Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•11 views

SUSE CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

5.5CVSS6AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•11 views

SUSE CVE-2026-46224

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•11 views

SUSE CVE-2026-46228

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•11 views

SUSE CVE-2026-46232

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...

6.1CVSS5.7AI score0.00258EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:14 a.m.•11 views

SUSE CVE-2026-46240

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...

5.5CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45852

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxesrqfrominit In rxesrqfrominit, the queue pointer 'q' is assigned to 'srq-rq.queue' before copying the SRQ number to user space. If copytouser fails, the function calls rxequeuecleanup to free the...

7CVSS5.8AI score0.00175EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45857

In the Linux kernel, the following vulnerability has been resolved: scsi: csiostor: Fix dereference of null pointer rn The error exit path when rn is NULL ends up deferencing the null pointer rn via the use of the macro CSIOINCSTATS. Fix this by adding a new error return path label after the use ...

5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45865

In the Linux kernel, the following vulnerability has been resolved: mctp i2c: initialise event handler read bytes Set a 0xff value for i2c reads of an mctp-i2c device. Otherwise reads will return "val" from the i2c bus driver. For i2c-aspeed and i2c-npcm7xx that is a stack uninitialised u8. Teste...

5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45866

In the Linux kernel, the following vulnerability has been resolved: serial: caif: fix use-after-free in caifserial ldiscclose There is a use-after-free bug in caifserial where handletx may access ser-tty after the tty has been freed. The race condition occurs between ldiscclose and packet...

5.7AI score0.0016EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45872

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix memory leak in pqireportphysluns pqireportphysluns fails to release the rpllist buffer when encountering an unsupported data format or when the allocation for rpl16bytewwidlist fails. These early returns bypas...

5.9AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:57 a.m.•11 views

SUSE CVE-2026-45874

In the Linux kernel, the following vulnerability has been resolved: phy: freescale: imx8qm-hsio: fix NULL pointer dereference During the probe the refclkpad pointer is set to NULL if the 'fsl,refclk-pad-mode' property is not defined in the devicetree node. But in imxhsioconfigureclkpad this point...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45880

In the Linux kernel, the following vulnerability has been resolved: PCI/P2PDMA: Release per-CPU pgmap ref when vminsertpage fails When vminsertpage fails in p2pmemallocmmap, p2pmemallocmmap doesn't invoke percpurefput to free the per-CPU ref of pgmap acquired after genpoolallocowner, and...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45887

In the Linux kernel, the following vulnerability has been resolved: afunix: Fix memleak of newsk in unixstreamconnect. When preparepeercred fails in unixstreamconnect, unixreleasesock is not called for newsk, and the memory is leaked. Let's move preparepeercred before unixcreate1...

5.8AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45889

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not account for OoO in mptcprcvbufgrow MPTCP-level OoOs are physiological when multiple subflows are active concurrently and will not cause retransmissions nor are caused by drops. Accounting for them in mptcprcvbufgrow...

5.8AI score0.00153EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45897

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftcounter: serialize reset with spinlock Add a global static spinlock to serialize counter fetch+reset operations, preventing concurrent dump-and-reset from underrunning values. The lock is taken before fetching the...

5.7AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45898

In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix workqueue list corruption by removing worklist The commit e1168f0 "RDMA/iwcm: Simplify cmeventhandler" changed the work submission logic to unconditionally call queuework with the expectation that queuework would...

7CVSS5.8AI score0.00465EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45899

In the Linux kernel, the following vulnerability has been resolved: ext4: drop extent cache when splitting extent fails When the split extent fails, we might leave some extents still being processed and return an error directly, which will result in stale extent entries remaining in the extent...

5.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45904

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: fix recursive pcilockrescanremove locking in EEH event handling The recent commit 1010b4c012b0 "powerpc/eeh: Make EEH driver device hotplug safe" restructured the EEH driver to improve synchronization with the PCI...

5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45910

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race condition in QP timer handlers I encontered the following warning: WARNING: drivers/infiniband/sw/rxe/rxetask.c:249 at rxeschedtask+0x1c8/0x238 rdmarxe, CPU0: swapper/0/0 ... libsha1 last unloaded: ip6udptunnel...

7CVSS5.8AI score0.00102EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45918

In the Linux kernel, the following vulnerability has been resolved: ovpn: tcp - don't deref NULL sksocket member after tcpclose When deleting a peer in case of keepalive expiration, the peer is removed from the OpenVPN hashtable and is temporary inserted in a "release list" for further processing...

5.9AI score0.00163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45919

In the Linux kernel, the following vulnerability has been resolved: sched/rt: Skip currently executing CPU in rtonextcpu CPU0 becomes overloaded when hosting a CPU-bound RT task, a non-CPU-bound RT task, and a CFS task stuck in kernel space. When other CPUs switch from RT to non-RT tasks, RT load...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45922

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix memory leak in GETDATADIRECTSYSFSPATH handler The UVERBSHANDLERMLX5IBMETHODGETDATADIRECTSYSFSPATH function allocates memory for the device path using kobjectgetpath. If the length of the device path exceeds the...

5.5CVSS5.9AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:56 a.m.•11 views

SUSE CVE-2026-45923

In the Linux kernel, the following vulnerability has been resolved: net: usb: catc: enable basic endpoint checking catcprobe fills three URBs with hardcoded endpoint pipes without verifying the endpoint descriptors: - usbsndbulkpipeusbdev, 1 and usbrcvbulkpipeusbdev, 1 for TX/RX -...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45937

In the Linux kernel, the following vulnerability has been resolved: crypto: inside-secure/eip93 - fix kernel panic in driver detach During driver detach, the same hash algorithm is unregistered multiple times due to a wrong iterator...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45941

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmi2cinfineon: Fix locality leak on getburstcount failure getburstcount can return -EBUSY on timeout. When this happens, the function returns directly without releasing the locality that was acquired at the beginning of...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45942

In the Linux kernel, the following vulnerability has been resolved: ext4: fix e4b bitmap inconsistency reports A bitmap inconsistency issue was observed during stress tests under mixed huge-page workloads. Ext4 reported multiple e4b bitmap check failures like: ext4mbcomplexscangroup:2508: group...

7.8CVSS5.7AI score0.00099EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45944

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Clear Present bit before tearing down context entry When tearing down a context entry, the current implementation zeros the entire 128-bit entry using multiple 64-bit writes. This creates a window where the hardware c...

7.5CVSS5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45945

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix race condition during PASID entry replacement The Intel VT-d PASID table entry is 512 bits 64 bytes. When replacing an active PASID entry e.g., during domain replacement, the current implementation calculates a ne...

5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45946

In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix use-after-free in powersupplychanged Using the devm variant for requesting IRQ before the devm variant for allocating/registering the powersupply handle, means that the powersupply handle will be...

5.7AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45950

In the Linux kernel, the following vulnerability has been resolved: crypto: starfive - Fix memory leak in starfiveaesaeaddoonereq The starfiveaesaeaddoonereq function allocates rctx-adata with kzalloc but fails to free it if sgcopytobuffer or starfiveaeshwinit fails, which lead to memory leaks...

5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45954

In the Linux kernel, the following vulnerability has been resolved: fbdev: au1200fb: Fix a memory leak in au1200fbdrvprobe In au1200fbdrvprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45965

In the Linux kernel, the following vulnerability has been resolved: apparmor: fix invalid deref of rawdata when exportbinary is unset If the exportbinary parameter is disabled on runtime, profiles that were loaded before that will still have their rawdata stored in apparmorfs, with a symbolic lin...

5.5CVSS5.8AI score0.0016EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45969

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Add missing check for inputffcreatememless The psgamepadcreate function calls inputffcreatememless without verifying its return value, which can lead to incorrect behavior or potential crashes when FF effects ar...

5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45970

In the Linux kernel, the following vulnerability has been resolved: bonding: alb: fix UAF in rlbarprecv during bond up/down The ALB RX path may access rxhashtbl concurrently with bond teardown. During rapid bond up/down cycles, rlbdeinitialize frees rxhashtbl while RX handlers are still running,...

7CVSS5.7AI score0.00126EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45975

In the Linux kernel, the following vulnerability has been resolved: ublk: use READONCE to read struct ublksrvctrlcmd struct ublksrvctrlcmd is part of the iouringsqe, which may lie in userspace-mapped memory. It's racy to access its fields with normal loads, as userspace may write to them...

5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45977

In the Linux kernel, the following vulnerability has been resolved: fbnic: close fwlog race between users and teardown Fixes a theoretical race on fwlog between the teardown path and fwlog write functions. fwlog is written inside fbnicfwlogwrite and can be reached from the mailbox handler...

5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45980

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Stop job scheduling across aie2releaseresource Running jobs on a hardware context while it is in the process of releasing resources can lead to use-after-free and crashes. Fix this by stopping job scheduling before...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:55 a.m.•11 views

SUSE CVE-2026-45981

In the Linux kernel, the following vulnerability has been resolved: s390/cio: Fix device lifecycle handling in cssallocsubchannel cssallocsubchannel calls deviceinitialize before setting up the DMA masks. If dmasetcoherentmask or dmasetmask fails, the error path frees the subchannel structure...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-45992

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.1AI score0.00032EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-45993

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add spectre boundry for syscall dispatch table The LoongArch syscall number is directly controlled by userspace, but does not have a arrayindexnospec boundry to prevent access past the syscall function pointer tables...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-45998

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential UAF after skbunshare failure If skbunshare fails to unshare a packet due to allocation failure in rxrpcinputpacket, the skb pointer in the parent rxrpciothread will be NULL'd out. This will likely cause the...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-45999

In the Linux kernel, the following vulnerability has been resolved: erofs: fix unsigned underflow in zerofslz4handleoverlap Some crafted images can have illegal !partialdecoding && mllen out access reads past the decompressedpages array. However, such crafted cases can correctly result in a...

5.5CVSS5.7AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46011

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: fix use-after-free in release path due to uncancelled work The mtkjpegrelease function frees the context structure ctx without first cancelling any pending or running work in ctx-jpegwork. This creates a race...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46013

In the Linux kernel, the following vulnerability has been resolved: mm/memfdluo: fix physical address conversion in putfolios cleanup In memfdluoretrievefolios's putfolios cleanup path: 1. khorestorefolio expects a physaddrt physical address but receives a raw PFN pfolio-pfn. This causes...

5.5CVSS5.8AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46014

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Add missing save/restore handling of LBR MSRs MSRIA32DEBUGCTLMSR and LBR MSRs are currently not enumerated by KVMGETMSRINDEXLIST, and LBR MSRs cannot be set with KVMSETMSRS. So save/restore is completely broken. Fix it ...

5.5CVSS5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46016

In the Linux kernel, the following vulnerability has been resolved: remoteproc: xlnx: Only access buffer information if IPI is buffered In the receive callback check if message is NULL to prevent possibility of crash by NULL pointer dereferencing...

5.5CVSS5.9AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46018

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: stop parsing UAC2 rates at MAXNRRATES parseuac2sampleraterange caps the number of enumerated rates at MAXNRRATES, but it only breaks out of the current rate loop. A malformed UAC2 RANGE response with additional...

5.5CVSS5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46022

In the Linux kernel, the following vulnerability has been resolved: misc: ibmasm: fix OOB MMIO read in ibmasmhandlemouseinterrupt ibmasmhandlemouseinterrupt performs an out-of-bounds MMIO read when the queue reader or writer index from hardware exceeds REMOTEQUEUESIZE 60. A compromised service...

5.5CVSS5.8AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46024

In the Linux kernel, the following vulnerability has been resolved: libceph: Prevent potential null-ptr-deref in cephhandleauthreply If a message of type CEPHMSGAUTHREPLY contains a zero value for both protocol and result, this is currently not treated as an error. In case of ac-negotiating == tr...

6.5CVSS5.7AI score0.0049EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/05/28 3:54 a.m.•11 views

SUSE CVE-2026-46026

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: ns: Limit the maximum number of lookups Current code does no bound checking on the number of lookups a client can perform. Though the code restricts the lookups to local clients, there is still a possibility of a...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
Total number of security vulnerabilities5000