Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23176

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshibahaps: Fix memory leaks in add/remove routines toshibahapsadd leaks the haps object allocated by it if it returns an error after allocating that object successfully. toshibahapsremove does not free the object...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23177

In the Linux kernel, the following vulnerability has been resolved: mm, shmem: prevent infinite loop on truncate race When truncating a large swap entry, shmemfreeswap returns 0 when the entry's index doesn't match the given index due to lookup alignment. The failure fallback path checks if the...

4.7CVSS5.3AI score0.00166EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23178

In the Linux kernel, the following vulnerability has been resolved: HID: i2c-hid: fix potential buffer overflow in i2chidgetreport i2chidxfer is used to read recvlen + sizeofle16 bytes of data into ihid-rawbuf. The former can come from the userspace in the hidraw driver and is only bounded by...

5.1CVSS5.6AI score0.00142EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•8 views

SUSE CVE-2026-23179

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fixup hang in nvmettcplistendataready When the socket is closed while in TCPLISTEN a callback is run to flush all outstanding packets, which in turns calls nvmettcplistendataready with the skcallbacklock held. So we ne...

5.5CVSS5.2AI score0.00167EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•4 views

SUSE CVE-2026-23180

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: add bounds check for ifid in IRQ handler The IRQ handler extracts ifid from the upper 16 bits of the hardware status register and uses it to index into ethsw-ports without validation. Since ifid can be any 16-bit...

7CVSS5.3AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23181

In the Linux kernel, the following vulnerability has been resolved: btrfs: sync read disk super and set block size When the user performs a btrfs mount, the block device is not set correctly. The user sets the block size of the block device to 0x4000 by executing the BLKBSZSET command. Since the...

5.6AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•8 views

SUSE CVE-2026-23182

In the Linux kernel, the following vulnerability has been resolved: spi: tegra: Fix a memory leak in tegraslinkprobe In tegraslinkprobe, when platformgetirq fails, it directly returns from the function with an error code, which causes a memory leak. Replace it with a goto label to ensure proper...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23183

In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: fix NULL pointer dereference when setting max An issue was triggered: BUG: kernel NULL pointer dereference, address: 0000000000000000 PF: supervisor read access in kernel mode PF: errorcode0x0000 - not-present page P...

5.2AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23184

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF in bindernetlinkreport Oneway transactions sent to frozen targets via binderproctransaction return a BRTRANSACTIONPENDINGFROZEN error but they are still treated as successful since the target is expected to thaw a...

7.8CVSS5.3AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23185

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mld: cancel mloscanstartwk mloscanstartwk is not canceled on disconnection. In fact, it is not canceled anywhere except in the restart cleanup, where we don't really have to. This can cause an init-after-queue issu...

7.8CVSS5.2AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23186

In the Linux kernel, the following vulnerability has been resolved: hwmon: acpipowermeter Fix deadlocks related to acpipowermeternotify The acpipowermeter driver's .notify callback function, acpipowermeternotify, calls hwmondeviceunregister under a lock that is also acquired by callbacks in sysfs...

5.5CVSS5.4AI score0.00088EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23187

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx8m-blk-ctrl: fix out-of-range access of bc-domains Fix out-of-range access of bc-domains in imx8mblkctrlremove...

5.5CVSS5.2AI score0.00117EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•5 views

SUSE CVE-2026-23188

In the Linux kernel, the following vulnerability has been resolved: net: usb: r8152: fix resume reset deadlock rtl8152 can trigger device reset during reset which potentially can result in a deadlock: DPM device timeout after 10 seconds; 15 seconds until panic Call Trace: schedule+0x483/0x1370...

5.5CVSS5.3AI score0.0009EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23189

In the Linux kernel, the following vulnerability has been resolved: ceph: fix NULL pointer dereference in cephmdsauthmatch The CephFS kernel client has regression starting from 6.18-rc1. We have issue in cephmdsauthmatch if fsname == NULL: const char fsname = mdsc-fsc-mountoptions-mdsnamespace;...

5.5CVSS5.3AI score0.00112EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•4 views

SUSE CVE-2026-23190

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: fix memory leak in acp3x pdm dma ops...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23191

In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of aloop driver tries to check the PCM state and stop the stream of the tied substream in the corresponding cable. Since both check and stop operations are...

7.1CVSS5.3AI score0.00113EPSS
Exploits0References45
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•8 views

SUSE CVE-2026-23192

In the Linux kernel, the following vulnerability has been resolved: linkwatch: use devput in callers to prevent UAF After linkwatchdodev calls devput to release the linkwatch reference, the device refcount may drop to 1. At this point, netdevruntodo can proceed since linkwatchsyncdev sees an empt...

7.8CVSS5.3AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•9 views

SUSE CVE-2026-23193

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsitdecsessionusagecount In iscsitdecsessionusagecount, the function calls complete while holding the sess-sessionusagelock. Similar to the connection usage count logic, the waiter...

5.8CVSS5.2AI score0.0024EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•5 views

SUSE CVE-2026-23194

In the Linux kernel, the following vulnerability has been resolved: rustbinder: correctly handle FDA objects of length zero Fix a bug where an empty FDA fd array object with 0 fds would cause an out-of-bounds error. The previous implementation used skip == 0 to mean "this is a pointer fixup", but...

7.8CVSS5.5AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•5 views

SUSE CVE-2026-23195

In the Linux kernel, the following vulnerability has been resolved: cgroup/dmem: avoid pool UAF An UAF issue was observed: BUG: KASAN: slab-use-after-free in pagecounteruncharge+0x65/0x150 Write of size 8 at addr ffff888106715440 by task insmod/527 CPU: 4 UID: 0 PID: 527 Comm: insmod...

7.8CVSS5.2AI score0.0011EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•5 views

SUSE CVE-2026-23196

In the Linux kernel, the following vulnerability has been resolved: HID: Intel-thc-hid: Intel-thc: Add safety check for reading DMA buffer Add DMA buffer readiness check before reading DMA buffer to avoid unexpected NULL pointer accessing...

5.5CVSS5.4AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•10 views

SUSE CVE-2026-23197

In the Linux kernel, the following vulnerability has been resolved: i2c: imx: preserve error state in block data length handler When a block read returns an invalid length, zero or I2CSMBUSBLOCKMAX, the length handler sets the state to IMXI2CSTATEFAILED. However, i2cimxmasterisr unconditionally...

5.5CVSS5.2AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23198

In the Linux kernel, the following vulnerability has been resolved: KVM: Don't clobber irqfd routing type when deassigning irqfd When deassigning a KVMIRQFD, don't clobber the irqfd's copy of the IRQ's routing entry as doing so breaks kvmarchirqbypassdelproducer on x86 and arm64, which explicitly...

4.7CVSS5.1AI score0.00124EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23199

In the Linux kernel, the following vulnerability has been resolved: procfs: avoid fetching build ID while holding VMA lock Fix PROCMAPQUERY to fetch optional build ID only after dropping mmaplock or per-VMA lock, whichever was used to lock VMA under question, to avoid deadlock reported by syzbot:...

5.5CVSS5.2AI score0.0009EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23200

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix ECMP sibling count mismatch when clearing RTFADDRCONF syzbot reported a kernel BUG in fib6addrt2node when adding an IPv6 route. 0 Commit f72514b3c569 "ipv6: clear RA flags when adding a static route" introduced logic to...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•6 views

SUSE CVE-2026-23201

In the Linux kernel, the following vulnerability has been resolved: ceph: fix oops due to invalid pointer for kfree in parselongname This fixes a kernel oops when reading ceph snapshot directories .snap, for example by simply running ls /mnt/myceph/.snap. The variable str is guarded by freekfree,...

5.5CVSS5.2AI score0.00112EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23202

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer in tegraqspicombinedseqxfer The currxfer field is read by the IRQ handler without holding the lock to check if a transfer is in progress. When clearing currxfer in the combined sequence transf...

7CVSS5.2AI score0.00111EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•7 views

SUSE CVE-2026-23203

In the Linux kernel, the following vulnerability has been resolved: net: cpswnew: Execute ndosetrxmode callback in a work queue Commit 1767bb2d47b7 "ipv6: mcast: Don't hold RTNL for IPV6ADDMEMBERSHIP and MCASTJOINGROUP." removed the RTNL lock for IPV6ADDMEMBERSHIP and MCASTJOINGROUP operations...

5.5CVSS5.5AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:25 a.m.•5 views

SUSE CVE-2026-23204

In the Linux kernel, the following vulnerability has been resolved: net/sched: clsu32: use skbheaderpointercareful skbheaderpointer does not fully validate negative @offset values. Use skbheaderpointercareful instead. GangMin Kim provided a report and a repro fooling u32classify: BUG: KASAN:...

7CVSS5.2AI score0.00117EPSS
Exploits0References125
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•4 views

SUSE CVE-2026-23205

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix memory leak in smb2openfile Reproducer: 1. server: directories are exported read-only 2. client: mount -t cifs //$serverip/export /mnt 3. client: dd if=/dev/zero of=/mnt/file bs=512 count=1000 oflag=direct 4...

3.3CVSS5.2AI score0.00114EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•6 views

SUSE CVE-2026-23206

In the Linux kernel, the following vulnerability has been resolved: dpaa2-switch: prevent ZEROSIZEPTR dereference when numifs is zero The driver allocates arrays for ports, FDBs, and filter blocks using kcalloc with ethsw-swattr.numifs as the element count. When the device reports zero interfaces...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•5 views

SUSE CVE-2026-23207

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Protect currxfer check in IRQ handler Now that all other accesses to currxfer are done under the lock, protect the currxfer NULL check in tegraqspiisrthread with the spinlock. Without this protection, the...

4.7CVSS5.2AI score0.00088EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•7 views

SUSE CVE-2026-23208

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Prevent excessive number of frames In this case, the user constructed the parameters with maxpacksize 40 for rate 22050 / pps 1000, and packsize0 22 packsize1 23. The buffer size for each data URB is maxpacksize...

5.8CVSS5.3AI score0.00121EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•12 views

SUSE CVE-2026-23209

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlancommonnewlink valis provided a nice repro to crash the kernel: ip link add p1 type veth peer p2 ip link set address 00:00:00:00:00:20 dev p1 ip link set up dev p1 ip link set up dev p2 ip lin...

7.8CVSS5.2AI score0.00119EPSS
Exploits0References155
SUSE CVE
SUSE CVE
•added 2026/02/16 12:24 a.m.•8 views

SUSE CVE-2026-23210

In the Linux kernel, the following vulnerability has been resolved: ice: Fix PTP NULL pointer dereference during VSI rebuild Fix race condition where PTP periodic work runs while VSI is being rebuilt, accessing NULL vsi-rxrings. The sequence was: 1. iceptpprepareforreset cancels PTP work 2...

4.7CVSS5.2AI score0.00106EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/15 12:24 a.m.•12 views

SUSE CVE-2026-2441

Use after free in CSS in Google Chrome prior to 145.0.7632.75 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. Chromium security severity: High...

8.8CVSS6.2AI score0.2202EPSS
Exploits12References3
SUSE CVE
SUSE CVE
•added 2026/02/15 12:24 a.m.•8 views

SUSE CVE-2026-24044

Element Server Suite Community Edition ESS Community deploys a Matrix stack using the provided Helm charts and Kubernetes distribution. The ESS Community Helm Chart secrets initialization hook using matrix-tools container before 0.5.7 is using an insecure Matrix server key generation method,...

9.2CVSS5.6AI score0.00278EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/02/14 1:57 a.m.•32 views

SUSE CVE-2020-37167

ClamAV versions prior to 0.103.0-rc contain a vulnerability in function name processing through the ClamBC bytecode interpreter that allows attackers to manipulate bytecode function names. Attackers can exploit the weak input validation in function name encoding to potentially execute malicious...

8.6CVSS5.9AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/14 12:25 a.m.•5 views

SUSE CVE-2026-2443

A flaw was identified in libsoup, a widely used HTTP library in GNOME-based systems. When processing specially crafted HTTP Range headers, the library may improperly validate requested byte ranges. In certain build configurations, this could allow a remote attacker to access portions of server...

5.3CVSS5.6AI score0.0043EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2026/02/14 12:24 a.m.•5 views

SUSE CVE-2026-23111

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: fix inverted genmask check in nftmapcatchallactivate nftmapcatchallactivate has an inverted element activity check compared to its non-catchall counterpart nftmapelemactivate and compared to what is logically...

7.8CVSS5.3AI score0.00344EPSS
Exploits7References104
SUSE CVE
SUSE CVE
•added 2026/02/14 12:24 a.m.•5 views

SUSE CVE-2026-23112

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds checks in nvmettcpbuildpduiovec nvmettcpbuildpduiovec could walk past cmd-req.sg when a PDU length or offset exceeds sgcnt and then use bogus sg-length/offset values, leading to copytoiter GPF/KASAN. Guard...

6.1CVSS5.2AI score0.00399EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/14 12:24 a.m.•4 views

SUSE CVE-2026-25949

Traefik is an HTTP reverse proxy and load balancer. Prior to 3.6.8, there is a potential vulnerability in Traefik managing STARTTLS requests. An unauthenticated client can bypass Traefik entrypoint respondingTimeouts.readTimeout by sending the 8-byte Postgres SSLRequest STARTTLS prelude and then...

7.5CVSS5.6AI score0.00709EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/14 12:23 a.m.•6 views

SUSE CVE-2026-25996

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. String fields from eBPF events in columns output mode are rendered to the terminal without any sanitization of control characters or ANSI escape sequences...

9.8CVSS5.6AI score0.0056EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/14 12:23 a.m.•5 views

SUSE CVE-2026-26076

ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce moderate increases 2-4 times above normal in cpu usage. When having NTS enabled on an ntpd-rs server, an attacker can create malformed NTS packets that take significantly more...

7.5CVSS5.6AI score0.00349EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/14 12:23 a.m.•6 views

SUSE CVE-2026-26157

A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities allows an attacker to craft malicious archives that when extracted, and under specific conditions, may write to files outside the intended directory. This can lead to arbitrary file overwrite, potentiall...

7CVSS6.2AI score0.00682EPSS
Exploits2References9
SUSE CVE
SUSE CVE
•added 2026/02/14 12:23 a.m.•6 views

SUSE CVE-2026-26158

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the intended extraction directory by crafting a malicious tar archive containing unvalidated hardlink or symlink entries. If the tar archive is extracted with elevated privileges, this flaw can lead to...

7CVSS5.5AI score0.0016EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/13 12:30 a.m.•4 views

SUSE CVE-2025-41117

Stack traces in Grafana's Explore Traces view can be rendered as raw HTML, and thus inject malicious JavaScript in the browser. This would require malicious JavaScript to be entered into the stack trace field. Only datasources with the Jaeger HTTP API appear to be affected; Jaeger gRPC and Tempo ...

6.8CVSS5.5AI score0.0026EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:28 a.m.•6 views

SUSE CVE-2025-69872

DiskCache python-diskcache through 5.6.3 uses Python pickle for serialization by default. An attacker with write access to the cache directory can achieve arbitrary code execution when a victim application reads from the cache...

9.8CVSS6.4AI score0.00521EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•3 views

SUSE CVE-2026-2003

Improper validation of type "oidvector" in PostgreSQL allows a database user to disclose a few bytes of server memory. We have not ruled out viability of attacks that arrange for presence of confidential information in disclosed bytes, but they seem unlikely. Versions before PostgreSQL 18.2, 17.8...

4.3CVSS5.6AI score0.00281EPSS
Exploits0References30
SUSE CVE
SUSE CVE
•added 2026/02/13 12:26 a.m.•6 views

SUSE CVE-2026-2004

Missing validation of type of input in PostgreSQL intarray extension selectivity estimator function allows an object creator to execute arbitrary code as the operating system user running the database. Versions before PostgreSQL 18.2, 17.8, 16.12, 15.16, and 14.21 are affected...

8.8CVSS6.1AI score0.00785EPSS
Exploits0References35
Total number of security vulnerabilities59854