kgraft-patch-SLE12-SP5_Update_84 (SUSE:Linux Enterprise Live Patching 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 12 SP5 package kgraft-patch-SLE12-SP5_Update_84, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (84)
CVE-2026-43037 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the…
CVE-2026-43414 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Completely fix fcport double free In…
CVE-2026-31668 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: seg6: separate dst_cache for input and output paths in seg6 lwtunnel…
CVE-2026-43038 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko…
CVE-2026-31405 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: media: dvb-net: fix OOB access in ULE extension header tables The…
CVE-2026-43198 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: tcp: fix potential race in tcp_v6_syn_recv_sock() Code in…
CVE-2026-46043 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Validate pad and ICRC before payload_size() in rxe_rcv…
CVE-2026-43407 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: libceph: Fix potential out-of-bounds access in ceph_handle_auth_reply()…
CVE-2026-43503 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: skbuff: propagate shared-frag marker through frag-transfer helpers…
CVE-2026-31629 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: nfc: llcp: add missing return after LLCP_CLOSED checks In…
CVE-2026-31588 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Use scratch field in MMIO fragment to hold small write values…
CVE-2026-46113 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The…
CVE-2026-43187 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfs: delete attr leaf freemap entries when empty Back in commit…
CVE-2026-43158 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592…
CVE-2026-46273 — CVSS 8.6 (high): In the Linux kernel, the following vulnerability has been resolved: ibmveth: Disable GSO for packets with small MSS Some physical adapters…
CVE-2026-45843 — CVSS 8.2 (high): In the Linux kernel, the following vulnerability has been resolved: slip: bound decode() reads against the compressed packet length…
CVE-2026-31464 — CVSS 8.1 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: ibmvfc: Fix OOB access in ibmvfc_discover_targets_done() A…
CVE-2026-31500 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: serialize btintel_hw_error() with hci_req_sync_lock…
CVE-2026-23271 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race…
CVE-2026-23444 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: always free skb on ieee80211_tx_prepare_skb() failure…
CVE-2026-23448 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc_ncm: add ndpoffset to NDP16 nframes bounds check…
CVE-2026-31447 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ext4: reject mount if bigalloc with s_first_data_block != 0 bigalloc…
CVE-2026-31452 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ext4: convert inline data to extents when truncate exceeds inline size…
CVE-2026-31469 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: virtio_net: Fix UAF on dst_ops when IFF_XMIT_DST_RELEASE is cleared and…
CVE-2026-31516 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policy_hthresh.work from racing with netns teardown A…
CVE-2026-31532 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: raw: fix ro->uniq use-after-free in raw_rcv() raw_release()…
CVE-2026-31673 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: af_unix: read UNIX_DIAG_VFS data under unix_state_lock Exact UNIX diag…
CVE-2026-31678 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: openvswitch: defer tunnel netdev_put to RCU release…
CVE-2026-31759 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix double free in ulpi_register_interface() error path When…
CVE-2026-43020 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate LTK enc_size on load Load Long Term Keys…
CVE-2026-43206 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix out-of-bounds write in kfd_event_page_set() The…
CVE-2026-43339 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent possible UaF in addrconf_permanent_addr() The mentioned…
CVE-2026-43499 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter()…
CVE-2026-45852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxe_srq_from_init In rxe_srq_from_init()…
CVE-2026-45970 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlb_arp_recv during bond up/down The ALB RX…
CVE-2026-46090 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop…
CVE-2026-46116 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrm_state lists in __xfrm_state_delete KASAN…
CVE-2026-46157 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix data race at accessing runtime.oss.trigger…
CVE-2026-46181 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out…
CVE-2026-46259 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: procfs: fix missing RCU protection when reading real_parent in…
CVE-2026-46024 — CVSS 7.5 (high): In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in ceph_handle_auth_reply()…
CVE-2026-43028 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: ensure names are nul-terminated Reject names that…
CVE-2026-46150 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events…
CVE-2026-31778 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: caiaq: fix stack out-of-bounds read in init_card The loop creates…
CVE-2026-43052 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check tdls flag in ieee80211_tdls_oper When…
CVE-2026-31674 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_rt: reject oversized addrnr in rt_mt6_check() Reject rt…
CVE-2026-43040 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net: ipv6: ndisc: fix ndisc_ra_useropt to initialize nduseropt_padX…
CVE-2026-3150 — CVSS 6.3 (medium): A security vulnerability has been detected in itsourcecode College Management System 1.0. This affects an unknown part of the file…
CVE-2026-43338 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: reserve enough transaction items for qgroup ioctls Currently our…
CVE-2026-46169 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix uninit-value by validating catalog record size Syzbot…
CVE-2026-43359 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort on set received ioctl due to item overflow…
CVE-2026-43361 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix transaction abort when snapshotting received subvolumes…
CVE-2026-23396 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL deref in mesh_matches_local()…
CVE-2026-43413 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Fix NULL pointer exception during user_scan()…
CVE-2026-23367 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: radiotap: reject radiotap with unknown bits The radiotap parser…
CVE-2026-23303 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: smb: client: Don't log plaintext credentials in cifs_set_cifscreds When…
CVE-2026-45835 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref in l2cap_sock_new_connection_cb()…
CVE-2026-45841 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix divide-by-zero in OSF_WSS_MODULO…
CVE-2026-45842 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: slip: reject VJ receive packets on instances with no rstate array…
CVE-2026-23279 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix NULL pointer dereference in mesh_rx_csa_frame() In…
CVE-2026-45870 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: SUNRPC: auth_gss: fix memory leaks in XDR decoding error paths The…
CVE-2026-45983 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: nfsd: never defer requests during idmap lookup During v4 request…
CVE-2026-31590 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: KVM: SEV: Drop WARN on large size for KVM_MEMORY_ENCRYPT_REG_REGION…
CVE-2026-31596 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ocfs2: handle invalid dinode in ocfs2_group_extend [BUG] kernel BUG at…
CVE-2026-31546 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix NULL deref in bond_debug_rlb_hash_show…
CVE-2026-31664 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: xfrm: clear trailing padding in build_polexpire() build_expire() clears…
CVE-2026-31540 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Check set_default_submission() before deferencing When the…
CVE-2026-31671 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: xfrm_user: fix info leak in build_report() struct xfrm_user_report is a…
CVE-2026-46021 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix thermal zone governor cleanup issues If…
CVE-2026-43026 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: zero expect NAT fields when CTA_EXPECT_NAT absent…
CVE-2026-31515 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: af_key: validate families in pfkey_send_migrate() syzbot was able to…
CVE-2026-43077 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Fix minimum RX size check for decryption The check…
CVE-2026-43140 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: Do not crash on missing msc->input Fake USB devices…
CVE-2026-31498 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix ERTM re-init and zero pdu_len infinite loop…
CVE-2026-31421 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The…
CVE-2026-31415 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported…
CVE-2026-43234 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: team: avoid NETDEV_CHANGEMTU event when unregistering slave syzbot is…
CVE-2026-46160 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix missing last_unlink_trans update when removing a directory…
CVE-2026-43024 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: reject immediate NF_QUEUE verdict nft_queue is…
CVE-2026-46159 — CVSS 4.7 (medium): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix btrfs_ioctl_space_info() slot_count TOCTOU which can lead to…
CVE-2025-40253: In the Linux kernel, the following vulnerability has been resolved: s390/ctcm: Fix double-kfree The function 'mpc_rcvd_sweep_req(mpcginfo)'…
CVE-2025-68324: In the Linux kernel, the following vulnerability has been resolved: scsi: imm: Fix use-after-free bug caused by unfinished delayed work The…
CVE-2025-68822: In the Linux kernel, the following vulnerability has been resolved: Input: alps - fix use-after-free bugs caused by dev3_register_work The…