Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•6 views

SUSE CVE-2025-71194

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock in waitcurrenttrans due to ignored transaction type When waitcurrenttrans is called during starttransaction, it currently waits for a blocked transaction without considering whether the given transaction type...

4.7CVSS5.3AI score0.00173EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•6 views

SUSE CVE-2025-71195

In the Linux kernel, the following vulnerability has been resolved: dmaengine: xilinx: xdma: Fix regmap maxregister The maxregister field is assigned the size of the register memory region instead of the offset of the last register. The result is that reading from the regmap via debugfs can cause...

5.5CVSS5.2AI score0.00168EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•6 views

SUSE CVE-2025-71196

In the Linux kernel, the following vulnerability has been resolved: phy: stm32-usphyc: Fix off by one in probe The "index" variable is used as an index into the usbphyc-phys array which has usbphyc-nphys elements. So if it is equal to usbphyc-nphys then it is one element out of bounds. The "index...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•8 views

SUSE CVE-2025-71197

In the Linux kernel, the following vulnerability has been resolved: w1: therm: Fix off-by-one buffer overflow in alarmsstore The sysfs buffer passed to alarmsstore is allocated with 'size + 1' bytes and a NUL terminator is appended. However, the 'size' argument does not account for this extra byt...

5.1CVSS5.6AI score0.00191EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•7 views

SUSE CVE-2025-71198

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix iiochanspec for sensors without event detection The stlsm6dsxaccchannels array of struct iiochanspec has a non-NULL eventspec field, indicating support for IIO events. However, event detection is not...

4.4CVSS5.2AI score0.00168EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•5 views

SUSE CVE-2025-71199

In the Linux kernel, the following vulnerability has been resolved: iio: adc: at91-sama5d2adc: Fix potential use-after-free in sama5d2adc driver at91adcinterrupt can call at91adctouchdatahandler function to start the work by schedulework&st-touchst.workq. If we remove the module which will call...

4.4CVSS5.2AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•10 views

SUSE CVE-2026-1207

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. Raster lookups on RasterField only implemented on PostGIS allows remote attackers to inject SQL via the band index parameter. Earlier, unsupported Django series such as 5.0.x, 4.1.x, and 3.2.x were not evaluate...

8.1CVSS5.6AI score0.09436EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•4 views

SUSE CVE-2026-1285

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. django.utils.text.Truncator.chars and Truncator.words methods with html=True and the truncatecharshtml and truncatewordshtml template filters allow a remote attacker to cause a potential denial-of-service via...

7.5CVSS5.4AI score0.00993EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•7 views

SUSE CVE-2026-1287

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. FilteredRelation is subject to SQL injection in column aliases via control characters, using a suitably crafted dictionary, with dictionary expansion, as the kwargs passed to QuerySet methods annotate, aggregat...

8.1CVSS5.5AI score0.00754EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/02/05 12:27 a.m.•7 views

SUSE CVE-2026-1312

An issue was discovered in 6.0 before 6.0.2, 5.2 before 5.2.11, and 4.2 before 4.2.28. .QuerySet.orderby is subject to SQL injection in column aliases containing periods when the same alias is, using a suitably crafted dictionary, with dictionary expansion, used in FilteredRelation. Earlier,...

8.1CVSS5.5AI score0.00802EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•9 views

SUSE CVE-2026-1642

A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side-along with conditions beyond the attacker's control-may be able to inject plain text data in...

5.9CVSS5.5AI score0.00339EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•4 views

SUSE CVE-2026-1801

A flaw was found in libsoup, an HTTP client/server library. This HTTP Request Smuggling vulnerability arises from non-RFC-compliant parsing in the soupfilterinputstreamreadline logic, where libsoup accepts malformed chunk headers, such as lone line feed LF characters instead of the required...

5.3CVSS5.5AI score0.00376EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•7 views

SUSE CVE-2026-1861

Heap buffer overflow in libvpx in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.7AI score0.00413EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•6 views

SUSE CVE-2026-1862

Type Confusion in V8 in Google Chrome prior to 144.0.7559.132 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS5.4AI score0.00579EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:26 a.m.•8 views

SUSE CVE-2026-23040

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211hwsim: fix typo in frequency notification The NAN notification is for 5745 MHz which corresponds to channel 149 and not 5475 which is not actually a valid channel. This could result in a NULL pointer dereference in...

5.2AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•4 views

SUSE CVE-2026-23041

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer crash in bnxtptpenable during error cleanup When bnxtinitone fails during initialization e.g., bnxtinitintmode returns -ENODEV, the error path calls bnxtfreehwrmresources which destroys the DMA pool and...

5.2AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23042

In the Linux kernel, the following vulnerability has been resolved: idpf: fix aux device unplugging when rdma is not supported by vport If vport flags do not contain VIRTCHNL2VPORTENABLERDMA, driver does not allocate vdevinfo for this vport. This leads to kernel NULL pointer dereference in...

4.4CVSS5.2AI score0.00145EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23043

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL pointer dereference in doabortlogreplay Coverity reported a NULL pointer dereference issue CID 1666756 in doabortlogreplay. When btrfsallocpath fails in replayonebuffer, wc-subvolpath is NULL, but...

5.2AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23044

In the Linux kernel, the following vulnerability has been resolved: PM: hibernate: Fix crash when freeing invalid crypto compressor When cryptoallocacomp fails, it returns an ERRPTR value, not NULL. The cleanup code in savecompressedimage and loadcompressedimage unconditionally calls...

5.4AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23045

In the Linux kernel, the following vulnerability has been resolved: net/ena: fix missing lock when update devlink params Fix assert lock warning while calling devlparamdriverinitvalueset in ena. WARNING: net/devlink/core.c:261 at devlassertlocked+0x62/0x90, CPU0: kworker/0:0/9 CPU: 0 UID: 0 PID: ...

5.1AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•9 views

SUSE CVE-2026-23046

In the Linux kernel, the following vulnerability has been resolved: virtionet: fix device mismatch in devmkzalloc/devmkfree Initial rsshdr allocation uses virtiodevice-device, but virtnetsetqueues frees using netdevice-device. This device mismatch causing below devres warning 3788.514041...

5.1AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23047

In the Linux kernel, the following vulnerability has been resolved: libceph: make calctarget set t-paused, not just clear it Currently calctarget clears t-paused if the request shouldn't be paused anymore, but doesn't ever set t-paused even though it's able to determine when the request should be...

5.5CVSS5.2AI score0.00161EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23048

In the Linux kernel, the following vulnerability has been resolved: udp: call skborphan before skbattemptdeferfree Standard UDP receive path does not use skb-destructor. But skmsg layer does use it, since it calls skbsetownersksafe from udpreadskb. This then triggers this warning in...

5.1AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•8 views

SUSE CVE-2026-23049

In the Linux kernel, the following vulnerability has been resolved: drm/panel-simple: fix connector type for DataImage SCF0700C48GGU18 panel The connector type for the DataImage SCF0700C48GGU18 panel is missing and devmdrmpanelbridgeadd requires connector type to be set. This leads to a warning a...

5.5CVSS5.2AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23050

In the Linux kernel, the following vulnerability has been resolved: pNFS: Fix a deadlock when returning a delegation during open Ben Coddington reports seeing a hang in the following stack trace: 0 ffffd0b50e1774e0 schedule at ffffffff9ca05415 1 ffffd0b50e177548 schedule at ffffffff9ca05717 2...

4.7CVSS5.2AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23051

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix drm panic null pointer when driver not support atomic When driver not support atomic, fb using plane-fb rather than plane-state-fb. cherry picked from commit 2f2a72de673513247cd6fae14e53f6c40c5841ef...

5.1AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23052

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not over-allocate ftrace memory The pgremaining calculation in ftraceprocesslocs assumes that ENTRIESPERPAGE multiplied by 2^order equals the actual capacity of the allocated page group. However, ENTRIESPERPAGE is...

5.2AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23053

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix a deadlock involving nfsreleasefolio Wang Zhaolong reports a deadlock involving NFSv4.1 state recovery waiting on kthreadd, which is attempting to reclaim memory by calling nfsreleasefolio. The latter cannot make progres...

4.7CVSS5.2AI score0.00168EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23054

In the Linux kernel, the following vulnerability has been resolved: net: hvnetvsc: reject RSS hash key programming without RX indirection table RSS configuration requires a valid RX indirection table. When the device reports a single receive queue, rndisfilterdeviceadd does not allocate an...

5.5CVSS5.2AI score0.00168EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•3 views

SUSE CVE-2026-23055

In the Linux kernel, the following vulnerability has been resolved: i2c: riic: Move suspend handling to NOIRQ phase Commit 53326135d0e0 "i2c: riic: Add suspend/resume support" added suspend support for the Renesas I2C driver and following this change on RZ/G3E the following WARNING is seen on...

5.5CVSS5.2AI score0.00166EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23056

In the Linux kernel, the following vulnerability has been resolved: uacce: implement mremap in uaccevmops to return -EPERM The current uaccevmops does not support the mremap operation of vmoperationsstruct. Implement .mremap to return -EPERM to remind users. The reason we need to explicitly disab...

6.3CVSS5.2AI score0.00177EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23057

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Coalesce only linear skb vsock/virtio common tries to coalesce buffers in rx queue: if a linear skb with a spare tail room is followed by a small skb length limited by GOODCOPYLEN = 128, an attempt is made to join...

6.6CVSS5.2AI score0.00166EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23058

In the Linux kernel, the following vulnerability has been resolved: can: emsusb: emsusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In emsusbopen, the URBs for USB-in transfers are allocated,...

3.3CVSS5.1AI score0.00173EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23059

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Sanitize payload size to prevent member overflow In qla27xxcopyfpinpkt and qla27xxcopymultiplepkt, the framesize reported by firmware is used to calculate the copy length into item-iocb. However, the iocb member is...

5.3CVSS5.2AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•17 views

SUSE CVE-2026-23060

In the Linux kernel, the following vulnerability has been resolved: crypto: authencesn - reject too-short AAD assoclen8 to match ESP/ESN spec authencesn assumes an ESP/ESN-formatted AAD. When assoclen is shorter than the minimum expected length, cryptoauthencesndecrypt can advance past the end of...

6.5CVSS5.2AI score0.00123EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•3 views

SUSE CVE-2026-23061

In the Linux kernel, the following vulnerability has been resolved: can: kvaserusb: kvaserusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In kvaserusbset,databittiming - kvaserusbsetuprxurbs, t...

4.7CVSS5.1AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23062

In the Linux kernel, the following vulnerability has been resolved: platform/x86: hp-bioscfg: Fix kernel panic in GETINSTANCEID macro The GETINSTANCEID macro that caused a kernel panic when accessing sysfs attributes: 1. Off-by-one error: The loop condition used 'name without checking if...

6.1CVSS5.3AI score0.00122EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23063

In the Linux kernel, the following vulnerability has been resolved: uacce: ensure safe queue release with state management Directly calling putqueue carries risks since it cannot guarantee that resources of uaccequeue have been fully released beforehand. So adding a stopqueue operation for the...

5.5CVSS5.2AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•8 views

SUSE CVE-2026-23064

In the Linux kernel, the following vulnerability has been resolved: net/sched: actife: avoid possible NULL deref tcfifeencode must make sure ifeencode does not return NULL. syzbot reported: Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 SMP KASAN NOP...

4.4CVSS5.1AI score0.00123EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23065

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: Fix memory leak in wbrfrecord The tmp buffer is allocated using kcalloc but is not freed if acpievaluatedsm fails. This causes a memory leak in the error path. Fix this by explicitly freeing the tmp buffer in th...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23066

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix recvmsg unconditional requeue If rxrpcrecvmsg fails because MSGDONTWAIT was specified but the call at the front of the recvmsg queue already has its mutex locked, it requeues the call - whether or not the call is alrea...

7CVSS5.2AI score0.00129EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23067

In the Linux kernel, the following vulnerability has been resolved: iommu/io-pgtable-arm: fix sizet signedness bug in unmap path armlpaeunmap returns sizet but was returning -ENOENT negative error code when encountering an unmapped PTE. Since sizet is unsigned, -ENOENT typically -2 becomes a huge...

5.5CVSS5.3AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23068

In the Linux kernel, the following vulnerability has been resolved: spi: spi-sprd-adi: Fix double free in probe error path The driver currently uses spiallochost to allocate the controller but registers it using devmspiregistercontroller. If devmregisterrestarthandler fails, the code jumps to the...

4.4CVSS5.3AI score0.00129EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23069

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix potential underflow in virtiotransportgetcredit The credit calculation in virtiotransportgetcredit uses unsigned arithmetic: ret = vvs-peerbufalloc - vvs-txcnt - vvs-peerfwdcnt; If the peer shrinks its advertise...

4.7CVSS5.4AI score0.00127EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23070

In the Linux kernel, the following vulnerability has been resolved: Octeontx2-af: Add proper checks for fwdata firmware populates MAC address, link modes supported, advertised and EEPROM data in shared firmware structure which kernel access via MAC blockCGX/RPM. Accessing fwdata, on boards booted...

5.5CVSS5.1AI score0.00121EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•4 views

SUSE CVE-2026-23071

In the Linux kernel, the following vulnerability has been resolved: regmap: Fix race condition in hwspinlock irqsave routine Previously, the address of the shared member '&map-spinlockflags' was passed directly to 'hwspinlocktimeoutirqsave'. This creates a race condition where multiple contexts...

5.5CVSS5.2AI score0.001EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23072

In the Linux kernel, the following vulnerability has been resolved: l2tp: Fix memleak in l2tpudpencaprecv. syzbot reported memleak of struct l2tpsession, l2tptunnel, sock, etc. 0 The cited commit moved down the validation of the protocol version in l2tpudpencaprecv. The new place requires an extr...

5.5CVSS5.2AI score0.00121EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•5 views

SUSE CVE-2026-23073

In the Linux kernel, the following vulnerability has been resolved: wifi: rsi: Fix memory corruption due to not set vif driver data size The struct ieee80211vif contains trailing space for vif driver data, when struct ieee80211vif is allocated, the total memory size that is allocated is...

5.5CVSS5.3AI score0.0013EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•7 views

SUSE CVE-2026-23075

In the Linux kernel, the following vulnerability has been resolved: can: esdusb: esdusbreadbulkcallback: fix URB memory leak Fix similar memory leak as in commit 7352e1d5932a "can: gsusb: gsusbreceivebulkcallback: fix URB memory leak". In esdusbopen, the URBs for USB-in transfers are allocated,...

5.5CVSS5.1AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/05 12:25 a.m.•6 views

SUSE CVE-2026-23076

In the Linux kernel, the following vulnerability has been resolved: ALSA: ctxfi: Fix potential OOB access in audio mixer handling In the audio mixer handling code of ctxfi driver, the conf field is used as a kind of loop index, and it's referred in the index callbacks amixerindex and sumindex. As...

5.4CVSS5.3AI score0.00126EPSS
Exploits0References19
Total number of security vulnerabilities59854