand transmission succeeds. Comprehensive regression testing completedd\n(MSS tests, performance, stability).",
"title": "CVE description"
}
],
"product_status": {
"recommended": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
},
"references": [
{
"category": "external",
"summary": "CVE-2026-46273",
"url": "https://www.suse.com/security/cve/CVE-2026-46273"
},
{
"category": "external",
"summary": "SUSE Bug 1267651 for CVE-2026-46273",
"url": "https://bugzilla.suse.com/1267651"
}
],
"remediations": [
{
"category": "vendor_fix",
"details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
"product_ids": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"scores": [
{
"cvss_v3": {
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.aarch64",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.aarch64",
"SUSE Linux Micro 6.0:kernel-default-base-6.4.0-48.1.21.25.x86_64",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.s390x",
"SUSE Linux Micro 6.0:kernel-default-livepatch-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-devel-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-kvmsmall-6.4.0-48.1.x86_64",
"SUSE Linux Micro 6.0:kernel-macros-6.4.0-48.1.noarch",
"SUSE Linux Micro 6.0:kernel-source-6.4.0-48.1.noarch"
]
}
],
"threats": [
{
"category": "impact",
"date": "2026-06-30T23:09:03Z",
"details": "moderate"
}
],
"title": "CVE-2026-46273"
}
]
}
WID-SEC-W-2026-1180
Vulnerability from csaf_certbund - Published: 2026-04-19 22:00 - Updated: 2026-05-27 22:00| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— |
| Product | Identifier | Version | Remediation |
|---|---|---|---|
|
Debian Linux
Debian
|
cpe:/o:debian:debian_linux:-
|
— | |
|
Google Container-Optimized OS
Google
|
cpe:/o:google:container-optimized_os:-
|
— | |
|
Open Source Linux Kernel
Open Source
|
cpe:/o:linux:linux_kernel:-
|
— |
| URL | Category |
|---|---|
| https://wid.cert-bund.de/.well-known/csaf/white/2… | self |
| https://wid.cert-bund.de/portal/wid/securityadvis… | self |
| https://lore.kernel.org/linux-cve-announce/ | external |
| https://lore.kernel.org/linux-cve-announce/202604… | external |
| https://lore.kernel.org/linux-cve-announce/202604… | external |
| https://lists.debian.org/debian-security-announce… | external |
| https://docs.cloud.google.com/container-optimized… | external |
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein lokaler Angreifer kann mehrere Schwachstellen im Linux Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die potenziell einen Denial-of-Service-Zustand verursachen, sensible Informationen offenlegen oder zu einer Speicherbesch\u00e4digung f\u00fchren k\u00f6nnen.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Linux",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2026-1180 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1180.json"
},
{
"category": "self",
"summary": "WID-SEC-2026-1180 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1180"
},
{
"category": "external",
"summary": "Kernel CVE Announce Mailingliste",
"url": "https://lore.kernel.org/linux-cve-announce/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31429",
"url": "https://lore.kernel.org/linux-cve-announce/2026042006-CVE-2026-31429-a0e1@gregkh/"
},
{
"category": "external",
"summary": "Linux Kernel CVE Announcement CVE-2026-31430",
"url": "https://lore.kernel.org/linux-cve-announce/2026042008-CVE-2026-31430-299d@gregkh/"
},
{
"category": "external",
"summary": "Debian Security Advisory DSA-6238 vom 2026-05-04",
"url": "https://lists.debian.org/debian-security-announce/2026/msg00148.html"
},
{
"category": "external",
"summary": "Container-Optimized OS release notes vom 2026-05-27",
"url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#May_26_2026"
}
],
"source_lang": "en-US",
"title": "Linux Kernel: Mehrere Schwachstellen",
"tracking": {
"current_release_date": "2026-05-27T22:00:00.000+00:00",
"generator": {
"date": "2026-05-28T07:27:36.972+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.6.0"
}
},
"id": "WID-SEC-W-2026-1180",
"initial_release_date": "2026-04-19T22:00:00.000+00:00",
"revision_history": [
{
"date": "2026-04-19T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
},
{
"date": "2026-04-20T22:00:00.000+00:00",
"number": "2",
"summary": "Referenz(en) aufgenommen: EUVD-2026-23816, EUVD-2026-23819"
},
{
"date": "2026-05-03T22:00:00.000+00:00",
"number": "3",
"summary": "Neue Updates von Debian aufgenommen"
},
{
"date": "2026-05-27T22:00:00.000+00:00",
"number": "4",
"summary": "Neue Updates aufgenommen"
}
],
"status": "final",
"version": "4"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Debian Linux",
"product": {
"name": "Debian Linux",
"product_id": "2951",
"product_identification_helper": {
"cpe": "cpe:/o:debian:debian_linux:-"
}
}
}
],
"category": "vendor",
"name": "Debian"
},
{
"branches": [
{
"category": "product_name",
"name": "Google Container-Optimized OS",
"product": {
"name": "Google Container-Optimized OS",
"product_id": "1607324",
"product_identification_helper": {
"cpe": "cpe:/o:google:container-optimized_os:-"
}
}
}
],
"category": "vendor",
"name": "Google"
},
{
"branches": [
{
"category": "product_name",
"name": "Open Source Linux Kernel",
"product": {
"name": "Open Source Linux Kernel",
"product_id": "T053015",
"product_identification_helper": {
"cpe": "cpe:/o:linux:linux_kernel:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2026-31429",
"product_status": {
"known_affected": [
"2951",
"1607324",
"T053015"
]
},
"release_date": "2026-04-19T22:00:00.000+00:00",
"title": "CVE-2026-31429"
},
{
"cve": "CVE-2026-31430",
"product_status": {
"known_affected": [
"2951",
"1607324",
"T053015"
]
},
"release_date": "2026-04-19T22:00:00.000+00:00",
"title": "CVE-2026-31430"
}
]
}
Sightings
| Author | Source | Type | Date | Other |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.