59854 matches found
SUSE CVE-2026-43192
In the Linux kernel, the following vulnerability has been resolved: dm mpath: Add missing dmputdevice when failing to get scsi dh name When commit fd81bc5cca8f "scsi: devicehandler: Return error pointer in scsidhattachedhandlername" added code to fail parsing the path if scsidhattachedhandlername...
SUSE CVE-2026-43195
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: validate user queue size constraints Add validation to ensure user queue sizes meet hardware requirements: - Size must be a power of two for efficient ring buffer wrapping - Size must be at least AMDGPUGPUPAGESIZE to...
SUSE CVE-2026-43199
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix "scheduling while atomic" in IPsec MAC address query Fix a "scheduling while atomic" bug in mlx5eipsecinitmacs by replacing mlx5querymacaddress with etheraddrcopy to get the local MAC address directly from...
SUSE CVE-2026-43208
In the Linux kernel, the following vulnerability has been resolved: net: do not pass flowid to setrpscpu Blamed commit made the assumption that the RPS table for each receive queue would have the same size, and that it would not change. Compute flowid in setrpscpu, do not assume we can use the...
SUSE CVE-2026-43212
In the Linux kernel, the following vulnerability has been resolved: LoongArch: Make cpumaskofnode robust against NUMANONODE The arch definition of cpumaskofnode cannot handle NUMANONODE - which is a valid index - so add a check for this...
SUSE CVE-2026-43281
In the Linux kernel, the following vulnerability has been resolved: mailbox: Prevent out-of-bounds access in fwmboxindexxlate Although it is guided that mbox-cells must be at least 1, there are many instances of mbox-cells = ; in the device tree. If that is the case and the corresponding mailbox...
SUSE CVE-2026-43410
In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL pointer dereference when RSU is disabled When the Remote System Update RSU isn't enabled in the First Stage Boot Loader FSBL, the driver encounters a NULL pointer dereference when excute...
SUSE CVE-2026-7896
Integer overflow in Blink in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...
SUSE CVE-2026-7901
Use after free in ANGLE in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-7917
Use after free in Fullscreen in Google Chrome on Windows prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-7918
Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2026-7925
Use after free in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform OS-level privilege escalation via a malicious file. Chromium security severity: High...
SUSE CVE-2026-7943
Insufficient validation of untrusted input in ANGLE in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to perform arbitrary read/write via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7948
Race in Chromoting in Google Chrome on Windows prior to 148.0.7778.96 allowed a local attacker to perform privilege escalation via a malicious file. Chromium security severity: Medium...
SUSE CVE-2026-7959
Inappropriate implementation in Navigation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7961
Insufficient validation of untrusted input in Permissions in Google Chrome prior to 148.0.7778.96 allowed an attacker on the local network segment to leak cross-origin data via malicious network traffic. Chromium security severity: Medium...
SUSE CVE-2026-7963
Inappropriate implementation in ServiceWorker in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7966
Insufficient validation of untrusted input in SiteIsolation in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7970
Use after free in TopChrome in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-7978
Inappropriate implementation in Companion in Google Chrome on Mac prior to 148.0.7778.96 allowed a remote attacker to perform OS-level privilege escalation via malicious network traffic. Chromium security severity: Medium...
SUSE CVE-2026-7985
Use after free in GPU in Google Chrome prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Medium...
SUSE CVE-2026-8001
Use After Free in Printing in Google Chrome on Linux, Mac, ChromeOS prior to 148.0.7778.96 allowed a remote attacker who had compromised the renderer process to potentially perform a sandbox escape via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-8015
Inappropriate implementation in Media in Google Chrome prior to 148.0.7778.96 allowed a remote attacker to perform UI spoofing via a crafted HTML page. Chromium security severity: Low...
SUSE CVE-2026-41648
Incus is a system container and virtual machine manager. Prior to version 7.0.0, user provided image and backup tarballs would be unpacked and YAML files parsed without any size restrictions. This was making it easy for an authenticated user to provide a crafted image or backup tarball that when...
SUSE CVE-2026-41650
fast-xml-parser allows users to process XML from JS object without C/C++ based libraries or callbacks. Prior to version 5.7.0, XMLBuilder does not escape the "--" sequence in comment content or the "" sequence in CDATA sections when building XML from JavaScript objects. This allows XML injection...
SUSE CVE-2026-41672
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package allows attacker-controlled comment content to be serialized into XML without validating or...
SUSE CVE-2026-41674
xmldom is a pure JavaScript W3C standard-based XML DOM Level 2 Core DOMParser and XMLSerializer module. In @xmldom/xmldom prior to versions 0.9.10 and 0.8.13 and xmldom version 0.6.0 and prior, the package serializes DocumentType node fields internalSubset, publicId, systemId verbatim without any...
SUSE CVE-2026-42216
OpenEXR provides the specification and reference implementation of the EXR file format, an image storage format for the motion picture industry. From versions 3.0.0 to before 3.2.9, 3.3.0 to before 3.3.11, and 3.4.0 to before 3.4.11, IDManifest::init reconstructs strings from a prefix-compressed...
SUSE CVE-2026-43014
In the Linux kernel, the following vulnerability has been resolved: net: macb: properly unregister fixed rate clocks The additional resources allocated with clkregisterfixedrate need to be released with clkunregisterfixedrate, otherwise they are lost...
SUSE CVE-2026-43181
In the Linux kernel, the following vulnerability has been resolved: gpio: sysfs: fix chip removal with GPIOs exported over sysfs Currently if we export a GPIO over sysfs and unbind the parent GPIO controller, the exported attribute will remain under /sys/class/gpio because once we remove the pare...
SUSE CVE-2026-43245
In the Linux kernel, the following vulnerability has been resolved: ntfs: -dcompare must not block ... so don't use getname there. Switch it and ntfsdhash, while we are at it to kmallocPATHMAX, GFPNOWAIT. Yes, ntfsdhash almost certainly can do with smaller allocations, but let ntfs folks deal wit...
SUSE CVE-2026-43273
In the Linux kernel, the following vulnerability has been resolved: ceph: supply snapshot context in cephzeropartialobject The cephzeropartialobject function was missing proper snapshot context for its OSD write operations, which could lead to data inconsistencies in snapshots. Reproducer:...
SUSE CVE-2025-61669
Jupyter Server is the backend for Jupyter web applications. In jupyterserver versions through 2.17.0, the next query parameter in the login flow is insufficiently validated in LoginFormHandler.redirectsafe, which allows redirects to arbitrary external domains via values such as ///example.com. An...
SUSE CVE-2026-7572
An off-by-one error CWE-193 in the ConsumeUnit16Array and ConsumeUnit64Array functions in Velocidex Velociraptor before version 0.76.5 on Windows and Linux allows a local attacker to cause a Denial of Service DoS via a process crash by providing a specially crafted .evtx file to the parseevtx VQL...
SUSE CVE-2026-23631
Redis is an in-memory data structure store. In all versions of redis-server with Lua scripting, an authenticated attacker can exploit the master-replica synchronization mechanism to trigger a use-after-free on replicas where replica-read-only is disabled or can be disabled, which may lead to remo...
SUSE CVE-2026-25243
Redis is an in-memory data structure store. In versions of redis-server up to 8.6.3, the RESTORE command does not properly validate serialized values. An authenticated attacker with permission to execute RESTORE can supply a crafted serialized payload that triggers invalid memory access and may...
SUSE CVE-2026-30923
ModSecurity is an open source, cross platform web application firewall WAF engine for Apache, IIS and Nginx. Libmodsecurity is one component of the ModSecurity v3 project. A segmentation fault occurs when a rule using the t:hexDecode transformation inspects a query string parameter containing a...
SUSE CVE-2026-33489
CoreDNS is a DNS server that chains plugins. In versions prior to 1.14.3, the transfer plugin can select the wrong ACL stanza when both a parent zone and a more-specific subzone are configured. The longestMatch function in plugin/transfer/transfer.go uses a lexicographic string comparison instead...
SUSE CVE-2026-35527
Incus is an open source container and virtual machine manager. In versions prior to 7.0.0, the image import flow issues an outbound HEAD request to a user-supplied URL before validating the request against project restrictions such as restricted.images.servers. The imgPostURLInfo function...
SUSE CVE-2026-40934
Jupyter Server is the backend for Jupyter web applications. In versions 2.17.0 and earlier, the secret used to sign authentication cookies is persisted to a static file at /.local/share/jupyter/runtime/jupytercookiesecret and is never rotated when a user changes their password. After a password...
SUSE CVE-2026-41050
Fleet's Helm deployer did not fully apply ServiceAccount impersonation in two code paths, allowing a tenant with git push access to a Fleet-monitored repository to read secrets from any namespace on every downstream cluster targeted by their GitRepo...
SUSE CVE-2026-43016
In the Linux kernel, the following vulnerability has been resolved: bpf: sockmap: Fix use-after-free of sk-sksocket in skpsockverdictdataready. syzbot reported use-after-free of AFUNIX socket's sk-sksocket in skpsockverdictdataready. 0 In unixstreamsendmsg, the peer socket's -skdataready is calle...
SUSE CVE-2026-43022
In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: hcicmdsyncqueueonce return -EEXIST if exists hcicmdsyncqueueonce needs to indicate whether a queue item was added, so caller can know if callbacks are called, so it can avoid leaking resources. Change the...
SUSE CVE-2026-43081
In the Linux kernel, the following vulnerability has been resolved: net: ipa: fix GENERICCMD register field masks for IPA v5.0+ Fix the field masks to match the hardware layout documented in downstream GSI GSIV30EEnGSIEEGENERICCMD. Notably this fixes a WARN I was seeing when I tried to send "stop...
SUSE CVE-2026-43085
In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlinklog: initialize nfgenmsg in NLMSGDONE terminator When batching multiple NFLOG messages inst-qlen 1, nfulnlsend appends an NLMSGDONE terminator with sizeofstruct nfgenmsg payload via nlmsgput, but never...
SUSE CVE-2026-43092
In the Linux kernel, the following vulnerability has been resolved: xsk: validate MTU against usable frame size on bind AFXDP bind currently accepts zero-copy pool configurations without verifying that the device MTU fits into the usable frame space provided by the UMEM chunk. This becomes a...
SUSE CVE-2026-43095
In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: Fix errors in IRQ cleanup IRQs are enabled through sdcairqpopulate from component probe using devmrequestthreadedirq, this however means the IRQs can persist if the sound card is torn down. Some of the IRQ handlers...
SUSE CVE-2026-43114
In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapoavx2: don't return non-matching entry on expiry New test case fails unexpectedly when avx2 matching functions are used. The test first loads a ranomly generated pipapo set with 'ipv4 . port' key, i.e. nft -...
SUSE CVE-2026-43149
In the Linux kernel, the following vulnerability has been resolved: net: wan/fslucchdlc: Fix dmafreecoherent in uhdlcmemclean The priv-rxbuffer and priv-txbuffer are alloc'd together as contiguous buffers in uhdlcinit but freed as two buffers in uhdlcmemclean. Change the cleanup to only call...
SUSE CVE-2026-43173
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: xscale: Check for PTP support properly In ixp4xxgettsinfo ixp46xptpfind is called unconditionally despite this feature only existing on ixp46x, leading to the following splat from tcpdump: root@OpenWrt: tcpdump -vv...