Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP6 kernel was updated to fix various security issues The following security issues were fixed: CVE-2026-31405: media: dvb-net: fix OOB access in ULE extension header tables bsc1261700. CVE-2026-31473: media: mc, v4l2: serialize REINIT and REQBUFS with reqqueuemutex...

ALSA: caiaq: Handle probe errors properly

...

CVE-2026-46004

ALSA: caiaq: Handle probe errors properly...

CVE-2025-71299

In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: Parse DT for flashes with the rest of the DT parsing The recent refactoring of where runtime PM is enabled done in commit f1eb4e792bb1 "spi: spi-cadence-quadspi: Enable pm runtime earlier to avoid imbalance"...

SUSE CVE-2026-43207

In the Linux kernel, the following vulnerability has been resolved: media: mtk-mdp: Fix error handling in probe function Add mtkmdpunregisterm2mdevice on the error handling path to prevent resource leak. Add check for the return value of vpugetplatdevice to prevent null pointer dereference. And...

SUSE CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

CVE-2026-43177

A flaw was found in the Linux kernel's ipu6 driver. This issue occurs due to a runtime Power Management PM reference leak in the driver's probe error paths. When errors occur during device initialization, PM references are not properly released, which can lead to resource exhaustion and potential...

CVE-2026-43152

A flaw was found in the Linux kernel's Human Interface Device HID subsystem, specifically within the hid-pl module. This vulnerability arises from improper error handling during device initialization. An attacker could potentially trigger a NULL pointer dereference by interacting with a device th...

EUVD-2026-27713

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

CVE-2026-43152

The CVE-2026-43152 issue is in the Linux kernel HID subsystem (hid-pl): if probe errors during device init are not handled, a NULL pointer dereference can occur when a device using Force Feedback is interacted with. Exploitation details are not provided in the documents, but the vulnerability is ...

CVE-2026-43152

In the Linux kernel, the following vulnerability has been resolved: HID: hid-pl: handle probe errors Errors in init must be reported back or we'll follow a NULL pointer the first time FF is used...

PT-2026-37492

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the hid-pl component where errors during initialization are not properly reported. This failure to handle probe errors can lead to a NULL pointer dereference the first...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference to usbgetdev is not released during the gpiompsseprobe error paths. This issue was fixed by using device-managed helper functions. Additionally, the...

Astra Linux – Vulnerability found in Linux 5.15, Linux 5.10

In the Linux kernel, the following vulnerability has been resolved: media: max9286: Free control handler The control handler is exposed in some probe-time error paths, as well as in the remove path. This issue has been fixed...

Astra Linux – Vulnerability in Linux 5.10

In the Linux kernel, the following vulnerabilities have been resolved: serial: liteuart: fix minor-number leak on probe errors Be sure to release the allocated minor number before returning on probe errors...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: Fixed the issue where the struct clk structure was leaked during probe errors. Be sure to release the pipe clock reference in case of a late probe error e.g., probe deferral...

Astra Linux – Vulnerabilities in Linux 5.10, Linux 5.15

In the Linux kernel, the following vulnerabilities have been resolved: phy: qcom-qmp: fixed the reset-controller leak in cases of probe errors. Be sure to release the lane reset controller in case of a late probe error e.g., probe deferral...

CVE-2026-31604

A flaw was found in the Linux kernel's rtw88 Wi-Fi driver. This vulnerability occurs when the driver fails to release a reference to a Universal Serial Bus USB device during certain probe errors, such as when descriptor parsing fails. A local attacker could potentially trigger this condition by...

SUSE CVE-2026-23087

In the Linux kernel, the following vulnerability has been resolved: scsi: xen: scsiback: Fix potential memory leak in scsibackremove Memory allocated for struct vscsiblkinfo in scsibackprobe is not freed in scsibackremove leading to potential memory leaks on remove, as well as in the scsibackprob...