Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23311

In the Linux kernel, the following vulnerability has been resolved: perf/core: Fix invalid wait context in ctxschedin Lockdep found a bug in the event scheduling when a pinned event was failed and wakes up the threads in the ring buffer like below. It seems it should not grab a wait-queue lock...

5.8AI score0.00093EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23312

In the Linux kernel, the following vulnerability has been resolved: net: usb: kaweth: validate USB endpoints The kaweth driver should validate that the device it is probing has the proper number and types of USB endpoints it is expecting before it binds to it. If a malicious device were to not ha...

4.6CVSS5.8AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23313

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix preempt count leak in napi poll tracepoint Using getcpu in the tracepoint assignment causes an obvious preempt count leak because nothing invokes putcpu to undo it: softirq: huh, entered softirq 3 NETRX with preemptcoun...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23314

In the Linux kernel, the following vulnerability has been resolved: regulator: bq257xx: Fix device node reference leak in bq257xxregdtparsegpio In bq257xxregdtparsegpio, if fails to get subchild, it returns without calling ofnodeputchild, causing the device node reference leak...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23315

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: Fix possible oob access in mt76connac2macwritetxwi80211 Check frame length before accessing the mgmt fields in mt76connac2macwritetxwi80211 in order to avoid a possible oob access. fix check to also cover...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23316

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix ARM64 alignment fault in multipath hash seed struct sysctlfibmultipathhashseed contains two u32 fields userseed and mpseed, making it an 8-byte structure with a 4-byte alignment requirement. In...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23317

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Return the correct value in vmwtranslateptr functions Before the referenced fixes these functions used a lookup function that returned a pointer. This was changed to another lookup function that returned an error code...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References80
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•13 views

SUSE CVE-2026-23318

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Use correct version for UAC3 header validation The entry of the validators table for UAC3 AC header descriptor is defined with the wrong protocol version UACVERSION2, while it should have been UACVERSION3. This...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•4 views

SUSE CVE-2026-23319

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a UAF issue in bpftrampolinelinkcgroupshim The root cause of this bug is that when 'bpflinkput' reduces the refcount of 'shimlink-link.link' to zero, the resource is considered released but may still be referenced via...

6.4CVSS5.7AI score0.00126EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•5 views

SUSE CVE-2026-23320

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00022EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23321

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: in-kernel: always mark signal+subflow endp as used Syzkaller managed to find a combination of actions that was generating this warning: msk-pm.localaddrused == 0 WARNING: net/mptcp/pmkernel.c:1071 at...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•4 views

SUSE CVE-2026-23322

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix use-after-free and list corruption on sender error The analysis from Breno: When the SMI sender returns an error, smiwork delivers an error response but then jumps back to restart without cleaning up properly: 1...

7.8CVSS5.7AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23323

In the Linux kernel, the following vulnerability has been resolved: hwmon: macsmc Fix regressions in Apple Silicon SMC hwmon driver The recently added macsmc-hwmon driver contained several critical bugs in its sensor population logic and float conversion routines. Specifically: - The voltage sens...

7.8CVSS5.8AI score0.00134EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•10 views

SUSE CVE-2026-23324

In the Linux kernel, the following vulnerability has been resolved: can: usb: etases58x: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usbkillanchoredurbs is...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23325

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix possible oob access in mt7996macwritetxwi80211 Check frame length before accessing the mgmt fields in mt7996macwritetxwi80211 in order to avoid a possible oob access...

5.5CVSS5.7AI score0.00125EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23326

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix fragment node deletion to prevent buffer leak After commit b692bf9a7543 "xsk: Get rid of xdpbuffxsk::xskblistnode", the listnode field is reused for both the xskb pool list and the buffer free list, this causes a buffer...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23327

In the Linux kernel, the following vulnerability has been resolved: cxl/mbox: validate payload size before accessing contents in cxlpayloadfromuserallowed cxlpayloadfromuserallowed casts and dereferences the input payload without first verifying its size. When a raw mailbox command is sent with a...

5.5CVSS5.7AI score0.00124EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•5 views

SUSE CVE-2026-23328

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix NULL pointer dereference of mgmtchann mgmtchann may be set to NULL if the firmware returns an unexpected error in aie2sendmgmtmsgwait. This can later lead to a NULL pointer dereference in aie2hwstop. Fix this b...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23329

In the Linux kernel, the following vulnerability has been resolved: libie: don't unroll if fwlog isn't supported The libiefwlogdeinit function can be called during driver unload even when firmware logging was never properly initialized. This led to call trace: 148.576156 Oops: Oops: 0000 1 SMP...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23330

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: complete pending data exchange on device close In nciclosedevice, complete any pending data exchange before closing. The data exchange callback e.g. rawsockdataexchangecomplete holds a socket reference. NIPA occasionall...

5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23331

In the Linux kernel, the following vulnerability has been resolved: udp: Unhash auto-bound connected sk from 4-tuple hash table when disconnected. Let's say we bind an UDP socket to the wildcard address with a non-zero port, connect it to an address, and disconnect it from the address. bind sets...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•5 views

SUSE CVE-2026-23332

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix crash during turbo disable When the system is booted with kernel command line argument "nosmt" or "maxcpus" to limit the number of CPUs, disabling turbo via: echo 1...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23333

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.7AI score0.00024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•11 views

SUSE CVE-2026-23334

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: handle short interrupt urb messages properly If an interrupt urb is received that is not the correct length, properly detect it and don't attempt to treat the data as valid...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•8 views

SUSE CVE-2026-23335

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix kernel stack leak in irdmacreateuserah struct irdmacreateahresp // 8 bytes, no padding u32 ahid; // offset 0 - SET uresp.ahid = ah-scah.ahinfo.ahidx u8 rsvd4; // offset 4 - NEVER SET - LEAK ; rsvd4: 4 bytes of sta...

3.3CVSS5.7AI score0.00123EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•9 views

SUSE CVE-2026-23336

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: cancel rfkillblock work in wiphyunregister There is a use-after-free error in cfg80211shutdownallinterfaces found by syzkaller: BUG: KASAN: use-after-free in cfg80211shutdownallinterfaces+0x213/0x220 Read of size ...

5.5CVSS5.7AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•5 views

SUSE CVE-2026-23337

In the Linux kernel, the following vulnerability has been resolved: pinctrl: pinconf-generic: Fix memory leak in pinconfgenericparsedtconfig In pinconfgenericparsedtconfig, if parsedtcfg fails, it returns directly. This bypasses the cleanup logic and results in a memory leak of the cfg buffer. Fi...

5.5CVSS5.7AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•6 views

SUSE CVE-2026-23338

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Do not allow userspace to trivially triger kernel warnings Userspace can either deliberately pass in the too small numfences, or the required number can legitimately grow between the two calls to the userq wait...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23339

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free skb on ncitransceive early error paths ncitransceive takes ownership of the skb passed by the caller, but the -EPROTO, -EINVAL, and -EBUSY error paths return without freeing it. Due to issues clearing NCIDATAEXCHAN...

3.1CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:56 p.m.•7 views

SUSE CVE-2026-23340

In the Linux kernel, the following vulnerability has been resolved: net: sched: avoid qdiscresetalltxgt vs dequeue race for lockless qdiscs When shrinking the number of real tx queues, netifsetrealnumtxqueues calls qdiscresetalltxgt to flush qdiscs for queues which will no longer be used...

6.4CVSS5.7AI score0.00135EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23341

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix crash when destroying a suspended hardware context If userspace issues an ioctl to destroy a hardware context that has already been automatically suspended, the driver may crash because the mailbox channel...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23342

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix race in cpumap on PREEMPTRT On PREEMPTRT kernels, the per-CPU xdpbulkqueue bq can be accessed concurrently by multiple preemptible tasks on the same CPU. The original code assumes bqenqueue and cpumapflush run atomically...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23343

In the Linux kernel, the following vulnerability has been resolved: xdp: produce a warning when calculated tailroom is negative Many ethernet drivers report xdp Rx queue frag size as being the same as DMA write size. However, the only user of this field, namely bpfxdpfragsincreasetail, clearly...

5.5CVSS5.7AI score0.00129EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23344

In the Linux kernel, the following vulnerability has been resolved: crypto: ccp - Fix use-after-free on error path In the error path of sevtsminitlocked, the code dereferences 't' after it has been freed with kfree. The prerr statement attempts to access t-tioen and t-tioinitdone after the memory...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23345

In the Linux kernel, the following vulnerability has been resolved: arm64: gcs: Do not set PTESHARED on GCS mappings if FEATLPA2 is enabled When FEATLPA2 is enabled, bits 8-9 of the PTE replace the shareability attribute with bits 50-51 of the output address. The PAGEGCS,RO definitions include th...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23346

In the Linux kernel, the following vulnerability has been resolved: arm64: io: Extract user memory type in ioremapprot The only caller of ioremapprot outside of the generic ioremap implementation is genericaccessphys, which passes a 'pgprott' value determined from the user mapping of the target...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23347

In the Linux kernel, the following vulnerability has been resolved: can: usb: f81604: correctly anchor the urb in the read bulk callback When submitting an urb, that is using the anchor pattern, it needs to be anchored before submitting it otherwise it could be leaked if usbkillanchoredurbs is...

5.5CVSS5.7AI score0.00127EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•6 views

SUSE CVE-2026-23348

In the Linux kernel, the following vulnerability has been resolved: cxl: Fix race of nvdimmbus object when creating nvdimm objects Found issue during running of cxl-translate.sh unit test. Adding a 3s sleep right before the test seems to make the issue reproduce fairly consistently. The...

4.7CVSS5.7AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•4 views

SUSE CVE-2026-23349

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix condition effect bit clearing As reported by MPDarkGuy on discord, NULL pointer dereferences were happening because not all the conditional effects bits were cleared. Properly clear all conditional effect bits fro...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23350

In the Linux kernel, the following vulnerability has been resolved: drm/xe/queue: Call fini on exec queue creation fail Every call to queue init should have a corresponding fini call. Skipping this would mean skipping removal of the queue from GuC list which is part of gucid allocation. A damaged...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23351

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: split gc into unlink and reclaim phase Yiming Qian reports Use-after-free in the pipapo set type: Under a large number of expired elements, commit-time GC can run for a very long time in a non-preemptible...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23352

In the Linux kernel, the following vulnerability has been resolved: x86/efi: defer freeing of boot services memory efifreebootservices frees memory occupied by EFIBOOTSERVICESCODE and EFIBOOTSERVICESDATA using memblockfreelate. There are two issue with that: memblockfreelate should be used for...

5.5CVSS5.6AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23353

In the Linux kernel, the following vulnerability has been resolved: ice: fix crash in ethtool offline loopback test Since the conversion of ice to page pool, the ethtool loopback test crashes: BUG: kernel NULL pointer dereference, address: 000000000000000c PF: supervisor write access in kernel mo...

5.5CVSS5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23354

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Correct speculative safety in fredextint arrayindexnospec is no use if the result gets spilled to the stack, as it makes the believed safe-under-speculation value subject to memory predictions. For all practical purpose...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•5 views

SUSE CVE-2026-23355

In the Linux kernel, the following vulnerability has been resolved: ata: libata: cancel pending work after clearing deferredqc Syzbot reported a WARNON in atascsideferredqcwork, caused by ap-ops-qcdefer returning non-zero before issuing the deferred qc. atascsischeduledeferredqc is called during...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23356

In the Linux kernel, the following vulnerability has been resolved: drbd: fix "LOGIC BUG" in drbdalbeginiononblock Even though we check that we "should" be able to do lcgetcumulative while holding the device-allock spinlock, it may still fail, if some other code path decided to do lctrylock with...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23357

In the Linux kernel, the following vulnerability has been resolved: can: mcp251x: fix deadlock in error path of mcp251xopen The mcp251xopen function call freeirq in its error path with the mpclock mutex held. But if an interrupt already occurred the interrupt handler will be waiting for the mpclo...

5.5CVSS5.7AI score0.00099EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•7 views

SUSE CVE-2026-23358

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix error handling in slot reset If the device has not recovered after slot reset is called, it goes to out label for error handling. There it could make decision based on uninitialized hive pointer and could result i...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•8 views

SUSE CVE-2026-23359

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stack-out-of-bounds write in devmap getupperifindexes iterates over all upper devices and writes their indices into an array without checking bounds. Also the callers assume that the max number of upper devices is...

5.6CVSS5.8AI score0.00129EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/03/25 4:55 p.m.•9 views

SUSE CVE-2026-23360

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin queue leak on controller reset When nvmeallocadmintagset is called during a controller reset, a previous admin queue may still exist. Release it properly before allocating a new one to avoid orphaning the old queu...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References5
Total number of security vulnerabilities59854