View at Official suse advisory, NVD, CVE.org · CVE detail
Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.
CVE-2026-23091 severity moderate: SUSE including 401 source package names (2.1.3-6.124:kernel-default-base-6.4.0-40.1.21.17, 2.1.3-7.105:kernel-default-6.4.0-40.1, …), 573 product×package rows across 33 product lines (Container suse/sl-micro/6.0/base-os-container, Container suse/sl-micro/6.0/kvm-os-container, … (33 product lines)): Fixed 308, Known Affected 231, First Fixed 25, Known Not Affected 9.
In the Linux kernel, the following vulnerability has been resolved: intel_th: fix device leak on output open() Make sure to drop the reference taken when looking up the th device during output device open() on errors and on close(). Note that a recent commit fixed the leak in a couple of open() error paths but not all of them, and the reference is still leaking on successful open().