Vulnerability-Lookup

CVE-2026-23243 (GCVE-0-2026-23243)

Vulnerability from cvelistv5 – Published: 2026-03-18 10:05 – Updated: 2026-06-17 17:47

Title

RDMA/umad: Reject negative data_len in ib_umad_write

Summary

In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write computes data_len from user-controlled count and the MAD header sizes. With a mismatched user MAD header size and RMPP header length, data_len can become negative and reach ib_create_send_mad(). This can make the padding calculation exceed the segment size and trigger an out-of-bounds memset in alloc_send_rmpp_list(). Add an explicit check to reject negative data_len before creating the send buffer. KASAN splat: [ 211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0 [ 211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102 [ 211.365867] ib_create_send_mad+0xa01/0x11b0 [ 211.365887] ib_umad_write+0x853/0x1c80

Severity

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

SSVC

Exploitation: none Automatable: no Technical Impact: total

CISA Coordinator (v2.0.3)

Assigner

Linux

References

8 references

URL	Tags
https://git.kernel.org/stable/c/1371ef6b1ecf3676b…
https://git.kernel.org/stable/c/362e45fd9069ffa15…
https://git.kernel.org/stable/c/6eb2919474ca105c5…
https://git.kernel.org/stable/c/a6a3e4af10993cb9e…
https://git.kernel.org/stable/c/9c80d688f402539df…
https://git.kernel.org/stable/c/205955f29c26330b1…
https://git.kernel.org/stable/c/52ab82cc5cf8ada5c…
https://git.kernel.org/stable/c/5551b02fdbfd85a32…

Impacted products

2 products

Vendor	Product	Version
Linux	Linux	Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 1371ef6b1ecf3676b8942f5dfb3634fb0648128e (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 362e45fd9069ffa1523f9f1633b606ebf72060d7 (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 6eb2919474ca105c5b13d19574e25f0ddcf19ca2 (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 9c80d688f402539dfc8f336de1380d6b4ee14316 (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 205955f29c26330b1dc7fdeadd5bb97c38e26f56 (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b (git) Affected: 2be8e3ee8efd6f99ce454115c29d09750915021a , < 5551b02fdbfd85a325bb857f3a8f9c9f33397ed2 (git)
Linux	Linux	Affected: 2.6.24 Unaffected: 0 , < 2.6.24 (semver) Unaffected: 5.10.252 , ≤ 5.10.* (semver) Unaffected: 5.15.202 , ≤ 5.15.* (semver) Unaffected: 6.1.165 , ≤ 6.1.* (semver) Unaffected: 6.6.128 , ≤ 6.6.* (semver) Unaffected: 6.12.75 , ≤ 6.12.* (semver) Unaffected: 6.18.14 , ≤ 6.18.* (semver) Unaffected: 6.19.4 , ≤ 6.19.* (semver) Unaffected: 7.0 , ≤ * (original_commit_for_fix)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2026-23243",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2026-06-17T17:47:24.163717Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2026-06-17T17:47:33.620Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/core/user_mad.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "lessThan": "1371ef6b1ecf3676b8942f5dfb3634fb0648128e",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "362e45fd9069ffa1523f9f1633b606ebf72060d7",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "6eb2919474ca105c5b13d19574e25f0ddcf19ca2",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "9c80d688f402539dfc8f336de1380d6b4ee14316",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "205955f29c26330b1dc7fdeadd5bb97c38e26f56",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            },
            {
              "lessThan": "5551b02fdbfd85a325bb857f3a8f9c9f33397ed2",
              "status": "affected",
              "version": "2be8e3ee8efd6f99ce454115c29d09750915021a",
              "versionType": "git"
            }
          ]
        },
        {
          "defaultStatus": "affected",
          "product": "Linux",
          "programFiles": [
            "drivers/infiniband/core/user_mad.c"
          ],
          "repo": "https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git",
          "vendor": "Linux",
          "versions": [
            {
              "status": "affected",
              "version": "2.6.24"
            },
            {
              "lessThan": "2.6.24",
              "status": "unaffected",
              "version": "0",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.10.*",
              "status": "unaffected",
              "version": "5.10.252",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "5.15.*",
              "status": "unaffected",
              "version": "5.15.202",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.1.*",
              "status": "unaffected",
              "version": "6.1.165",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.6.*",
              "status": "unaffected",
              "version": "6.6.128",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.12.*",
              "status": "unaffected",
              "version": "6.12.75",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.18.*",
              "status": "unaffected",
              "version": "6.18.14",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "6.19.*",
              "status": "unaffected",
              "version": "6.19.4",
              "versionType": "semver"
            },
            {
              "lessThanOrEqual": "*",
              "status": "unaffected",
              "version": "7.0",
              "versionType": "original_commit_for_fix"
            }
          ]
        }
      ],
      "cpeApplicability": [
        {
          "nodes": [
            {
              "cpeMatch": [
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.10.252",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "5.15.202",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.1.165",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.6.128",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.12.75",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.18.14",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "6.19.4",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                },
                {
                  "criteria": "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                  "versionEndExcluding": "7.0",
                  "versionStartIncluding": "2.6.24",
                  "vulnerable": true
                }
              ],
              "negate": false,
              "operator": "OR"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umad: Reject negative data_len in ib_umad_write\n\nib_umad_write computes data_len from user-controlled count and the\nMAD header sizes. With a mismatched user MAD header size and RMPP\nheader length, data_len can become negative and reach ib_create_send_mad().\nThis can make the padding calculation exceed the segment size and trigger\nan out-of-bounds memset in alloc_send_rmpp_list().\n\nAdd an explicit check to reject negative data_len before creating the\nsend buffer.\n\nKASAN splat:\n[  211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\n[  211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\n[  211.365867] ib_create_send_mad+0xa01/0x11b0\n[  211.365887] ib_umad_write+0x853/0x1c80"
        }
      ],
      "metrics": [
        {
          "cvssV3_1": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          }
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2026-05-11T22:03:05.550Z",
        "orgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
        "shortName": "Linux"
      },
      "references": [
        {
          "url": "https://git.kernel.org/stable/c/1371ef6b1ecf3676b8942f5dfb3634fb0648128e"
        },
        {
          "url": "https://git.kernel.org/stable/c/362e45fd9069ffa1523f9f1633b606ebf72060d7"
        },
        {
          "url": "https://git.kernel.org/stable/c/6eb2919474ca105c5b13d19574e25f0ddcf19ca2"
        },
        {
          "url": "https://git.kernel.org/stable/c/a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d"
        },
        {
          "url": "https://git.kernel.org/stable/c/9c80d688f402539dfc8f336de1380d6b4ee14316"
        },
        {
          "url": "https://git.kernel.org/stable/c/205955f29c26330b1dc7fdeadd5bb97c38e26f56"
        },
        {
          "url": "https://git.kernel.org/stable/c/52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b"
        },
        {
          "url": "https://git.kernel.org/stable/c/5551b02fdbfd85a325bb857f3a8f9c9f33397ed2"
        }
      ],
      "title": "RDMA/umad: Reject negative data_len in ib_umad_write",
      "x_generator": {
        "engine": "bippy-1.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "416baaa9-dc9f-4396-8d5f-8c081fb06d67",
    "assignerShortName": "Linux",
    "cveId": "CVE-2026-23243",
    "datePublished": "2026-03-18T10:05:05.826Z",
    "dateReserved": "2026-01-13T15:37:45.989Z",
    "dateUpdated": "2026-06-17T17:47:33.620Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2026-23243",
      "date": "2026-06-21",
      "epss": "0.00125",
      "percentile": "0.02522"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2026-23243\",\"sourceIdentifier\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"published\":\"2026-03-18T11:16:16.090\",\"lastModified\":\"2026-05-21T15:52:23.883\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA/umad: Reject negative data_len in ib_umad_write\\n\\nib_umad_write computes data_len from user-controlled count and the\\nMAD header sizes. With a mismatched user MAD header size and RMPP\\nheader length, data_len can become negative and reach ib_create_send_mad().\\nThis can make the padding calculation exceed the segment size and trigger\\nan out-of-bounds memset in alloc_send_rmpp_list().\\n\\nAdd an explicit check to reject negative data_len before creating the\\nsend buffer.\\n\\nKASAN splat:\\n[  211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\\n[  211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\\n[  211.365867] ib_create_send_mad+0xa01/0x11b0\\n[  211.365887] ib_umad_write+0x853/0x1c80\"},{\"lang\":\"es\",\"value\":\"En el kernel de Linux, la siguiente vulnerabilidad ha sido resuelta:\\n\\nRDMA/umad: Rechazar data_len negativo en ib_umad_write\\n\\nib_umad_write calcula data_len a partir de un conteo controlado por el usuario y los tama\u00f1os de encabezado MAD. Con un tama\u00f1o de encabezado MAD de usuario no coincidente y una longitud de encabezado RMPP, data_len puede volverse negativo y alcanzar ib_create_send_mad(). Esto puede hacer que el c\u00e1lculo de relleno exceda el tama\u00f1o del segmento y desencadenar un memset fuera de l\u00edmites en alloc_send_rmpp_list().\\n\\nSe a\u00f1ade una verificaci\u00f3n expl\u00edcita para rechazar data_len negativo antes de crear el b\u00fafer de env\u00edo.\\n\\nKASAN splat:\\n[ 211.363464] ERROR: KASAN: slab-out-of-bounds en ib_create_send_mad+0xa01/0x11b0\\n[ 211.364077] Escritura de tama\u00f1o 220 en la direcci\u00f3n ffff88800c3fa1f8 por la tarea spray_thread/102\\n[ 211.365867] ib_create_send_mad+0xa01/0x11b0\\n[ 211.365887] ib_umad_write+0x853/0x1c80\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":7.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-787\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2.6.24.1\",\"versionEndExcluding\":\"5.10.252\",\"matchCriteriaId\":\"2373214A-3D90-42DB-82C4-E1879374793C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.11\",\"versionEndExcluding\":\"5.15.202\",\"matchCriteriaId\":\"4002FC2B-1456-4666-B240-0EBF590C4671\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"5.16\",\"versionEndExcluding\":\"6.1.165\",\"matchCriteriaId\":\"797C7F46-D0BE-4FB8-A502-C5EF8E6B6654\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.2\",\"versionEndExcluding\":\"6.6.128\",\"matchCriteriaId\":\"851E9353-6C09-4CC9-877E-E09DB164A3C2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.7\",\"versionEndExcluding\":\"6.12.75\",\"matchCriteriaId\":\"BCE16369-98ED-41CF-8995-DFDC10B288D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.13\",\"versionEndExcluding\":\"6.18.14\",\"matchCriteriaId\":\"BF463CB7-1F58-4607-B847-77ED23E4B9B7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"6.19\",\"versionEndExcluding\":\"6.19.4\",\"matchCriteriaId\":\"672A3E79-EC03-479D-8503-361DFBDC8092\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:linux:linux_kernel:2.6.24:-:*:*:*:*:*:*\",\"matchCriteriaId\":\"6F3E61F3-1CF1-4176-94CD-89A408BCFC96\"}]}]}],\"references\":[{\"url\":\"https://git.kernel.org/stable/c/1371ef6b1ecf3676b8942f5dfb3634fb0648128e\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/205955f29c26330b1dc7fdeadd5bb97c38e26f56\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/362e45fd9069ffa1523f9f1633b606ebf72060d7\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/5551b02fdbfd85a325bb857f3a8f9c9f33397ed2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/6eb2919474ca105c5b13d19574e25f0ddcf19ca2\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/9c80d688f402539dfc8f336de1380d6b4ee14316\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]},{\"url\":\"https://git.kernel.org/stable/c/a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d\",\"source\":\"416baaa9-dc9f-4396-8d5f-8c081fb06d67\",\"tags\":[\"Patch\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2026-23243\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2026-06-17T17:47:24.163717Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2026-06-17T17:47:29.147Z\"}}], \"cna\": {\"title\": \"RDMA/umad: Reject negative data_len in ib_umad_write\", \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 7.8, \"baseSeverity\": \"HIGH\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\"}}], \"affected\": [{\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"1371ef6b1ecf3676b8942f5dfb3634fb0648128e\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"362e45fd9069ffa1523f9f1633b606ebf72060d7\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"6eb2919474ca105c5b13d19574e25f0ddcf19ca2\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"9c80d688f402539dfc8f336de1380d6b4ee14316\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"205955f29c26330b1dc7fdeadd5bb97c38e26f56\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b\", \"versionType\": \"git\"}, {\"status\": \"affected\", \"version\": \"2be8e3ee8efd6f99ce454115c29d09750915021a\", \"lessThan\": \"5551b02fdbfd85a325bb857f3a8f9c9f33397ed2\", \"versionType\": \"git\"}], \"programFiles\": [\"drivers/infiniband/core/user_mad.c\"], \"defaultStatus\": \"unaffected\"}, {\"repo\": \"https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git\", \"vendor\": \"Linux\", \"product\": \"Linux\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.6.24\"}, {\"status\": \"unaffected\", \"version\": \"0\", \"lessThan\": \"2.6.24\", \"versionType\": \"semver\"}, {\"status\": \"unaffected\", \"version\": \"5.10.252\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.10.*\"}, {\"status\": \"unaffected\", \"version\": \"5.15.202\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"5.15.*\"}, {\"status\": \"unaffected\", \"version\": \"6.1.165\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.1.*\"}, {\"status\": \"unaffected\", \"version\": \"6.6.128\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.6.*\"}, {\"status\": \"unaffected\", \"version\": \"6.12.75\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.12.*\"}, {\"status\": \"unaffected\", \"version\": \"6.18.14\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.18.*\"}, {\"status\": \"unaffected\", \"version\": \"6.19.4\", \"versionType\": \"semver\", \"lessThanOrEqual\": \"6.19.*\"}, {\"status\": \"unaffected\", \"version\": \"7.0\", \"versionType\": \"original_commit_for_fix\", \"lessThanOrEqual\": \"*\"}], \"programFiles\": [\"drivers/infiniband/core/user_mad.c\"], \"defaultStatus\": \"affected\"}], \"references\": [{\"url\": \"https://git.kernel.org/stable/c/1371ef6b1ecf3676b8942f5dfb3634fb0648128e\"}, {\"url\": \"https://git.kernel.org/stable/c/362e45fd9069ffa1523f9f1633b606ebf72060d7\"}, {\"url\": \"https://git.kernel.org/stable/c/6eb2919474ca105c5b13d19574e25f0ddcf19ca2\"}, {\"url\": \"https://git.kernel.org/stable/c/a6a3e4af10993cb9e4b8f0548680aba0ab5f3b0d\"}, {\"url\": \"https://git.kernel.org/stable/c/9c80d688f402539dfc8f336de1380d6b4ee14316\"}, {\"url\": \"https://git.kernel.org/stable/c/205955f29c26330b1dc7fdeadd5bb97c38e26f56\"}, {\"url\": \"https://git.kernel.org/stable/c/52ab82cc5cf8ada5c3fb6ffe8f32fdb2fc27a34b\"}, {\"url\": \"https://git.kernel.org/stable/c/5551b02fdbfd85a325bb857f3a8f9c9f33397ed2\"}], \"x_generator\": {\"engine\": \"bippy-1.2.0\"}, \"descriptions\": [{\"lang\": \"en\", \"value\": \"In the Linux kernel, the following vulnerability has been resolved:\\n\\nRDMA/umad: Reject negative data_len in ib_umad_write\\n\\nib_umad_write computes data_len from user-controlled count and the\\nMAD header sizes. With a mismatched user MAD header size and RMPP\\nheader length, data_len can become negative and reach ib_create_send_mad().\\nThis can make the padding calculation exceed the segment size and trigger\\nan out-of-bounds memset in alloc_send_rmpp_list().\\n\\nAdd an explicit check to reject negative data_len before creating the\\nsend buffer.\\n\\nKASAN splat:\\n[  211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\\n[  211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\\n[  211.365867] ib_create_send_mad+0xa01/0x11b0\\n[  211.365887] ib_umad_write+0x853/0x1c80\"}], \"cpeApplicability\": [{\"nodes\": [{\"negate\": false, \"cpeMatch\": [{\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.10.252\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"5.15.202\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.1.165\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.6.128\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.12.75\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.18.14\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"6.19.4\", \"versionStartIncluding\": \"2.6.24\"}, {\"criteria\": \"cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*\", \"vulnerable\": true, \"versionEndExcluding\": \"7.0\", \"versionStartIncluding\": \"2.6.24\"}], \"operator\": \"OR\"}]}], \"providerMetadata\": {\"orgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"shortName\": \"Linux\", \"dateUpdated\": \"2026-05-11T22:03:05.550Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2026-23243\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2026-06-17T17:47:33.620Z\", \"dateReserved\": \"2026-01-13T15:37:45.989Z\", \"assignerOrgId\": \"416baaa9-dc9f-4396-8d5f-8c081fb06d67\", \"datePublished\": \"2026-03-18T10:05:05.826Z\", \"assignerShortName\": \"Linux\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }
  }
}

SUSE-SU-2026:22042-1

Vulnerability from csaf_suse - Published: 2026-06-02 18:39 - Updated: 2026-06-02 18:39

Summary

Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

Severity

Important

Notes

Title of the patch: Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)

Description of the patch: This update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues The following security issues were fixed: - CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096). - CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798). - CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908). - CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563). - CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224). - CVE-2026-46333: ptrace: slightly saner 'get_dumpable()' logic (bsc#1265384).

Patchnames: SUSE-SL-Micro-6.2-879

CVE-2025-54518

7.4 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-23243

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-23274

7 (High)


                        
                          CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-23317

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-46300

8.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

CVE-2026-46333

7.8 (High)


                        
                          CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Affected products

Recommended 3 products

Product	Version	Remediation
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x	—	Vendor Fix
Unresolved product id: SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64	—	Vendor Fix

Threats

Impact important

References

38 references

URL	Category
https://www.suse.com/support/security/rating/	external
https://ftp.suse.com/pub/projects/security/csaf/s…	self
https://www.suse.com/support/update/announcement/…	self
https://lists.suse.com/pipermail/sle-updates/2026…	self
https://bugzilla.suse.com/1259798	self
https://bugzilla.suse.com/1260563	self
https://bugzilla.suse.com/1260908	self
https://bugzilla.suse.com/1264096	self
https://bugzilla.suse.com/1265224	self
https://bugzilla.suse.com/1265384	self
https://www.suse.com/security/cve/CVE-2025-54518/	self
https://www.suse.com/security/cve/CVE-2026-23243/	self
https://www.suse.com/security/cve/CVE-2026-23274/	self
https://www.suse.com/security/cve/CVE-2026-23317/	self
https://www.suse.com/security/cve/CVE-2026-46300/	self
https://www.suse.com/security/cve/CVE-2026-46333/	self
https://www.suse.com/security/cve/CVE-2025-54518	external
https://bugzilla.suse.com/1264013	external
https://bugzilla.suse.com/1264066	external
https://bugzilla.suse.com/1264096	external
https://www.suse.com/security/cve/CVE-2026-23243	external
https://bugzilla.suse.com/1259797	external
https://bugzilla.suse.com/1259798	external
https://www.suse.com/security/cve/CVE-2026-23274	external
https://bugzilla.suse.com/1260005	external
https://bugzilla.suse.com/1260908	external
https://www.suse.com/security/cve/CVE-2026-23317	external
https://bugzilla.suse.com/1260562	external
https://bugzilla.suse.com/1260563	external
https://www.suse.com/security/cve/CVE-2026-46300	external
https://bugzilla.suse.com/1265209	external
https://bugzilla.suse.com/1265226	external
https://bugzilla.suse.com/1265312	external
https://bugzilla.suse.com/1265383	external
https://bugzilla.suse.com/1265960	external
https://www.suse.com/security/cve/CVE-2026-46333	external
https://bugzilla.suse.com/1265308	external
https://bugzilla.suse.com/1265384	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "namespace": "https://www.suse.com/support/security/rating/",
      "text": "important"
    },
    "category": "csaf_security_advisory",
    "csaf_version": "2.0",
    "distribution": {
      "text": "Copyright 2024 SUSE LLC. All rights reserved.",
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "en",
    "notes": [
      {
        "category": "summary",
        "text": "Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)",
        "title": "Title of the patch"
      },
      {
        "category": "description",
        "text": "\nThis update for the SUSE Linux Enterprise Kernel 6.12.0-160000.26.1 fixes various security issues\n\nThe following security issues were fixed:\n\n- CVE-2025-54518: AMD-SN-7052: CPU OP Cache Corruption (bsc#1264096).\n- CVE-2026-23243: RDMA/umad: Reject negative data_len in ib_umad_write (bsc#1259798).\n- CVE-2026-23274: netfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels (bsc#1260908).\n- CVE-2026-23317: drm/vmwgfx: Return the correct value in vmw_translate_ptr functions (bsc#1260563).\n- CVE-2026-46300: FragNesia attack: another xfrm/esp based local root exploit (bsc#1265224).\n- CVE-2026-46333: ptrace: slightly saner \u0027get_dumpable()\u0027 logic (bsc#1265384).\n",
        "title": "Description of the patch"
      },
      {
        "category": "details",
        "text": "SUSE-SL-Micro-6.2-879",
        "title": "Patchnames"
      },
      {
        "category": "legal_disclaimer",
        "text": "CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).",
        "title": "Terms of use"
      }
    ],
    "publisher": {
      "category": "vendor",
      "contact_details": "https://www.suse.com/support/security/contact/",
      "name": "SUSE Product Security Team",
      "namespace": "https://www.suse.com/"
    },
    "references": [
      {
        "category": "external",
        "summary": "SUSE ratings",
        "url": "https://www.suse.com/support/security/rating/"
      },
      {
        "category": "self",
        "summary": "URL of this CSAF notice",
        "url": "https://ftp.suse.com/pub/projects/security/csaf/suse-su-2026_22042-1.json"
      },
      {
        "category": "self",
        "summary": "URL for SUSE-SU-2026:22042-1",
        "url": "https://www.suse.com/support/update/announcement/2026/suse-su-202622042-1/"
      },
      {
        "category": "self",
        "summary": "E-Mail link for SUSE-SU-2026:22042-1",
        "url": "https://lists.suse.com/pipermail/sle-updates/2026-June/047209.html"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1259798",
        "url": "https://bugzilla.suse.com/1259798"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1260563",
        "url": "https://bugzilla.suse.com/1260563"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1260908",
        "url": "https://bugzilla.suse.com/1260908"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1264096",
        "url": "https://bugzilla.suse.com/1264096"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1265224",
        "url": "https://bugzilla.suse.com/1265224"
      },
      {
        "category": "self",
        "summary": "SUSE Bug 1265384",
        "url": "https://bugzilla.suse.com/1265384"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2025-54518 page",
        "url": "https://www.suse.com/security/cve/CVE-2025-54518/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23243 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23243/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23274 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23274/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-23317 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-23317/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-46300 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-46300/"
      },
      {
        "category": "self",
        "summary": "SUSE CVE CVE-2026-46333 page",
        "url": "https://www.suse.com/security/cve/CVE-2026-46333/"
      }
    ],
    "title": "Security update for the Linux Kernel (Live Patch 5 for SUSE Linux Enterprise 16)",
    "tracking": {
      "current_release_date": "2026-06-02T18:39:33Z",
      "generator": {
        "date": "2026-06-02T18:39:33Z",
        "engine": {
          "name": "cve-database.git:bin/generate-csaf.pl",
          "version": "1"
        }
      },
      "id": "SUSE-SU-2026:22042-1",
      "initial_release_date": "2026-06-02T18:39:33Z",
      "revision_history": [
        {
          "date": "2026-06-02T18:39:33Z",
          "number": "1",
          "summary": "Current version"
        }
      ],
      "status": "final",
      "version": "1"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
                  "product_id": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le"
                }
              }
            ],
            "category": "architecture",
            "name": "ppc64le"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
                  "product_id": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x"
                }
              }
            ],
            "category": "architecture",
            "name": "s390x"
          },
          {
            "branches": [
              {
                "category": "product_version",
                "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64",
                "product": {
                  "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64",
                  "product_id": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
                }
              }
            ],
            "category": "architecture",
            "name": "x86_64"
          },
          {
            "branches": [
              {
                "category": "product_name",
                "name": "SUSE Linux Micro 6.2",
                "product": {
                  "name": "SUSE Linux Micro 6.2",
                  "product_id": "SUSE Linux Micro 6.2",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:suse:sl-micro:6.2"
                  }
                }
              }
            ],
            "category": "product_family",
            "name": "SUSE Linux Enterprise"
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ],
    "relationships": [
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le as component of SUSE Linux Micro 6.2",
          "product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
        "relates_to_product_reference": "SUSE Linux Micro 6.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x as component of SUSE Linux Micro 6.2",
          "product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
        "relates_to_product_reference": "SUSE Linux Micro 6.2"
      },
      {
        "category": "default_component_of",
        "full_product_name": {
          "name": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64 as component of SUSE Linux Micro 6.2",
          "product_id": "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        },
        "product_reference": "kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64",
        "relates_to_product_reference": "SUSE Linux Micro 6.2"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-54518",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2025-54518"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "Improper isolation of shared resources within the CPU operation cache on Zen 2-based products could allow an attacker to corrupt instructions executed at a different privilege level, potentially resulting in privilege escalation.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2025-54518",
          "url": "https://www.suse.com/security/cve/CVE-2025-54518"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264013 for CVE-2025-54518",
          "url": "https://bugzilla.suse.com/1264013"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264066 for CVE-2025-54518",
          "url": "https://bugzilla.suse.com/1264066"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1264096 for CVE-2025-54518",
          "url": "https://bugzilla.suse.com/1264096"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.4,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2025-54518"
    },
    {
      "cve": "CVE-2026-23243",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23243"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nRDMA/umad: Reject negative data_len in ib_umad_write\n\nib_umad_write computes data_len from user-controlled count and the\nMAD header sizes. With a mismatched user MAD header size and RMPP\nheader length, data_len can become negative and reach ib_create_send_mad().\nThis can make the padding calculation exceed the segment size and trigger\nan out-of-bounds memset in alloc_send_rmpp_list().\n\nAdd an explicit check to reject negative data_len before creating the\nsend buffer.\n\nKASAN splat:\n[  211.363464] BUG: KASAN: slab-out-of-bounds in ib_create_send_mad+0xa01/0x11b0\n[  211.364077] Write of size 220 at addr ffff88800c3fa1f8 by task spray_thread/102\n[  211.365867] ib_create_send_mad+0xa01/0x11b0\n[  211.365887] ib_umad_write+0x853/0x1c80",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23243",
          "url": "https://www.suse.com/security/cve/CVE-2026-23243"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259797 for CVE-2026-23243",
          "url": "https://bugzilla.suse.com/1259797"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1259798 for CVE-2026-23243",
          "url": "https://bugzilla.suse.com/1259798"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23243"
    },
    {
      "cve": "CVE-2026-23274",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23274"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnetfilter: xt_IDLETIMER: reject rev0 reuse of ALARM timer labels\n\nIDLETIMER revision 0 rules reuse existing timers by label and always call\nmod_timer() on timer-\u003etimer.\n\nIf the label was created first by revision 1 with XT_IDLETIMER_ALARM,\nthe object uses alarm timer semantics and timer-\u003etimer is never initialized.\nReusing that object from revision 0 causes mod_timer() on an uninitialized\ntimer_list, triggering debugobjects warnings and possible panic when\npanic_on_warn=1.\n\nFix this by rejecting revision 0 rule insertion when an existing timer with\nthe same label is of ALARM type.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23274",
          "url": "https://www.suse.com/security/cve/CVE-2026-23274"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1260005 for CVE-2026-23274",
          "url": "https://bugzilla.suse.com/1260005"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1260908 for CVE-2026-23274",
          "url": "https://bugzilla.suse.com/1260908"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23274"
    },
    {
      "cve": "CVE-2026-23317",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-23317"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\ndrm/vmwgfx: Return the correct value in vmw_translate_ptr functions\n\nBefore the referenced fixes these functions used a lookup function that\nreturned a pointer. This was changed to another lookup function that\nreturned an error code with the pointer becoming an out parameter.\n\nThe error path when the lookup failed was not changed to reflect this\nchange and the code continued to return the PTR_ERR of the now\nuninitialized pointer. This could cause the vmw_translate_ptr functions\nto return success when they actually failed causing further uninitialized\nand OOB accesses.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-23317",
          "url": "https://www.suse.com/security/cve/CVE-2026-23317"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1260562 for CVE-2026-23317",
          "url": "https://bugzilla.suse.com/1260562"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1260563 for CVE-2026-23317",
          "url": "https://bugzilla.suse.com/1260563"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-23317"
    },
    {
      "cve": "CVE-2026-46300",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-46300"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nnet: skbuff: preserve shared-frag marker during coalescing\n\nskb_try_coalesce() can attach paged frags from @from to @to.  If @from\nhas SKBFL_SHARED_FRAG set, the resulting @to skb can contain the same\nexternally-owned or page-cache-backed frags, but the shared-frag marker\nis currently lost.\n\nThat breaks the invariant relied on by later in-place writers.  In\nparticular, ESP input checks skb_has_shared_frag() before deciding\nwhether an uncloned nonlinear skb can skip skb_cow_data().  If TCP\nreceive coalescing has moved shared frags into an unmarked skb, ESP can\nsee skb_has_shared_frag() as false and decrypt in place over page-cache\nbacked frags.\n\nPropagate SKBFL_SHARED_FRAG when skb_try_coalesce() transfers paged\nfrags.  The tailroom copy path does not need the marker because it copies\nbytes into @to\u0027s linear data rather than transferring frag descriptors.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-46300",
          "url": "https://www.suse.com/security/cve/CVE-2026-46300"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265209 for CVE-2026-46300",
          "url": "https://bugzilla.suse.com/1265209"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265226 for CVE-2026-46300",
          "url": "https://bugzilla.suse.com/1265226"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265312 for CVE-2026-46300",
          "url": "https://bugzilla.suse.com/1265312"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265383 for CVE-2026-46300",
          "url": "https://bugzilla.suse.com/1265383"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265960 for CVE-2026-46300",
          "url": "https://bugzilla.suse.com/1265960"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 8.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-46300"
    },
    {
      "cve": "CVE-2026-46333",
      "ids": [
        {
          "system_name": "SUSE CVE Page",
          "text": "https://www.suse.com/security/cve/CVE-2026-46333"
        }
      ],
      "notes": [
        {
          "category": "general",
          "text": "In the Linux kernel, the following vulnerability has been resolved:\n\nptrace: slightly saner \u0027get_dumpable()\u0027 logic\n\nThe \u0027dumpability\u0027 of a task is fundamentally about the memory image of\nthe task - the concept comes from whether it can core dump or not - and\nmakes no sense when you don\u0027t have an associated mm.\n\nAnd almost all users do in fact use it only for the case where the task\nhas a mm pointer.\n\nBut we have one odd special case: ptrace_may_access() uses \u0027dumpable\u0027 to\ncheck various other things entirely independently of the MM (typically\nexplicitly using flags like PTRACE_MODE_READ_FSCREDS).  Including for\nthreads that no longer have a VM (and maybe never did, like most kernel\nthreads).\n\nIt\u0027s not what this flag was designed for, but it is what it is.\n\nThe ptrace code does check that the uid/gid matches, so you do have to\nbe uid-0 to see kernel thread details, but this means that the\ntraditional \"drop capabilities\" model doesn\u0027t make any difference for\nthis all.\n\nMake it all make a *bit* more sense by saying that if you don\u0027t have a\nMM pointer, we\u0027ll use a cached \"last dumpability\" flag if the thread\never had a MM (it will be zero for kernel threads since it is never\nset), and require a proper CAP_SYS_PTRACE capability to override.",
          "title": "CVE description"
        }
      ],
      "product_status": {
        "recommended": [
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
          "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
        ]
      },
      "references": [
        {
          "category": "external",
          "summary": "CVE-2026-46333",
          "url": "https://www.suse.com/security/cve/CVE-2026-46333"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265308 for CVE-2026-46333",
          "url": "https://bugzilla.suse.com/1265308"
        },
        {
          "category": "external",
          "summary": "SUSE Bug 1265384 for CVE-2026-46333",
          "url": "https://bugzilla.suse.com/1265384"
        }
      ],
      "remediations": [
        {
          "category": "vendor_fix",
          "details": "To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or \"zypper patch\".\n",
          "product_ids": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "scores": [
        {
          "cvss_v3": {
            "baseScore": 7.8,
            "baseSeverity": "HIGH",
            "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          "products": [
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.ppc64le",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.s390x",
            "SUSE Linux Micro 6.2:kernel-livepatch-6_12_0-160000_26-default-6-160000.1.1.x86_64"
          ]
        }
      ],
      "threats": [
        {
          "category": "impact",
          "date": "2026-06-02T18:39:33Z",
          "details": "important"
        }
      ],
      "title": "CVE-2026-46333"
    }
  ]
}

WID-SEC-W-2026-0774

Vulnerability from csaf_certbund - Published: 2026-03-17 23:00 - Updated: 2026-06-16 22:00

Summary

Linux Kernel: Mehrere Schwachstellen

Severity

Hoch

Notes

Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.

Produktbeschreibung: Der Kernel stellt den Kern des Linux Betriebssystems dar.

Angriff: Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht näher spezifizierte Angriffe durchzuführen, die möglicherweise zu einer Denial-of-Service- Bedingung führen oder eine Speicherbeschädigung verursachen können.

Betroffene Betriebssysteme: - Linux

CVE-2025-71265

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2025-71266

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2025-71267

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23242

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23243

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23244

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23245

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23246

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23247

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

CVE-2026-23248

Affected products

Known affected 10 products

Product	Identifier	Version
Debian Linux Debian	`cpe:/o:debian:debian_linux:-`	—
SUSE Linux SUSE	`cpe:/o:suse:suse_linux:-`	—
Open Source Linux Kernel Open Source	`cpe:/o:linux:linux_kernel:-`	—
Red Hat Enterprise Linux Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:-`	—
SUSE openSUSE SUSE	`cpe:/o:suse:opensuse:-`	—
Amazon Linux 2 Amazon	`cpe:/o:amazon:linux_2:-`	—
Oracle Linux Oracle	`cpe:/o:oracle:linux:-`	—
Google Container-Optimized OS Google	`cpe:/o:google:container-optimized_os:-`	—
RESF Rocky Linux RESF	`cpe:/o:resf:rocky_linux:-`	—
Red Hat Enterprise Linux 9.2 Red Hat / Enterprise Linux	`cpe:/o:redhat:enterprise_linux:9.2`	9.2

References

152 references

URL	Category
https://wid.cert-bund.de/.well-known/csaf/white/2…	self
https://wid.cert-bund.de/portal/wid/securityadvis…	self
https://lore.kernel.org/linux-cve-announce/	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://lore.kernel.org/linux-cve-announce/202603…	external
https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-…	external
https://docs.cloud.google.com/container-optimized…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://lists.debian.org/debian-security-announce…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.debian.org/debian-security-announce…	external
https://access.redhat.com/errata/RHSA-2026:13936	external
https://access.redhat.com/errata/RHSA-2026:14339	external
https://access.redhat.com/errata/RHSA-2026:14137	external
https://access.redhat.com/errata/RHSA-2026:15883	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://linux.oracle.com/errata/ELSA-2026-50261.html	external
https://linux.oracle.com/errata/ELSA-2026-50260.html	external
https://access.redhat.com/errata/RHSA-2026:18134	external
https://access.redhat.com/errata/RHSA-2026:19521	external
https://access.redhat.com/errata/RHSA-2026:18587	external
https://access.redhat.com/errata/RHSA-2026:19875	external
https://access.redhat.com/errata/RHSA-2026:20593	external
https://access.redhat.com/errata/RHSA-2026:21209	external
https://access.redhat.com/errata/RHSA-2026:21706	external
https://access.redhat.com/errata/RHSA-2026:21745	external
https://lists.debian.org/debian-lts-announce/2026…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://linux.oracle.com/errata/ELSA-2026-21706.html	external
https://errata.build.resf.org/RLSA-2026:21706	external
https://errata.build.resf.org/RLSA-2026:21745	external
https://lists.opensuse.org/archives/list/security…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
http://linux.oracle.com/errata/ELSA-2026-50293.html	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://lists.suse.com/pipermail/sle-security-upd…	external
https://access.redhat.com/errata/RHSA-2026:26535	external

JSON

To clipboard

{
  "document": {
    "aggregate_severity": {
      "text": "hoch"
    },
    "category": "csaf_base",
    "csaf_version": "2.0",
    "distribution": {
      "tlp": {
        "label": "WHITE",
        "url": "https://www.first.org/tlp/"
      }
    },
    "lang": "de-DE",
    "notes": [
      {
        "category": "legal_disclaimer",
        "text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
      },
      {
        "category": "description",
        "text": "Der Kernel stellt den Kern des Linux Betriebssystems dar.",
        "title": "Produktbeschreibung"
      },
      {
        "category": "summary",
        "text": "Ein Angreifer kann mehrere Schwachstellen im Linux-Kernel ausnutzen, um nicht n\u00e4her spezifizierte Angriffe durchzuf\u00fchren, die m\u00f6glicherweise zu einer Denial-of-Service- Bedingung f\u00fchren oder eine Speicherbesch\u00e4digung verursachen k\u00f6nnen.",
        "title": "Angriff"
      },
      {
        "category": "general",
        "text": "- Linux",
        "title": "Betroffene Betriebssysteme"
      }
    ],
    "publisher": {
      "category": "other",
      "contact_details": "csaf-provider@cert-bund.de",
      "name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
      "namespace": "https://www.bsi.bund.de"
    },
    "references": [
      {
        "category": "self",
        "summary": "WID-SEC-W-2026-0774 - CSAF Version",
        "url": "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-0774.json"
      },
      {
        "category": "self",
        "summary": "WID-SEC-2026-0774 - Portal Version",
        "url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-0774"
      },
      {
        "category": "external",
        "summary": "Kernel CVE Announce Mailingliste",
        "url": "https://lore.kernel.org/linux-cve-announce/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71265",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031813-CVE-2025-71265-00ce@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71266",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71266-d35d@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2025-71267",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2025-71267-2a56@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23242",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23242-a8b5@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23243",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031816-CVE-2026-23243-b88e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23244",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23244-9738@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23245",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23245-ac26@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23246",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031817-CVE-2026-23246-d29e@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23247",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031818-CVE-2026-23247-07b3@gregkh/"
      },
      {
        "category": "external",
        "summary": "Linux Kernel CVE Announcement CVE-2026-23248",
        "url": "https://lore.kernel.org/linux-cve-announce/2026031818-CVE-2026-23248-d0e1@gregkh/"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.10-2026-115 vom 2026-04-01",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.10-2026-115.html"
      },
      {
        "category": "external",
        "summary": "Container-Optimized OS release notes vom 2026-04-14",
        "url": "https://docs.cloud.google.com/container-optimized-os/docs/release-notes#April_13_2026"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1342-1 vom 2026-04-15",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025348.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21123-1 vom 2026-04-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025421.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21129-1 vom 2026-04-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025416.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21131-1 vom 2026-04-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025414.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21114-1 vom 2026-04-17",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025429.html"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20572-1 vom 2026-04-21",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/STWYWECAV6YINBQYRNTOUWNIHBOUY3YT/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21230-1 vom 2026-04-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025560.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21237-1 vom 2026-04-22",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025557.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1557-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025570.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1574-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025600.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1575-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025599.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21255-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025583.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1563-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025575.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1573-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025596.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21241-1 vom 2026-04-23",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025595.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1606-1 vom 2026-04-24",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025614.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21352-1 vom 2026-04-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025751.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21361-1 vom 2026-04-28",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025743.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1643-1 vom 2026-04-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025762.html"
      },
      {
        "category": "external",
        "summary": "Amazon Linux Security Advisory ALAS2KERNEL-5.15-2026-100 vom 2026-04-30",
        "url": "https://alas.aws.amazon.com/AL2/ALAS2KERNEL-5.15-2026-100.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1668-1 vom 2026-05-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025791.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4561 vom 2026-05-02",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00005.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6243 vom 2026-05-04",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00154.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1661-1 vom 2026-04-30",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-April/025787.html"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DSA-6238 vom 2026-05-04",
        "url": "https://lists.debian.org/debian-security-announce/2026/msg00148.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:13936 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:13936"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14339 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14339"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:14137 vom 2026-05-06",
        "url": "https://access.redhat.com/errata/RHSA-2026:14137"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:15883 vom 2026-05-11",
        "url": "https://access.redhat.com/errata/RHSA-2026:15883"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:1777-1 vom 2026-05-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/025950.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50261 vom 2026-05-12",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50261.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50260 vom 2026-05-12",
        "url": "https://linux.oracle.com/errata/ELSA-2026-50260.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:18134 vom 2026-05-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:18134"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19521 vom 2026-05-20",
        "url": "https://access.redhat.com/errata/RHSA-2026:19521"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:18587 vom 2026-05-19",
        "url": "https://access.redhat.com/errata/RHSA-2026:18587"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:19875 vom 2026-05-21",
        "url": "https://access.redhat.com/errata/RHSA-2026:19875"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:20593 vom 2026-05-26",
        "url": "https://access.redhat.com/errata/RHSA-2026:20593"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21209 vom 2026-05-27",
        "url": "https://access.redhat.com/errata/RHSA-2026:21209"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21706 vom 2026-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2026:21706"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:21745 vom 2026-05-28",
        "url": "https://access.redhat.com/errata/RHSA-2026:21745"
      },
      {
        "category": "external",
        "summary": "Debian Security Advisory DLA-4606 vom 2026-05-29",
        "url": "https://lists.debian.org/debian-lts-announce/2026/05/msg00051.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21841-1 vom 2026-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026384.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-21706 vom 2026-05-29",
        "url": "https://linux.oracle.com/errata/ELSA-2026-21706.html"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21706 vom 2026-05-31",
        "url": "https://errata.build.resf.org/RLSA-2026:21706"
      },
      {
        "category": "external",
        "summary": "Rocky Linux Security Advisory RLSA-2026:21745 vom 2026-05-31",
        "url": "https://errata.build.resf.org/RLSA-2026:21745"
      },
      {
        "category": "external",
        "summary": "openSUSE Security Update OPENSUSE-SU-2026:20826-1 vom 2026-05-29",
        "url": "https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/7D6UU5UPSRF74AUKK2CVVWC3NKU2VIUP/"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21834-1 vom 2026-05-29",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-May/026381.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2168-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026400.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2134-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026411.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2176-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026398.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2178-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026399.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2137-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026408.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2148-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026407.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2141-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026406.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2149-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026405.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2153-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026404.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2159-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026402.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2131-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026410.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2158-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026403.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2172-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026401.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21845-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026437.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21860-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026426.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2199-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026420.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2189-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026413.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2181-1 vom 2026-06-01",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026414.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21903-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026490.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21919-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026475.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21934-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026460.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21928-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026466.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21927-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026467.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21877-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026514.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21939-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026455.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21926-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026468.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21908-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026485.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21904-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026489.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21940-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026454.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21916-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026478.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21892-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026500.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21889-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026503.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21910-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026483.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21866-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026524.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21935-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026459.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21921-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026473.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21933-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026461.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21905-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026488.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21876-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026515.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21868-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026522.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21922-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026472.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21901-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026492.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21925-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026469.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21900-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026493.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21937-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026457.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21890-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026502.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21932-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026462.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21891-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026501.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21894-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026498.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21923-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026471.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21936-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026458.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21930-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026464.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21906-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026487.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21924-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026470.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21907-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026486.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21896-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026496.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21888-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026504.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21887-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026505.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21886-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026506.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21938-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026456.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21947-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026447.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21942-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026452.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21902-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026491.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2217-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026441.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21929-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026465.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21893-1 vom 2026-06-02",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026499.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:2238-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026559.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21970-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026542.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21969-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026543.html"
      },
      {
        "category": "external",
        "summary": "Oracle Linux Security Advisory ELSA-2026-50293 vom 2026-06-04",
        "url": "http://linux.oracle.com/errata/ELSA-2026-50293.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21956-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026553.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21958-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026551.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21972-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026540.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21974-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026538.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21979-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026535.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21959-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026550.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21960-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026549.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21982-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026532.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21962-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026547.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21983-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026531.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:21963-1 vom 2026-06-03",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026546.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22040-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026612.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22031-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026621.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22038-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026614.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22033-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026619.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22035-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026617.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22039-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026613.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22030-1 vom 2026-06-08",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026622.html"
      },
      {
        "category": "external",
        "summary": "SUSE Security Update SUSE-SU-2026:22042-1 vom 2026-06-09",
        "url": "https://lists.suse.com/pipermail/sle-security-updates/2026-June/026664.html"
      },
      {
        "category": "external",
        "summary": "Red Hat Security Advisory RHSA-2026:26535 vom 2026-06-17",
        "url": "https://access.redhat.com/errata/RHSA-2026:26535"
      }
    ],
    "source_lang": "en-US",
    "title": "Linux Kernel: Mehrere Schwachstellen",
    "tracking": {
      "current_release_date": "2026-06-16T22:00:00.000+00:00",
      "generator": {
        "date": "2026-06-17T10:10:05.568+00:00",
        "engine": {
          "name": "BSI-WID",
          "version": "1.6.0"
        }
      },
      "id": "WID-SEC-W-2026-0774",
      "initial_release_date": "2026-03-17T23:00:00.000+00:00",
      "revision_history": [
        {
          "date": "2026-03-17T23:00:00.000+00:00",
          "number": "1",
          "summary": "Initiale Fassung"
        },
        {
          "date": "2026-03-18T23:00:00.000+00:00",
          "number": "2",
          "summary": "Referenz(en) aufgenommen: EUVD-2026-12809, EUVD-2026-12810, EUVD-2026-12811, EUVD-2026-12804, EUVD-2026-12805, EUVD-2026-12808, EUVD-2026-12801, EUVD-2025-208821, EUVD-2025-208819, EUVD-2025-208818"
        },
        {
          "date": "2026-04-01T22:00:00.000+00:00",
          "number": "3",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-04-14T22:00:00.000+00:00",
          "number": "4",
          "summary": "Neue Updates aufgenommen"
        },
        {
          "date": "2026-04-15T22:00:00.000+00:00",
          "number": "5",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-19T22:00:00.000+00:00",
          "number": "6",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-21T22:00:00.000+00:00",
          "number": "7",
          "summary": "Neue Updates von openSUSE aufgenommen"
        },
        {
          "date": "2026-04-22T22:00:00.000+00:00",
          "number": "8",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-23T22:00:00.000+00:00",
          "number": "9",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-26T22:00:00.000+00:00",
          "number": "10",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-28T22:00:00.000+00:00",
          "number": "11",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-04-29T22:00:00.000+00:00",
          "number": "12",
          "summary": "Neue Updates von Amazon aufgenommen"
        },
        {
          "date": "2026-05-03T22:00:00.000+00:00",
          "number": "13",
          "summary": "Neue Updates von SUSE und Debian aufgenommen"
        },
        {
          "date": "2026-05-05T22:00:00.000+00:00",
          "number": "14",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-06T22:00:00.000+00:00",
          "number": "15",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-10T22:00:00.000+00:00",
          "number": "16",
          "summary": "Neue Updates von Red Hat und SUSE aufgenommen"
        },
        {
          "date": "2026-05-12T22:00:00.000+00:00",
          "number": "17",
          "summary": "Neue Updates von Oracle Linux aufgenommen"
        },
        {
          "date": "2026-05-18T22:00:00.000+00:00",
          "number": "18",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-19T22:00:00.000+00:00",
          "number": "19",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-20T22:00:00.000+00:00",
          "number": "20",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-25T22:00:00.000+00:00",
          "number": "21",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-26T22:00:00.000+00:00",
          "number": "22",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-27T22:00:00.000+00:00",
          "number": "23",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-28T22:00:00.000+00:00",
          "number": "24",
          "summary": "Neue Updates von Red Hat aufgenommen"
        },
        {
          "date": "2026-05-31T22:00:00.000+00:00",
          "number": "25",
          "summary": "Neue Updates von Debian, SUSE, Oracle Linux, Rocky Enterprise Software Foundation und openSUSE aufgenommen"
        },
        {
          "date": "2026-06-01T22:00:00.000+00:00",
          "number": "26",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-06-02T22:00:00.000+00:00",
          "number": "27",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-06-04T22:00:00.000+00:00",
          "number": "28",
          "summary": "Neue Updates von SUSE und Oracle Linux aufgenommen"
        },
        {
          "date": "2026-06-08T22:00:00.000+00:00",
          "number": "29",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-06-09T22:00:00.000+00:00",
          "number": "30",
          "summary": "Neue Updates von SUSE aufgenommen"
        },
        {
          "date": "2026-06-16T22:00:00.000+00:00",
          "number": "31",
          "summary": "Neue Updates von Red Hat aufgenommen"
        }
      ],
      "status": "final",
      "version": "31"
    }
  },
  "product_tree": {
    "branches": [
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Amazon Linux 2",
            "product": {
              "name": "Amazon Linux 2",
              "product_id": "398363",
              "product_identification_helper": {
                "cpe": "cpe:/o:amazon:linux_2:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Amazon"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Debian Linux",
            "product": {
              "name": "Debian Linux",
              "product_id": "2951",
              "product_identification_helper": {
                "cpe": "cpe:/o:debian:debian_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Debian"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Google Container-Optimized OS",
            "product": {
              "name": "Google Container-Optimized OS",
              "product_id": "1607324",
              "product_identification_helper": {
                "cpe": "cpe:/o:google:container-optimized_os:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Google"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Open Source Linux Kernel",
            "product": {
              "name": "Open Source Linux Kernel",
              "product_id": "T051879",
              "product_identification_helper": {
                "cpe": "cpe:/o:linux:linux_kernel:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Open Source"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "Oracle Linux",
            "product": {
              "name": "Oracle Linux",
              "product_id": "T004914",
              "product_identification_helper": {
                "cpe": "cpe:/o:oracle:linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "Oracle"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "RESF Rocky Linux",
            "product": {
              "name": "RESF Rocky Linux",
              "product_id": "T032255",
              "product_identification_helper": {
                "cpe": "cpe:/o:resf:rocky_linux:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "RESF"
      },
      {
        "branches": [
          {
            "branches": [
              {
                "category": "product_name",
                "name": "Red Hat Enterprise Linux",
                "product": {
                  "name": "Red Hat Enterprise Linux",
                  "product_id": "67646",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:-"
                  }
                }
              },
              {
                "category": "product_version",
                "name": "9.2",
                "product": {
                  "name": "Red Hat Enterprise Linux 9.2",
                  "product_id": "T054697",
                  "product_identification_helper": {
                    "cpe": "cpe:/o:redhat:enterprise_linux:9.2"
                  }
                }
              }
            ],
            "category": "product_name",
            "name": "Enterprise Linux"
          }
        ],
        "category": "vendor",
        "name": "Red Hat"
      },
      {
        "branches": [
          {
            "category": "product_name",
            "name": "SUSE Linux",
            "product": {
              "name": "SUSE Linux",
              "product_id": "T002207",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:suse_linux:-"
              }
            }
          },
          {
            "category": "product_name",
            "name": "SUSE openSUSE",
            "product": {
              "name": "SUSE openSUSE",
              "product_id": "T027843",
              "product_identification_helper": {
                "cpe": "cpe:/o:suse:opensuse:-"
              }
            }
          }
        ],
        "category": "vendor",
        "name": "SUSE"
      }
    ]
  },
  "vulnerabilities": [
    {
      "cve": "CVE-2025-71265",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2025-71265"
    },
    {
      "cve": "CVE-2025-71266",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2025-71266"
    },
    {
      "cve": "CVE-2025-71267",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2025-71267"
    },
    {
      "cve": "CVE-2026-23242",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23242"
    },
    {
      "cve": "CVE-2026-23243",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23243"
    },
    {
      "cve": "CVE-2026-23244",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23244"
    },
    {
      "cve": "CVE-2026-23245",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23245"
    },
    {
      "cve": "CVE-2026-23246",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23246"
    },
    {
      "cve": "CVE-2026-23247",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23247"
    },
    {
      "cve": "CVE-2026-23248",
      "product_status": {
        "known_affected": [
          "2951",
          "T002207",
          "T051879",
          "67646",
          "T027843",
          "398363",
          "T004914",
          "1607324",
          "T032255",
          "T054697"
        ]
      },
      "release_date": "2026-03-17T23:00:00.000+00:00",
      "title": "CVE-2026-23248"
    }
  ]
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2026-23243 (GCVE-0-2026-23243)

SUSE-SU-2026:22042-1

WID-SEC-W-2026-0774

Tags

Sightings

Nomenclature