Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•6 views

SUSE CVE-2026-23219

In the Linux kernel, the following vulnerability has been resolved: mm/slab: Add alloctaggingslabfreehook for memcgallocabortsingle When CONFIGMEMALLOCPROFILINGDEBUG is enabled, the following warning may be noticed: 3959.023862 ------------ cut here ------------ 3959.023891 alloctag was not clear...

5.5CVSS5.6AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•8 views

SUSE CVE-2026-23220

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix infinite loop caused by nextsmb2rcvhdroff reset in error paths The problem occurs when a signed request fails smb2 signature verification check. In processrequest, if checksignreq returns an error, setsmb2rspstatuswork...

7.5CVSS5.7AI score0.00118EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•5 views

SUSE CVE-2026-23221

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: fix use-after-free in driveroverrideshow The driveroverrideshow function reads the driveroverride string without holding the devicelock. However, driveroverridestore uses driversetoverride, which modifies and frees t...

5.3CVSS5.7AI score0.00121EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•6 views

SUSE CVE-2026-23222

In the Linux kernel, the following vulnerability has been resolved: crypto: omap - Allocate OMAPCRYPTOFORCECOPY scatterlists correctly The existing allocation of scatterlists in omapcryptocopysglists was allocating an array of scatterlist pointers, not scatterlist objects, resulting in a 4x too...

6.5CVSS5.7AI score0.00127EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•4 views

SUSE CVE-2026-23223

In the Linux kernel, the following vulnerability has been resolved: xfs: fix UAF in xchkbtreecheckblockowner We cannot dereference bs-cur when trying to determine if bs-cur aliases bs-sc-sa.bno,rmapcur after the latter has been freed. Fix this by sampling before type before any freeing could...

6.5CVSS5.7AI score0.0012EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•5 views

SUSE CVE-2026-23224

In the Linux kernel, the following vulnerability has been resolved: erofs: fix UAF issue for file-backed mounts w/ directio option 9.269940 T3222 Call trace: 9.269948 T3222 ext4filereaditer+0xac/0x108 9.269979 T3222 vfsiocbiterread+0xac/0x198 9.269993 T3222 erofsfileiorqsubmit+0x12c/0x180 9.27000...

7CVSS5.6AI score0.00124EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•7 views

SUSE CVE-2026-23225

In the Linux kernel, the following vulnerability has been resolved: sched/mmcid: Don't assume CID is CPU owned on mode switch Shinichiro reported a KASAN UAF, which is actually an out of bounds access in the MMCID management code. CPU0 CPU1 T1 runs in userspace T0: forkT4 - Switch to per CPU CID...

5.3CVSS5.7AI score0.00113EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•4 views

SUSE CVE-2026-23226

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add channlock to protect ksmbdchannlist xarray ksmbdchannlist xarray lacks synchronization, allowing use-after-free in multi-channel sessions between lookupchannlist and ksmbdchanndel. Adds rwsemaphore channlock to struct...

5.5CVSS6.6AI score0.00423EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•9 views

SUSE CVE-2026-23227

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: vidi: use ctx-lock to protect struct vidicontext member variables related to memory alloc/free Exynos Virtual Display driver performs memory alloc/free operations without lock protection, which easily causes concurren...

7CVSS5.7AI score0.00152EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•4 views

SUSE CVE-2026-23228

In the Linux kernel, the following vulnerability has been resolved: smb: server: fix leak of activenumconn in ksmbdtcpnewconnection On kthreadrun failure in ksmbdtcpnewconnection, the transport is freed via freetransport, which does not decrement activenumconn, leaking this counter. Replace...

5.3CVSS5.7AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•6 views

SUSE CVE-2026-23229

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio - Add spinlock protection with virtqueue notification When VM boots with one virtio-crypto PCI device and builtin backend, run openssl benchmark command with multiple processes, such as openssl speed -evp aes-128-c...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/19 12:26 a.m.•5 views

SUSE CVE-2026-23230

In the Linux kernel, the following vulnerability has been resolved: smb: client: split cachedfid bitfields to avoid shared-byte RMW races isopen, haslease and onlist are stored in the same bitfield byte in struct cachedfid but are updated in different code paths that may run concurrently. Bitfiel...

5.8CVSS5.7AI score0.00218EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•4 views

SUSE CVE-2026-24733

Improper Input Validation vulnerability in Apache Tomcat. Tomcat did not limit HTTP/0.9 requests to the GET method. If a security constraint was configured to allow HEAD requests to a URI but deny GET requests, the user could bypass that constraint on GET requests by sending a specification inval...

6.5CVSS5.8AI score0.00494EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•4 views

SUSE CVE-2026-24734

Improper Input Validation vulnerability in Apache Tomcat Native, Apache Tomcat. When using an OCSP responder, Tomcat Native and Tomcat's FFM port of the Tomcat Native code did not complete verification or freshness checks on the OCSP response which could allow certificate revocation to be bypasse...

6.8CVSS5.7AI score0.00498EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•9 views

SUSE CVE-2026-25087

Use After Free vulnerability in Apache Arrow C++. This issue affects Apache Arrow C++ from 15.0.0 through 23.0.0. It can be triggered when reading an Arrow IPC file but not an IPC stream with pre-buffering enabled, if the IPC file contains data with variadic buffers such as Binary View and String...

7CVSS5.8AI score0.00807EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•5 views

SUSE CVE-2026-25701

An Insecure Temporary File vulnerability in openSUSE sdbootutil allows local users to pre-create a directory to achieve various effects like: gain access to possible private information found in /var/lib/pcrlock.d manipulate the data backed up in /tmp/pcrlock.d.bak, therefore violating the...

7.3CVSS5.7AI score0.00108EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/19 12:25 a.m.•3 views

SUSE CVE-2026-27171

zlib before 1.3.2 allows CPU consumption via crc32combine64 and crc32combinegen64 because x2nmodp can do right shifts within a loop that has no termination condition...

5.3CVSS5.8AI score0.00204EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/02/18 12:27 a.m.•6 views

SUSE CVE-2025-67860

A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users...

3.8CVSS5.7AI score0.00091EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/18 12:26 a.m.•4 views

SUSE CVE-2026-2474

Crypt::URandom versions from 0.41 before 0.55 for Perl is vulnerable to a heap buffer overflow in the XS function crypturandomgetrandom. The function does not validate that the length parameter is non-negative. If a negative value e.g. -1 is supplied, the expression length + 1u causes an integer...

7.5CVSS6AI score0.00295EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/02/18 12:26 a.m.•4 views

SUSE CVE-2026-2574

unknown...

5.8AI score
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:26 a.m.•2 views

SUSE CVE-2026-2604

A flaw was found in evolution-data-server. Inconsistent comparison logic in the addressbook file backend allows a Flatpak application with D-Bus access to craft a malicious URI containing directory traversal sequences. This URI is stored without proper validation during contact creation or...

5.6CVSS5.5AI score0.00189EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23114

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: ptrace: Fix SVE writes on !SME systems When SVE is supported but SME is not supported, a ptrace write to the NTARMSVE regset can place the tracee into an invalid state where non-streaming SVE register data is stored...

5.5CVSS5.7AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•5 views

SUSE CVE-2026-23115

In the Linux kernel, the following vulnerability has been resolved: serial: Fix not set tty-port race condition Revert commit bfc467db60b7 "serial: remove redundant ttyportlinkdevice" because the ttyportlinkdevice is not redundant: the tty-port has to be confured before we call uartconfigureport,...

4.7CVSS5.6AI score0.00074EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23116

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: Remove separate rst and clk mask for 8mq vpu For i.MX8MQ platform, the ADB in the VPUMIX domain has no separate reset and clock enable bits, but is ungated and reset together with the VPUs. So we can't...

5.5CVSS5.7AI score0.00114EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23118

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix data-race warning and potential load/store tearing Fix the following: BUG: KCSAN: data-race in rxrpcpeerkeepaliveworker / rxrpcsenddatapacket which is reporting an issue with the reads and writes to -lasttxat in:...

4.7CVSS5.7AI score0.00086EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23119

In the Linux kernel, the following vulnerability has been resolved: bonding: provide a net pointer to skbflowdissect After 3cbf4ffba5ee "net: plumb network namespace into skbflowdissect" we have to provide a net pointer to skbflowdissect, either via skb-dev, skb-sk, or a user provided pointer. In...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23120

In the Linux kernel, the following vulnerability has been resolved: l2tp: avoid one data-race in l2tptunneldelwork We should read sk-sksocket only when dealing with kernel sockets. syzbot reported the following data-race: BUG: KCSAN: data-race in l2tptunneldelwork / skcommonrelease write to...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23121

In the Linux kernel, the following vulnerability has been resolved: mISDN: annotate data-race around dev-work dev-work can re read locklessly in mISDNread and mISDNpoll. Add READONCE/WRITEONCE annotations. BUG: KCSAN: data-race in mISDNioctl / mISDNread write to 0xffff88812d848280 of 4 bytes by...

7CVSS5.9AI score0.00119EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•7 views

SUSE CVE-2026-23122

In the Linux kernel, the following vulnerability has been resolved: igc: Reduce TSN TX packet buffer from 7KB to 5KB per queue The previous 7 KB per queue caused TX unit hangs under heavy timestamping load. Reducing to 5 KB avoids these hangs and matches the TSN recommendation in I225/I226 SW Use...

5.5CVSS5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23123

In the Linux kernel, the following vulnerability has been resolved: interconnect: debugfs: initialize srcnode and dstnode to empty strings The debugfscreatestr API assumes that the string pointer is either NULL or points to valid kmalloc memory. Leaving the pointer uninitialized can cause problem...

5.5CVSS5.7AI score0.00119EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23125

In the Linux kernel, the following vulnerability has been resolved: sctp: move SCTPCMDASSOCSHKEY right after SCTPCMDPEERINIT A null-ptr-deref was reported in the SCTP transmit path when SCTP-AUTH key initialization fails: ================================================================== KASAN:...

5.5CVSS5.9AI score0.00114EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•5 views

SUSE CVE-2026-23126

In the Linux kernel, the following vulnerability has been resolved: netdevsim: fix a race issue related to the operation on bpfboundprogs list The netdevsim driver lacks a protection mechanism for operations on the bpfboundprogs list. When the nsimbpfcreateprog performs listaddtail, it is possibl...

4.7CVSS5.7AI score0.00086EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•5 views

SUSE CVE-2026-23127

In the Linux kernel, the following vulnerability has been resolved: perf: Fix refcount warning on event-mmapcount increment When calling refcountinc&event-mmapcount inside perfmmaprb, the following warning is triggered: refcountt: addition on 0; use-after-free. WARNING: lib/refcount.c:25 PoC:...

5.5CVSS5.6AI score0.00105EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23128

In the Linux kernel, the following vulnerability has been resolved: arm64: Set nocfi on swsusparchresume A DABT is reported1 on an android based system when resume from hiberate. This happens because swsusparchsuspendexit is marked with SYMCODE and does not have a CFI hash, but swsusparchresume...

5.5CVSS5.8AI score0.00114EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•6 views

SUSE CVE-2026-23129

In the Linux kernel, the following vulnerability has been resolved: dpll: Prevent duplicate registrations Modify the internal registration helpers dpllxarefdpll,pinadd to reject duplicate registration attempts. Previously, if a caller attempted to register the same pin multiple times with the sam...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•5 views

SUSE CVE-2026-23132

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: synopsys: dw-dp: fix error paths of dwdpbind Fix several issues in dwdpbind error handling: 1. Missing return after drmbridgeattach failure - the function continued execution instead of returning an error. 2. Resource...

5.5CVSS5.8AI score0.00116EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23134

In the Linux kernel, the following vulnerability has been resolved: slab: fix kmallocnolock context check for PREEMPTRT On PREEMPTRT kernels, locallock becomes a sleeping lock. The current check in kmallocnolock only verifies we're not in NMI or hard IRQ context, but misses the case where...

5.5CVSS5.7AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23136

In the Linux kernel, the following vulnerability has been resolved: libceph: reset sparse-read state in osdfault When a fault occurs, the connection is abandoned, reestablished, and any pending operations are retried. The OSD client tracks the progress of a sparse-read reply using a separate stat...

5.5CVSS5.7AI score0.0028EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•4 views

SUSE CVE-2026-23138

In the Linux kernel, the following vulnerability has been resolved: tracing: Add recursion protection in kernel stack trace recording A bug was reported about an infinite recursion caused by tracing the rcu events with the kernel stack trace trigger enabled. The stack trace code called back into...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•3 views

SUSE CVE-2026-23139

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: update lastgc only when GC has been performed Currently lastgc is being updated everytime a new connection is tracked, that means that it is updated even if a GC wasn't performed. With a sufficiently high...

5.5CVSS5.9AI score0.00327EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/18 12:25 a.m.•3 views

SUSE CVE-2026-23140

In the Linux kernel, the following vulnerability has been resolved: bpf, testrun: Subtract size of xdpframe from allowed metadata size The xdpframe structure takes up part of the XDP frame headroom, limiting the size of the metadata. However, in bpftestrun, we don't take this into account, which...

5.5CVSS5.7AI score0.00122EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/02/17 12:26 a.m.•27 views

SUSE CVE-2025-71200

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci-of-dwcmshc: Prevent illegal clock reduction in HS200/HS400 mode When operating in HS200 or HS400 timing modes, reducing the clock frequency below 52MHz will lead to link broken as the Rockchip DWC MSHC controller...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/17 12:26 a.m.•9 views

SUSE CVE-2025-71201

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix early read unlock of page with EOF in middle The read result collection for buffered reads seems to run ahead of the completion of subrequests under some circumstances, as can be seen in the following log snippet:...

5.5CVSS5.3AI score0.00117EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/17 12:25 a.m.•5 views

SUSE CVE-2026-21985

unknown...

6CVSS7.2AI score0.00236EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•15 views

SUSE CVE-2026-23117

In the Linux kernel, the following vulnerability has been resolved: ice: add missing icedeinithw in devlink reinit path devlink-reload results in iceinithw failed error, and then removing the ice driver causes a NULL pointer dereference. +0.102213 ice 0000:ca:00.0: iceinithw failed: -16...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•24 views

SUSE CVE-2026-23130

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dead lock while flushing management frames Commit 1 converted the management transmission work item into a wiphy work. Since a wiphy work can only run under wiphy lock protection, a race condition happens in bel...

5.5CVSS5.1AI score0.0008EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•11 views

SUSE CVE-2026-23133

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...

4.7CVSS5.3AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•9 views

SUSE CVE-2026-23135

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix dmafreecoherent pointer dmaalloccoherent allocates a DMA mapped buffer and stores the addresses in XXXunaligned fields. Those should be reused when freeing the buffer rather than the aligned addresses...

4.7CVSS5.3AI score0.00122EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/17 12:24 a.m.•19 views

SUSE CVE-2026-23137

In the Linux kernel, the following vulnerability has been resolved: of: unittest: Fix memory leak in unittestdataadd In unittestdataadd, if ofresolvephandles fails, the allocated unittestdata is not freed, leading to a memory leak. Fix this by using scope-based cleanup helper freekfree for...

4.4CVSS5.2AI score0.00107EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/17 12:23 a.m.•7 views

SUSE CVE-2026-26269

Vim is an open source, command line text editor. Prior to 9.1.2148, a stack buffer overflow vulnerability exists in Vim's NetBeans integration when processing the specialKeys command, affecting Vim builds that enable and use the NetBeans feature. The Stack buffer overflow exists in specialkeys in...

5.4CVSS5.7AI score0.00284EPSS
Exploits0References13
Total number of security vulnerabilities59854