CVE-2026-23399

CVE-2026-23399 concerns the Linux kernel nf_tables code: when cloning the second stateful expression in a dynset element, the first expression could remain unfreed on error, causing a stateful memleak in error paths. The provided CVE description confirms a resolution in the kernel, with backtrace...

CVE-2026-23399 nf_tables: nft_dynset: fix possible stateful expression memleak in error path

In the Linux kernel, the following vulnerability has been resolved: nftables: nftdynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFPATOMIC fails, then the first stateful expression remains in place without being released....

Linux kernel 安全漏洞

The Linux kernel is the core of the open-source operating system Linux, developed by the Linux Foundation in the United States. There is a security vulnerability in the Linux kernel, which stems from a memory leak that can occur in the nftdynset error path, involving state expression memory leaks...

Linux Distros Unpatched Vulnerability : CVE-2026-23399

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - nftables: nftdynset: fix possible stateful expression memleak in error path If cloning the second stateful expression in the element via GFPATOMIC fails, then t...

Linux Distros Unpatched Vulnerability : CVE-2026-23305

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could ...

SUSE-SU-2026:1136-1 Security update for the Linux Kernel (Live Patch 7 for SUSE Linux Enterprise 15 SP7)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150700.53.25 fixes various security issues The following security issues were fixed: - CVE-2025-40258: mptcp: fix race condition in mptcpschedulework bsc1255053. - CVE-2025-40297: net: bridge: fix use-after-free due to MST port state bypass...

SUSE-SU-2026:1073-1 Security update for the Linux Kernel (Live Patch 10 for SUSE Linux Enterprise 15 SP6)

This update for the SUSE Linux Enterprise Kernel 6.4.0-150600.23.47 fixes various security issues The following security issues were fixed: - CVE-2025-38159: wifi: rtw88: fix the 'para' buffer size to avoid reading out of bounds bsc1257629. - CVE-2025-38488: smb: client: fix use-after-free in...

SUSE-SU-2026:1059-1 Security update for the Linux Kernel (Live Patch 34 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.133 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2025-21738: ata: libata-sff: ensure that we cannot...

can: mcp251x: fix deadlock in error path of mcp251x_open

...

SUSE-SU-2026:1049-1 Security update for the Linux Kernel (Live Patch 25 for SUSE Linux Enterprise 15 SP5)

This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.100 fixes various security issues The following security issues were fixed: - CVE-2022-50697: mrp: introduce active flags to prevent UAF when applicant uninit bsc1255595. - CVE-2023-53257: wifi: mac80211: check S1G action frame si...

SUSE SLES15 Security Update : kernel (Live Patch 45 for SUSE Linux Enterprise 15 SP4) (SUSE-SU-2026:0997-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:0997-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150400.24.179 fixes various security issues The following security issues were fixed: ...

SUSE CVE-2026-23305

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

SUSE CVE-2026-23344

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...

SUSE CVE-2026-23357

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...

EUVD-2026-15348

In the Linux kernel, the following vulnerability has been resolved: drm/client: Do not destroy NULL modes 'modes' in drmclientmodesetprobe may fail to kcalloc. If this occurs, we jump to 'out', calling modesdestroy on it, which dereferences it. This may result in a NULL pointer dereference in the...

EUVD-2026-15311

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...

EUVD-2026-15332

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...

EUVD-2026-15245

In the Linux kernel, the following vulnerability has been resolved: accel/rocket: fix unwinding in error path in rocketprobe When rocketcoreinit fails as could be the case with EPROBEDEFER, we need to properly unwind by decrementing the counter we just incremented and if this is the first core we...

CVE-2026-23317

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error code...

CVE-2026-23357

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...