View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2025-71192 severity moderate: SUSE including 421 source package names (2.1.3-6.124:kernel-default-base-6.4.0-40.1.21.17, 2.1.3-7.105:kernel-default-6.4.0-40.1, …), 707 product×package rows across 54 product lines (Container suse/sl-micro/6.0/base-os-container, Container suse/sl-micro/6.0/kvm-os-container, … (54 product lines)): Fixed 308, Known Affected 231, Known Not Affected 143, First Fixed 25.
In the Linux kernel, the following vulnerability has been resolved: ALSA: ac97: fix a double free in snd_ac97_controller_register() If ac97_add_adapter() fails, put_device() is the correct way to drop the device reference. kfree() is not required. Add kfree() if idr_alloc() fails and in ac97_adapter_release() to do the cleanup. Found by code review.