Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23448

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdcncm: add ndpoffset to NDP16 nframes bounds check cdcncmrxverifyndp16 validates that the NDP header and its DPE entries fit within the skb. The first check correctly accounts for ndpoffset: if ndpoffset + sizeofstruct...

6.1CVSS5.9AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23449

In the Linux kernel, the following vulnerability has been resolved: net/sched: teql: Fix double-free in teqlmasterxmit Whenever a TEQL devices has a lockless Qdisc as root, qdiscreset should be called using the seqlock to avoid racing with the datapath. Failure to do so may cause crashes like the...

7CVSS5.8AI score0.00129EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23450

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL dereference and UAF in smctcpsynrecvsock Syzkaller reported a panic in smctcpsynrecvsock 1. smctcpsynrecvsock is called in the TCP receive path softirq via icskafops-synrecvsock on the clcsock TCP listening...

7CVSS5.7AI score0.00488EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23451

In the Linux kernel, the following vulnerability has been resolved: bonding: prevent potential infinite loop in bondheaderparse bondheaderparse can loop if a stack of two bonding devices is setup, because skb-dev always points to the hierarchy top. Add new "const struct netdevice dev" parameter t...

7.5CVSS5.7AI score0.00446EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•6 views

SUSE CVE-2026-23452

In the Linux kernel, the following vulnerability has been resolved: PM: runtime: Fix a race condition related to device removal The following code in pmruntimework may dereference the dev-parent pointer after the parent device has been freed: / Maybe the parent is now able to suspend. / if parent...

4.7CVSS5.8AI score0.00087EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23453

In the Linux kernel, the following vulnerability has been resolved: net: ti: icssg-prueth: Fix memory leak in XDPDROP for non-zero-copy mode Page recycling was removed from the XDPDROP path in emacrunxdp to avoid conflicts with AFXDP zero-copy mode, which uses xskbufffree instead. However, this...

7.5CVSS5.7AI score0.00343EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23454

In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in manahwcdestroychannel by reordering teardown A potential race condition exists in manahwcdestroychannel where hwc-callerctx is freed before the HWC's Completion Queue CQ and Event Queue EQ are...

6.4CVSS5.7AI score0.00118EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23455

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: check for zero length in DecodeQ931 In DecodeQ931, the UserUserIE code path reads a 16-bit length from the packet, then decrements it by 1 to skip the protocol discriminator byte before passing it to...

6.3CVSS5.8AI score0.00514EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•8 views

SUSE CVE-2026-23456

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntrackh323: fix OOB read in decodeint CONS case In decodeint, the CONS case calls getbitsbs, 2 to read a length value, then calls getuintbs, len without checking that len bytes remain in the buffer. The existing...

5.3CVSS5.7AI score0.00443EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•6 views

SUSE CVE-2026-23457

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: fix Content-Length u32 truncation in siphelptcp siphelptcp parses the SIP Content-Length header with simplestrtoul, which returns unsigned long, but stores the result in unsigned int clen. On 64-bit...

5.3CVSS5.7AI score0.00375EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23458

In the Linux kernel, the following vulnerability has been resolved: netfilter: ctnetlink: fix use-after-free in ctnetlinkdumpexpct ctnetlinkdumpexpct stores a conntrack pointer in cb-data for the netlink dump callback ctnetlinkexpctdumptable, but drops the conntrack reference immediately after...

7CVSS5.7AI score0.00126EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•4 views

SUSE CVE-2026-23459

In the Linux kernel, the following vulnerability has been resolved: iptunnel: adapt iptunnelxmitstats to NETDEVPCPUSTATDSTATS Blamed commits forgot that vxlan/geneve use udptunnel6xmitskb which call iptunnelxmitstats. iptunnelxmitstats was assuming tunnels were only using NETDEVPCPUSTATTSTATS...

8.2CVSS5.7AI score0.00299EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•6 views

SUSE CVE-2026-23460

In the Linux kernel, the following vulnerability has been resolved: net/rose: fix NULL pointer dereference in rosetransmitlink on reconnect syzkaller reported a bug 1, and the reproducer is available at 2. ROSE sockets use four sk-skstate values: TCPCLOSE, TCPLISTEN, TCPSYNSENT, and TCPESTABLISHE...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•6 views

SUSE CVE-2026-23461

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capunregisteruser After commit ab4eedb790ca "Bluetooth: L2CAP: Fix corrupted list in hcichandel", l2capconndel uses conn-lock to protect access to conn-users. However, l2capregisteruser a...

7.5CVSS5.8AI score0.00247EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23462

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HIDP: Fix possible UAF This fixes the following trace caused by not dropping l2capconn reference when user-remove callback is called: 97.809249 l2capconnfree: freeing conn ffff88810a171c00 97.809907 CPU: 1 UID: 0 PID:...

7.8CVSS5.7AI score0.00262EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23463

In the Linux kernel, the following vulnerability has been resolved: soc: fsl: qbman: fix race condition in qmandestroyfq When QMANFQFLAGDYNAMICFQID is set, there's a race condition between fqtablefq-idx state and freeing/allocating from the pool and WARNONfqtablefq-idx in qmancreatefq gets...

5.7AI score0.0009EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•5 views

SUSE CVE-2026-23464

In the Linux kernel, the following vulnerability has been resolved: soc: microchip: mpfs: Fix memory leak in mpfssyscontrollerprobe In mpfssyscontrollerprobe, if ofgetmtddevicebynode fails, the function returns immediately without freeing the allocated memory for syscontroller, leading to a memor...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•8 views

SUSE CVE-2026-23465

In the Linux kernel, the following vulnerability has been resolved: btrfs: log new dentries when logging parent dir of a conflicting inode If we log the parent directory of a conflicting inode, we are not logging the new dentries of the directory, so when we finish we have the parent directory's...

6.1CVSS5.8AI score0.00122EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23466

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Open-code GGTT MMIO access protection GGTT MMIO access is currently protected by hotplug drmdeventer, which works correctly when the driver loads successfully and is later unbound or unloaded. However, if driver load fail...

4.7CVSS5.7AI score0.00129EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•4 views

SUSE CVE-2026-23467

In the Linux kernel, the following vulnerability has been resolved: drm/i915/dmc: Fix an unlikely NULL pointer deference at probe inteldmcupdatedc6allowedcount oopses when DMC hasn't been initialized, and dmc is thus NULL. That would be the case when the call path is intelpowerdomainsinithw -...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•8 views

SUSE CVE-2026-23468

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Limit BO list entry count to prevent resource exhaustion Userspace can pass an arbitrary number of BO list entries via the bonumber field. Although the previous multiplication overflow check prevents out-of-bounds...

5.5CVSS5.9AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•7 views

SUSE CVE-2026-23469

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Synchronize interrupts before suspending the GPU The runtime PM suspend callback doesn't know whether the IRQ handler is in progress on a different CPU core and doesn't wait for it to finish. Depending on timing,...

4.7CVSS5.8AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•9 views

SUSE CVE-2026-23470

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: Fix deadlock in soft reset sequence The soft reset sequence is currently executed from the threaded IRQ handler, hence it cannot call disableirq which internally waits for IRQ handlers, i.e. itself, to complete...

5.5CVSS5.7AI score0.00094EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•6 views

SUSE CVE-2026-23471

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00032EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/03 11:27 p.m.•8 views

SUSE CVE-2026-23472

In the Linux kernel, the following vulnerability has been resolved: serial: core: fix infinite loop in handletx for PORTUNKNOWN uartwriteroom and uartwrite behave inconsistently when xmitbuf is NULL which happens for PORTUNKNOWN ports that were never properly initialized: - uartwriteroom returns...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•7 views

SUSE CVE-2026-23473

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

4.7CVSS5.7AI score0.00022EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•8 views

SUSE CVE-2026-23474

In the Linux kernel, the following vulnerability has been resolved: mtd: Avoid boot crash in RedBoot partition table parser Given CONFIGFORTIFYSOURCE=y and a recent compiler, commit 439a1bcac648 "fortify: Use builtindynamicobjectsize when available" produces the warning below and an oops. Searchi...

4.7CVSS5.9AI score0.00135EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•8 views

SUSE CVE-2026-23475

In the Linux kernel, the following vulnerability has been resolved: spi: fix statistics allocation The controller per-cpu statistics is not allocated until after the controller has been registered with driver core, which leaves a window where accessing the sysfs attributes can trigger a...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•6 views

SUSE CVE-2026-25833

Mbed TLS 3.5.0 to 3.6.5 fixed in 3.6.6 and 4.1.0 has a buffer overflow in the x509inetptonipv6 function...

7.5CVSS6.1AI score0.00308EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•7 views

SUSE CVE-2026-25834

Mbed TLS v3.3.0 up to 3.6.5 and 4.0.0 allows Algorithm Downgrade...

6.5CVSS5.7AI score0.00135EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•6 views

SUSE CVE-2026-25835

Mbed TLS before 3.6.6 and TF-PSA-Crypto before 1.1.0 misuse seeds in a Pseudo-Random Number Generator PRNG...

7.7CVSS5.8AI score0.0017EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•3 views

SUSE CVE-2026-26961

Rack is a modular Ruby web server interface. Prior to versions 2.2.23, 3.1.21, and 3.2.6, Rack::Multipart::Parser extracts the boundary parameter from multipart/form-data using a greedy regular expression. When a Content-Type header contains multiple boundary parameters, Rack selects the last one...

3.7CVSS5.8AI score0.00253EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•6 views

SUSE CVE-2026-26962

Rack is a modular Ruby web server interface. From version 3.2.0 to before version 3.2.6, Rack::Multipart::Parser unfolds folded multipart part headers incorrectly. When a multipart header contains an obs-fold sequence, Rack preserves the embedded CRLF in parsed parameter values such as filename o...

4.8CVSS5.7AI score0.00227EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•5 views

SUSE CVE-2026-31389

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free on controller registration failure Make sure to deregister from driver core also in the unlikely event that per-cpu statistics allocation fails during controller registration to avoid use-after-free of...

4.1CVSS5.7AI score0.00117EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:26 p.m.•5 views

SUSE CVE-2026-31390

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix memory leak in xevmmadviseioctl When checkboargsaresane validation fails, jump to the new freevmas cleanup label to properly free the allocated resources. This ensures proper cleanup in this error path. cherry picked...

5.7AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•5 views

SUSE CVE-2026-31391

In the Linux kernel, the following vulnerability has been resolved: crypto: atmel-sha204a - Fix OOM -tfmcount leak If memory allocation fails, decrement -tfmcount to avoid blocking future reads...

5.7AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•7 views

SUSE CVE-2026-31392

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix krb5 mount with username option Customer reported that some of their krb5 mounts were failing against a single server as the client was trying to mount the shares with wrong credentials. It turned out the client...

6.1CVSS5.7AI score0.00122EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•8 views

SUSE CVE-2026-31393

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate L2CAPINFORSP payload length before access l2capinformationrsp checks that cmdlen covers the fixed l2capinforsp header type + result, 4 bytes but then reads rsp-data without verifying that the payload is...

4.3CVSS5.7AI score0.00255EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•7 views

SUSE CVE-2026-31394

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix crash in ieee80211chanbwchange for APVLAN stations ieee80211chanbwchange iterates all stations and accesses link-reserved.oper via sta-sdata-linklinkid. For stations on APVLAN interfaces e.g. 4addr WDS clients,...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•6 views

SUSE CVE-2026-31395

In the Linux kernel, the following vulnerability has been resolved: bnxten: fix OOB access in DBGBUFPRODUCER async event handler The ASYNCEVENTCMPLEVENTIDDBGBUFPRODUCER handler in bnxtasynceventprocess uses a firmware-supplied 'type' field directly as an index into bp-bstrace without bounds...

6.4CVSS5.7AI score0.00115EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•7 views

SUSE CVE-2026-31396

In the Linux kernel, the following vulnerability has been resolved: net: macb: fix use-after-free access to PTP clock PTP clock is registered on every opening of the interface and destroyed on every closing. However it may be accessed via gettsinfo ethtool call which is possible while the interfa...

6.1CVSS5.7AI score0.00117EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•5 views

SUSE CVE-2026-31397

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: fix use of NULL folio in movepageshugepmd movepageshugepmd handles UFFDIOMOVE for both normal THPs and huge zero pages. For the huge zero page path, srcfolio is explicitly set to NULL, and is used as a sentinel to...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•3 views

SUSE CVE-2026-31398

In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix incorrect pte restoration for lazyfree folios We batch unmap anonymous lazyfree folios by foliounmapptebatch. If the batch has a mix of writable and non-writable bits, we may end up setting the entire batch writable...

7.8CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•5 views

SUSE CVE-2026-31399

In the Linux kernel, the following vulnerability has been resolved: nvdimm/bus: Fix potential use after free in asynchronous initialization Dingisoul with KASAN reports a use after free if deviceadd fails in ndasyncdeviceregister. Commit b6eae0f61db2 "libnvdimm: Hold reference on parent while...

7.8CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•6 views

SUSE CVE-2026-31400

In the Linux kernel, the following vulnerability has been resolved: sunrpc: fix cacherequest leak in cacherelease When a reader's file descriptor is closed while in the middle of reading a cacherequest rp-offset != 0, cacherelease decrements the request's readers count but never checks whether it...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•8 views

SUSE CVE-2026-31401

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: prevent buffer overflow in hidhwrequest right now the returned value is considered to be always valid. However, when playing with HID-BPF, the return value can be arbitrary big, because it's the return value of...

7.8CVSS6.1AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•5 views

SUSE CVE-2026-31402

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay cache uses a fixed 112-byte inline buffer rpibufNFSD4REPLAYISIZE to store encoded operation responses. This size was calculated based on OPEN responses and...

8.2CVSS6AI score0.0049EPSS
Exploits0References132
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•7 views

SUSE CVE-2026-31403

In the Linux kernel, the following vulnerability has been resolved: NFSD: Hold net reference for the lifetime of /proc/fs/nfs/exports fd The /proc/fs/nfs/exports proc entry is created at module init and persists for the module's lifetime. exportsprocopen captures the caller's current network...

7CVSS5.7AI score0.00123EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•6 views

SUSE CVE-2026-31404

In the Linux kernel, the following vulnerability has been resolved: NFSD: Defer sub-object cleanup in export put callbacks svcexportput calls pathput and authdomainput immediately when the last reference drops, before the RCU grace period. RCU readers in eshow and cshow access both expath via...

4.7CVSS5.8AI score0.00121EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/04/03 11:25 p.m.•4 views

SUSE CVE-2026-31931

Suricata is a network IDS, IPS and NSM engine. From version 8.0.0 to before version 8.0.4, use of the "tls.alpn" rule keyword can cause Suricata to crash with a NULL dereference. This issue has been patched in version 8.0.4...

7.5CVSS5.7AI score0.00351EPSS
Exploits0References3
Total number of security vulnerabilities59854