SB2026021262 - SUSE update for the Linux Kernel
Published: February 12, 2026
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 144 secuirty vulnerabilities.
1) Use-after-free (CVE-ID: CVE-2022-48838)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_gadget_remove_driver(), udc_bind_to_driver() and dev_err() functions in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
2) Improper locking (CVE-ID: CVE-2022-49943)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the usb_gadget_disconnect(), gadget_bind_driver(), gadget_unbind_driver(), soft_connect_store() and function_show() functions in drivers/usb/gadget/udc/core.c. A local user can perform a denial of service (DoS) attack.
3) Use-after-free (CVE-ID: CVE-2022-49980)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the usb_udc_uevent() function in drivers/usb/gadget/udc/core.c. A local user can escalate privileges on the system.
4) Memory leak (CVE-ID: CVE-2022-50347)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rtsx_usb_sdmmc_drv_probe() function in drivers/mmc/host/rtsx_usb_sdmmc.c. A local user can perform a denial of service (DoS) attack.
5) Buffer overflow (CVE-ID: CVE-2022-50580)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the tg_with_in_bps_limit() function in block/blk-throttle.c. A local user can perform a denial of service (DoS) attack.
6) Improper locking (CVE-ID: CVE-2022-50676)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the rds_tcp_reset_callbacks() function in net/rds/tcp.c. A local user can perform a denial of service (DoS) attack.
7) Use-after-free (CVE-ID: CVE-2022-50697)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the mrp_join_timer(), mrp_periodic_timer(), mrp_init_applicant() and mrp_uninit_applicant() functions in net/802/mrp.c. A local user can escalate privileges on the system.
8) Use of uninitialized resource (CVE-ID: CVE-2022-50709)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the ath9k_htc_txcompletion_cb() and ath9k_htc_rx_msg() functions in drivers/net/wireless/ath/ath9k/htc_hst.c. A local user can perform a denial of service (DoS) attack.
9) Use-after-free (CVE-ID: CVE-2022-50716)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ar5523_cmd_tx_cb() and ar5523_cmd() functions in drivers/net/wireless/ath/ar5523/ar5523.c. A local user can escalate privileges on the system.
10) Out-of-bounds read (CVE-ID: CVE-2022-50717)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the nvmet_tcp_handle_h2c_data_pdu() function in drivers/nvme/target/tcp.c. A local user can perform a denial of service (DoS) attack.
11) Buffer overflow (CVE-ID: CVE-2022-50719)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the line6_midi_transmit() function in sound/usb/line6/midi.c. A local user can escalate privileges on the system.
12) Memory leak (CVE-ID: CVE-2022-50740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ath9k_hif_usb_dealloc_tx_urbs() function in drivers/net/wireless/ath/ath9k/hif_usb.c. A local user can perform a denial of service (DoS) attack.
13) Improper locking (CVE-ID: CVE-2022-50744)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the lpfc_rx_monitor_report() function in drivers/scsi/lpfc/lpfc_sli.c. A local user can perform a denial of service (DoS) attack.
14) Integer overflow (CVE-ID: CVE-2022-50749)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the encode_comp_t() function in kernel/acct.c. A local user can execute arbitrary code.
15) Memory leak (CVE-ID: CVE-2022-50751)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the configfs_create_dir() and configfs_create_link() functions in fs/configfs/dir.c. A local user can perform a denial of service (DoS) attack.
16) Memory leak (CVE-ID: CVE-2022-50760)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amdgpu_atrm_get_bios() function in drivers/gpu/drm/amd/amdgpu/amdgpu_bios.c. A local user can perform a denial of service (DoS) attack.
17) Memory leak (CVE-ID: CVE-2022-50770)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the ocfs2_fill_super() and ocfs2_mount_volume() functions in fs/ocfs2/super.c. A local user can perform a denial of service (DoS) attack.
18) Memory leak (CVE-ID: CVE-2022-50777)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the xgmiitorgmii_probe() function in drivers/net/phy/xilinx_gmii2rgmii.c. A local user can perform a denial of service (DoS) attack.
19) Use-after-free (CVE-ID: CVE-2022-50780)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the net_assign_generic() and ops_init() functions in net/core/net_namespace.c. A local user can escalate privileges on the system.
20) Improper error handling (CVE-ID: CVE-2022-50782)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the vfs_setup_quota_inode() function in fs/quota/dquot.c. A local user can perform a denial of service (DoS) attack.
21) NULL pointer dereference (CVE-ID: CVE-2022-50786)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the s5p_mfc_close_mfc_inst() function in drivers/media/platform/samsung/s5p-mfc/s5p_mfc_ctrl.c. A local user can perform a denial of service (DoS) attack.
22) Improper locking (CVE-ID: CVE-2022-50816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ipip6_tunnel_bind_dev() function in net/ipv6/sit.c. A local user can perform a denial of service (DoS) attack.
23) Memory leak (CVE-ID: CVE-2022-50834)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the nfc_genl_se_io() and nfc_genl_vendor_cmd() functions in net/nfc/netlink.c. A local user can perform a denial of service (DoS) attack.
24) Integer overflow (CVE-ID: CVE-2022-50865)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer overflow within the tcp_add_backlog() function in net/ipv4/tcp_ipv4.c. A local user can execute arbitrary code.
25) Memory leak (CVE-ID: CVE-2022-50868)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the mod_init() and mod_exit() functions in drivers/char/hw_random/amd-rng.c. A local user can perform a denial of service (DoS) attack.
26) Use-after-free (CVE-ID: CVE-2022-50880)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath10k_peer_delete(), ath10k_peer_cleanup() and ath10k_sta_state() functions in drivers/net/wireless/ath/ath10k/mac.c. A local user can escalate privileges on the system.
27) Use-after-free (CVE-ID: CVE-2022-50881)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ath9k_htc_disconnect_device() function in drivers/net/wireless/ath/ath9k/htc_drv_init.c. A local user can escalate privileges on the system.
28) NULL pointer dereference (CVE-ID: CVE-2022-50884)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the drm_copy_field() function in drivers/gpu/drm/drm_ioctl.c. A local user can perform a denial of service (DoS) attack.
29) NULL pointer dereference (CVE-ID: CVE-2022-50885)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_qp_do_cleanup() function in drivers/infiniband/sw/rxe/rxe_qp.c. A local user can perform a denial of service (DoS) attack.
30) Memory leak (CVE-ID: CVE-2022-50887)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the regulator_dev_lookup() function in drivers/regulator/core.c. A local user can perform a denial of service (DoS) attack.
31) Out-of-bounds read (CVE-ID: CVE-2023-52525)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_rx_packet() function in drivers/net/wireless/marvell/mwifiex/sta_rx.c. A local user can perform a denial of service (DoS) attack.
32) Use-after-free (CVE-ID: CVE-2023-52999)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ops_init() function in net/core/net_namespace.c. A local user can escalate privileges on the system.
33) Resource management error (CVE-ID: CVE-2023-53148)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the igb_io_error_detected() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
34) Use-after-free (CVE-ID: CVE-2023-53178)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
35) Out-of-bounds read (CVE-ID: CVE-2023-53226)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the mwifiex_process_mgmt_packet() function in drivers/net/wireless/marvell/mwifiex/util.c. A local user can perform a denial of service (DoS) attack.
36) Input validation error (CVE-ID: CVE-2023-53464)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the iscsi_sw_tcp_conn_set_param() function in drivers/scsi/iscsi_tcp.c. A local user can perform a denial of service (DoS) attack.
37) Memory leak (CVE-ID: CVE-2023-53685)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the tun_get_user() and tun_xdp_one() functions in drivers/net/tun.c. A local user can perform a denial of service (DoS) attack.
38) Use-after-free (CVE-ID: CVE-2023-53747)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the vcs_write() function in drivers/tty/vt/vc_screen.c. A local user can escalate privileges on the system.
39) Use-after-free (CVE-ID: CVE-2023-53751)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cifs_chan_is_iface_active() and cifs_try_adding_channels() functions in fs/cifs/sess.c. A local user can escalate privileges on the system.
40) Memory leak (CVE-ID: CVE-2023-53825)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
41) Improper locking (CVE-ID: CVE-2023-53853)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the netlink_recvmsg(), netlink_dump(), __netlink_dump_start() and netlink_native_seq_show() functions in net/netlink/af_netlink.c. A local user can perform a denial of service (DoS) attack.
42) Buffer overflow (CVE-ID: CVE-2023-53863)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the nlmsg_populate_fdb_fill() and rtnl_fdb_notify() functions in net/core/rtnetlink.c. A local user can perform a denial of service (DoS) attack.
43) Input validation error (CVE-ID: CVE-2023-53992)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __cfg80211_leave_ocb() function in net/wireless/ocb.c. A local user can perform a denial of service (DoS) attack.
44) Stack-based buffer overflow (CVE-ID: CVE-2023-54012)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to stack overflow within the include/net/bonding.h. A local user can perform a denial of service (DoS) attack.
45) Use-after-free (CVE-ID: CVE-2023-54047)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the dw_hdmi_rockchip_unbind() function in drivers/gpu/drm/rockchip/dw_hdmi-rockchip.c. A local user can escalate privileges on the system.
46) Double free (CVE-ID: CVE-2023-54048)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the drivers/infiniband/hw/bnxt_re/qplib_fp.h. A local user can perform a denial of service (DoS) attack.
47) Improper locking (CVE-ID: CVE-2023-54067)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the btrfs_delete_free_space_tree() function in fs/btrfs/free-space-tree.c. A local user can perform a denial of service (DoS) attack.
48) Memory leak (CVE-ID: CVE-2023-54111)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the rockchip_pinctrl_parse_groups() function in drivers/pinctrl/pinctrl-rockchip.c. A local user can perform a denial of service (DoS) attack.
49) Memory leak (CVE-ID: CVE-2023-54112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the kcm_sendmsg() function in net/kcm/kcmsock.c. A local user can perform a denial of service (DoS) attack.
50) Improper error handling (CVE-ID: CVE-2023-54118)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the sc16is7xx_probe() function in drivers/tty/serial/sc16is7xx.c. A local user can perform a denial of service (DoS) attack.
51) Infinite loop (CVE-ID: CVE-2023-54121)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to infinite loop within the btrfs_drop_extent_map_range() function in fs/btrfs/extent_map.c. A local user can perform a denial of service (DoS) attack.
52) Memory leak (CVE-ID: CVE-2023-54134)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the autofs4_catatonic_mode() function in fs/autofs4/waitq.c. A local user can perform a denial of service (DoS) attack.
53) Out-of-bounds read (CVE-ID: CVE-2023-54198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the tty_driver_lookup_tty() function in drivers/tty/tty_io.c. A local user can perform a denial of service (DoS) attack.
54) Use-after-free (CVE-ID: CVE-2023-54202)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the i915_perf_add_config_ioctl() function in drivers/gpu/drm/i915/i915_perf.c. A local user can escalate privileges on the system.
55) Use-after-free (CVE-ID: CVE-2023-54207)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the uclogic_input_configured() function in drivers/hid/hid-uclogic-core.c. A local user can escalate privileges on the system.
56) Race condition within a thread (CVE-ID: CVE-2023-54218)
The vulnerability allows a local user to corrupt data.
The vulnerability exists due to a data race within the include/net/sock.h. A local user can corrupt data.
57) Memory leak (CVE-ID: CVE-2023-54230)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the amba_device_release() function in drivers/amba/bus.c. A local user can perform a denial of service (DoS) attack.
58) Use-after-free (CVE-ID: CVE-2023-54243)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the __do_replace() function in net/ipv6/netfilter/ip6_tables.c. A local user can escalate privileges on the system.
59) Use of uninitialized resource (CVE-ID: CVE-2023-54265)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __ip6_make_skb() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
60) NULL pointer dereference (CVE-ID: CVE-2023-54274)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the srpt_format_guid() and srpt_refresh_port() functions in drivers/infiniband/ulp/srpt/ib_srpt.c. A local user can perform a denial of service (DoS) attack.
61) Buffer overflow (CVE-ID: CVE-2023-54282)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the qt1010_init() function in drivers/media/tuners/qt1010.c. A local user can escalate privileges on the system.
62) NULL pointer dereference (CVE-ID: CVE-2023-54287)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the imx_uart_probe() function in drivers/tty/serial/imx.c. A local user can perform a denial of service (DoS) attack.
63) Improper locking (CVE-ID: CVE-2023-54311)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_finish_convert_inline_dir() and ext4_convert_inline_data_nolock() functions in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
64) NULL pointer dereference (CVE-ID: CVE-2023-54321)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the device_add() function in drivers/base/core.c. A local user can perform a denial of service (DoS) attack.
65) Race condition (CVE-ID: CVE-2024-26832)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a race condition within the zswap_writeback_entry() function in mm/zswap.c. A local user can escalate privileges on the system.
66) Information disclosure (CVE-ID: CVE-2024-26935)
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists due to information disclosure within the scsi_host_dev_release() function in drivers/scsi/hosts.c. A local user can gain access to sensitive information.
67) Use of uninitialized resource (CVE-ID: CVE-2024-36903)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the __ip6_make_skb() function in net/ipv6/ip6_output.c. A local user can perform a denial of service (DoS) attack.
68) Resource management error (CVE-ID: CVE-2024-41007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_rtx_probe0_timed_out() function in net/ipv4/tcp_timer.c. A local user can perform a denial of service (DoS) attack.
69) Improper error handling (CVE-ID: CVE-2024-50040)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the igb_io_resume() function in drivers/net/ethernet/intel/igb/igb_main.c. A local user can perform a denial of service (DoS) attack.
70) Input validation error (CVE-ID: CVE-2024-56690)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the pcrypt_aead_encrypt() and pcrypt_aead_decrypt() functions in crypto/pcrypt.c. A local user can perform a denial of service (DoS) attack.
71) NULL pointer dereference (CVE-ID: CVE-2024-58020)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the mt_input_configured() function in drivers/hid/hid-multitouch.c. A local user can perform a denial of service (DoS) attack.
72) Improper locking (CVE-ID: CVE-2025-21681)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the do_output() function in net/openvswitch/actions.c. A local user can perform a denial of service (DoS) attack.
73) Use-after-free (CVE-ID: CVE-2025-37913)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the cl_is_active() and qfq_enqueue() functions in net/sched/sch_qfq.c. A local user can escalate privileges on the system.
74) NULL pointer dereference (CVE-ID: CVE-2025-38007)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the uclogic_input_configured() function in drivers/hid/hid-uclogic-core.c. A local user can perform a denial of service (DoS) attack.
75) Improper locking (CVE-ID: CVE-2025-38539)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the __register_event() and __trace_add_event_dirs() functions in kernel/trace/trace_events.c. A local user can perform a denial of service (DoS) attack.
76) Resource management error (CVE-ID: CVE-2025-38591)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the bpf_skb_is_valid_access(), sock_addr_is_valid_access(), sock_ops_is_valid_access(), sk_msg_is_valid_access() and sk_lookup_is_valid_access() functions in net/core/filter.c, within the cg_sockopt_is_valid_access() function in kernel/bpf/cgroup.c. A local user can perform a denial of service (DoS) attack.
77) NULL pointer dereference (CVE-ID: CVE-2025-38602)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the iwl_bg_restart(), iwl_setup_deferred_work(), iwl_op_mode_dvm_start() and iwl_cancel_deferred_work() functions in drivers/net/wireless/intel/iwlwifi/dvm/main.c. A local user can perform a denial of service (DoS) attack.
78) Use-after-free (CVE-ID: CVE-2025-38656)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the iwl_op_mode_dvm_start() function in drivers/net/wireless/intel/iwlwifi/dvm/main.c. A local user can escalate privileges on the system.
79) Use-after-free (CVE-ID: CVE-2025-39689)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the ftrace_regex_open() and ftrace_regex_release() functions in kernel/trace/ftrace.c. A local user can escalate privileges on the system.
80) Resource management error (CVE-ID: CVE-2025-39813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ftrace_dump() function in kernel/trace/trace.c. A local user can perform a denial of service (DoS) attack.
81) Resource management error (CVE-ID: CVE-2025-39829)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the register_ftrace_graph() function in kernel/trace/fgraph.c. A local user can perform a denial of service (DoS) attack.
82) Resource management error (CVE-ID: CVE-2025-39913)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the tcp_bpf_send_verdict() function in net/ipv4/tcp_bpf.c. A local user can perform a denial of service (DoS) attack.
83) Resource management error (CVE-ID: CVE-2025-40087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the nfsd4_ff_proc_getdeviceinfo() function in fs/nfsd/flexfilelayout.c. A local user can perform a denial of service (DoS) attack.
84) Out-of-bounds read (CVE-ID: CVE-2025-40088)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hfsplus_strcasecmp() and hfsplus_strcmp() functions in fs/hfsplus/unicode.c. A local user can perform a denial of service (DoS) attack.
85) Double free (CVE-ID: CVE-2025-40115)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to a double free error within the mpt3sas_transport_port_remove() function in drivers/scsi/mpt3sas/mpt3sas_transport.c. A local user can perform a denial of service (DoS) attack.
86) Out-of-bounds read (CVE-ID: CVE-2025-40198)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the parse_apply_sb_mount_options() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
87) Input validation error (CVE-ID: CVE-2025-40259)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the sg_remove_sfp_usercontext() function in drivers/scsi/sg.c. A local user can perform a denial of service (DoS) attack.
88) Improper locking (CVE-ID: CVE-2025-40261)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the nvme_fc_delete_ctrl() function in drivers/nvme/host/fc.c. A local user can perform a denial of service (DoS) attack.
89) NULL pointer dereference (CVE-ID: CVE-2025-40264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the be_xmit_flush(), be_send_pkt_to_bmc() and be_xmit() functions in drivers/net/ethernet/emulex/benet/be_main.c. A local user can perform a denial of service (DoS) attack.
90) Use-after-free (CVE-ID: CVE-2025-40271)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the pde_put(), remove_proc_entry() and remove_proc_subtree() functions in fs/proc/generic.c. A local user can escalate privileges on the system.
91) Use-after-free (CVE-ID: CVE-2025-40323)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the include/linux/fbcon.h. A local user can escalate privileges on the system.
92) Input validation error (CVE-ID: CVE-2025-40339)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the amdgpu_amdkfd_gpuvm_restore_process_bos() function in drivers/gpu/drm/amd/amdgpu/amdgpu_amdkfd_gpuvm.c. A local user can perform a denial of service (DoS) attack.
93) Out-of-bounds read (CVE-ID: CVE-2025-40345)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the sddr55_write_data() function in drivers/usb/storage/sddr55.c. A local user can perform a denial of service (DoS) attack.
94) Resource management error (CVE-ID: CVE-2025-40363)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the ah6_output_done() and ah6_output() functions in net/ipv6/ah6.c. A local user can perform a denial of service (DoS) attack.
95) Use-after-free (CVE-ID: CVE-2025-68188)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the tcp_fastopen_active_disable_ofo_check() function in net/ipv4/tcp_fastopen.c. A local user can escalate privileges on the system.
96) NULL pointer dereference (CVE-ID: CVE-2025-68190)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the amdgpu_atom_execute_table_locked() function in drivers/gpu/drm/amd/amdgpu/atom.c. A local user can perform a denial of service (DoS) attack.
97) Input validation error (CVE-ID: CVE-2025-68192)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the qmimux_rx_fixup() function in drivers/net/usb/qmi_wwan.c. A local user can perform a denial of service (DoS) attack.
98) Memory leak (CVE-ID: CVE-2025-68241)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the fnhe_remove_oldest() function in net/ipv4/route.c. A local user can perform a denial of service (DoS) attack.
99) Memory leak (CVE-ID: CVE-2025-68245)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the __netpoll_cleanup() function in net/core/netpoll.c. A local user can perform a denial of service (DoS) attack.
100) Reachable assertion (CVE-ID: CVE-2025-68261)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the ext4_destroy_inline_data_nolock() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
101) Improper locking (CVE-ID: CVE-2025-68264)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the ext4_prepare_inline_data() function in fs/ext4/inline.c. A local user can perform a denial of service (DoS) attack.
102) NULL pointer dereference (CVE-ID: CVE-2025-68286)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the dc_stream_get_scanoutpos() function in drivers/gpu/drm/amd/display/dc/core/dc_stream.c. A local user can perform a denial of service (DoS) attack.
103) Out-of-bounds read (CVE-ID: CVE-2025-68296)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the fbcon_fb_unregistered() and do_fb_registered() functions in drivers/video/fbdev/core/fbcon.c. A local user can perform a denial of service (DoS) attack.
104) Buffer overflow (CVE-ID: CVE-2025-68303)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the intel_punit_ipc_probe() function in drivers/platform/x86/intel/punit_ipc.c. A local user can escalate privileges on the system.
105) Use-after-free (CVE-ID: CVE-2025-68305)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the hci_sock_bind() function in net/bluetooth/hci_sock.c. A local user can escalate privileges on the system.
106) Resource management error (CVE-ID: CVE-2025-68312)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the function in drivers/net/usb/usbnet.c. A local user can perform a denial of service (DoS) attack.
107) Reachable assertion (CVE-ID: CVE-2025-68337)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to reachable assertion within the jbd2_journal_get_create_access() function in fs/jbd2/transaction.c. A local user can perform a denial of service (DoS) attack.
108) Buffer overflow (CVE-ID: CVE-2025-68349)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the pnfs_mark_layout_stateid_invalid() function in fs/nfs/pnfs.c. A local user can perform a denial of service (DoS) attack.
109) Use-after-free (CVE-ID: CVE-2025-68354)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the regulator_supply_alias(), regulator_register_supply_alias() and regulator_unregister_supply_alias() functions in drivers/regulator/core.c. A local user can escalate privileges on the system.
110) Integer underflow (CVE-ID: CVE-2025-68362)
The vulnerability allows a local user to execute arbitrary code.
The vulnerability exists due to integer underflow within the rtl8187_rx_cb() function in drivers/net/wireless/realtek/rtl818x/rtl8187/dev.c. A local user can execute arbitrary code.
111) Use-after-free (CVE-ID: CVE-2025-68366)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the nbd_genl_connect() function in drivers/block/nbd.c. A local user can escalate privileges on the system.
112) Improper locking (CVE-ID: CVE-2025-68367)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the mac_hid_toggle_emumouse() function in drivers/macintosh/mac_hid.c. A local user can perform a denial of service (DoS) attack.
113) Use-after-free (CVE-ID: CVE-2025-68372)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the recv_work() function in drivers/block/nbd.c. A local user can escalate privileges on the system.
114) NULL pointer dereference (CVE-ID: CVE-2025-68379)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the rxe_srq_from_attr() function in drivers/infiniband/sw/rxe/rxe_srq.c. A local user can perform a denial of service (DoS) attack.
115) Improper error handling (CVE-ID: CVE-2025-68740)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ima_match_rules() function in security/integrity/ima/ima_policy.c. A local user can perform a denial of service (DoS) attack.
116) Improper locking (CVE-ID: CVE-2025-68757)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper locking within the vgem_fence_create() function in drivers/gpu/drm/vgem/vgem_fence.c. A local user can perform a denial of service (DoS) attack.
117) Improper privilege management (CVE-ID: CVE-2025-68767)
The vulnerability allows a local user to read and manipulate data.
The vulnerability exists due to improperly imposed permissions within the hfsplus_get_perms() and hfsplus_cat_read_inode() functions in fs/hfsplus/inode.c. A local user can read and manipulate data.
118) Improper error handling (CVE-ID: CVE-2025-68771)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ocfs2_claim_suballoc_bits() function in fs/ocfs2/suballoc.c. A local user can perform a denial of service (DoS) attack.
119) Incorrect calculation (CVE-ID: CVE-2025-68774)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to incorrect calculation within the __hfs_bnode_create() function in fs/hfsplus/bnode.c. A local user can perform a denial of service (DoS) attack.
120) Input validation error (CVE-ID: CVE-2025-68783)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the get_meter_levels_from_urb() function in sound/usb/mixer_us16x08.c. A local user can perform a denial of service (DoS) attack.
121) Input validation error (CVE-ID: CVE-2025-68788)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the __fsnotify_parent() function in fs/notify/fsnotify.c. A local user can perform a denial of service (DoS) attack.
122) Buffer overflow (CVE-ID: CVE-2025-68795)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the ethtool_get_strings(), ethtool_get_stats(), ethtool_get_phy_stats_phydev(), ethtool_get_phy_stats_ethtool() and ethtool_get_phy_stats() functions in net/ethtool/ioctl.c. A local user can perform a denial of service (DoS) attack.
123) NULL pointer dereference (CVE-ID: CVE-2025-68797)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ac_ioctl() function in drivers/char/applicom.c. A local user can perform a denial of service (DoS) attack.
124) NULL pointer dereference (CVE-ID: CVE-2025-68813)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the __ip_vs_get_out_rt() function in net/netfilter/ipvs/ip_vs_xmit.c. A local user can perform a denial of service (DoS) attack.
125) Input validation error (CVE-ID: CVE-2025-68816)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the drivers/net/ethernet/mellanox/mlx5/core/diag/fw_tracer.h. A local user can perform a denial of service (DoS) attack.
126) Use of uninitialized resource (CVE-ID: CVE-2025-71064)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to use of uninitialized resource within the hclgevf_knic_setup() function in drivers/net/ethernet/hisilicon/hns3/hns3vf/hclgevf_main.c. A local user can perform a denial of service (DoS) attack.
127) Use-after-free (CVE-ID: CVE-2025-71082)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the btusb_probe() and btusb_disconnect() functions in drivers/bluetooth/btusb.c. A local user can escalate privileges on the system.
128) Resource management error (CVE-ID: CVE-2025-71085)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the calipso_skbuff_setattr() function in net/ipv6/calipso.c. A local user can perform a denial of service (DoS) attack.
129) Off-by-one (CVE-ID: CVE-2025-71087)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an off-by-one error within the iavf_config_rss_reg() function in drivers/net/ethernet/intel/iavf/iavf_main.c. A local user can perform a denial of service (DoS) attack.
130) Improper error handling (CVE-ID: CVE-2025-71091)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the __team_queue_override_enabled_check() function in drivers/net/team/team_core.c. A local user can perform a denial of service (DoS) attack.
131) Buffer overflow (CVE-ID: CVE-2025-71093)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to memory corruption within the e1000_tbi_should_accept() function in drivers/net/ethernet/intel/e1000/e1000_main.c. A local user can escalate privileges on the system.
132) NULL pointer dereference (CVE-ID: CVE-2025-71096)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the ib_nl_handle_ip_res_resp() function in drivers/infiniband/core/addr.c. A local user can perform a denial of service (DoS) attack.
133) Improper error handling (CVE-ID: CVE-2025-71098)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ip6gre_header() function in net/ipv6/ip6_gre.c. A local user can perform a denial of service (DoS) attack.
134) Input validation error (CVE-ID: CVE-2025-71108)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the ucsi_init() function in drivers/usb/typec/ucsi/ucsi.c. A local user can perform a denial of service (DoS) attack.
135) Out-of-bounds read (CVE-ID: CVE-2025-71112)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to an out-of-bounds read error within the hclge_set_vlan_filter() function in drivers/net/ethernet/hisilicon/hns3/hns3pf/hclge_main.c. A local user can perform a denial of service (DoS) attack.
136) Resource management error (CVE-ID: CVE-2025-71119)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to resource management error within the kexec_prepare_cpus_wait() and wake_offline_cpus() functions in arch/powerpc/kexec/core_64.c. A local user can perform a denial of service (DoS) attack.
137) NULL pointer dereference (CVE-ID: CVE-2025-71120)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the gss_read_proxy_verf() function in net/sunrpc/auth_gss/svcauth_gss.c. A local user can perform a denial of service (DoS) attack.
138) Memory leak (CVE-ID: CVE-2025-71123)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory leak within the parse_apply_sb_mount_options() function in fs/ext4/super.c. A local user can perform a denial of service (DoS) attack.
139) NULL pointer dereference (CVE-ID: CVE-2026-22976)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to NULL pointer dereference within the qfq_reset_qdisc() function in net/sched/sch_qfq.c. A local user can perform a denial of service (DoS) attack.
140) Buffer overflow (CVE-ID: CVE-2026-22978)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to memory corruption within the compat_private_call() function in net/wireless/wext-priv.c. A local user can perform a denial of service (DoS) attack.
141) Input validation error (CVE-ID: CVE-2026-22988)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper input validation within the arp_create() function in net/ipv4/arp.c. A local user can perform a denial of service (DoS) attack.
142) Use-after-free (CVE-ID: CVE-2026-22999)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the qfq_change_class() function in net/sched/sch_qfq.c. A local user can escalate privileges on the system.
143) Use-after-free (CVE-ID: CVE-2026-23001)
The vulnerability allows a local user to escalate privileges on the system.
The vulnerability exists due to a use-after-free error within the macvlan_hash_lookup_source(), macvlan_hash_add_source(), macvlan_hash_add(), macvlan_flush_sources(), macvlan_forward_source() and macvlan_fill_info_macaddr() functions in drivers/net/macvlan.c. A local user can escalate privileges on the system.
144) Improper error handling (CVE-ID: CVE-2026-23011)
The vulnerability allows a local user to perform a denial of service (DoS) attack.
The vulnerability exists due to improper error handling within the ipgre_header() function in net/ipv4/ip_gre.c. A local user can perform a denial of service (DoS) attack.
Remediation
Install update from vendor's website.