Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•10 views

SUSE CVE-2025-71181

In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...

5.5CVSS5.7AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•4 views

SUSE CVE-2025-71182

In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...

5.3CVSS5.8AI score0.00156EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•6 views

SUSE CVE-2025-71183

In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename exchanging either with the rename exchange operation or regular renames in multiple non-atomic steps two inodes and at least one of them is a directory,...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•6 views

SUSE CVE-2025-71184

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...

5.5CVSS5.8AI score0.00118EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•5 views

SUSE CVE-2025-71185

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•5 views

SUSE CVE-2025-71186

In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent i...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•20 views

SUSE CVE-2025-71187

In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...

5.5CVSS5.7AI score0.00157EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•7 views

SUSE CVE-2025-71188

In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...

5.5CVSS5.7AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•7 views

SUSE CVE-2025-71189

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...

3.3CVSS5.8AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•5 views

SUSE CVE-2025-71190

In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind...

3.3CVSS5.7AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•3 views

SUSE CVE-2025-71191

In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 "dmaengine: athdmac...

3.3CVSS5.7AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•12 views

SUSE CVE-2026-23015

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•16 views

SUSE CVE-2026-23016

In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•6 views

SUSE CVE-2026-23017

In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...

5.5CVSS5.7AI score0.00132EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:24 a.m.•20 views

SUSE CVE-2026-23018

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...

4.7CVSS5.8AI score0.001EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•5 views

SUSE CVE-2026-23019

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•5 views

SUSE CVE-2026-23020

In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...

5.5CVSS5.7AI score0.00115EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•6 views

SUSE CVE-2026-23021

In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...

3.3CVSS5.8AI score0.00149EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•15 views

SUSE CVE-2026-23022

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvccoredeinit Make sure to free hw-lanregs. Reported by kmemleak during reset: unreferenced object 0xff1b913d02a936c0 size 96: comm "kworker/u258:14", pid 2174, jiffies 4294958305 hex dump first 32...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•5 views

SUSE CVE-2026-23023

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvportrel Free vport-rxptypelkup in idpfvportrel to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 size 4096: comm "kworker/u258:5", pid 7732, jiffies...

3.3CVSS5.8AI score0.00147EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•9 views

SUSE CVE-2026-23024

In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Module removal with active entries causes memory leak as th...

3.3CVSS5.8AI score0.00132EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•4 views

SUSE CVE-2026-23025

In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...

7.8CVSS5.8AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•8 views

SUSE CVE-2026-23026

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...

2.5CVSS5.8AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•8 views

SUSE CVE-2026-23027

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...

5.7AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•7 views

SUSE CVE-2026-23028

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...

5.7AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•11 views

SUSE CVE-2026-23029

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy is not currently doing...

5.7AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•9 views

SUSE CVE-2026-23030

In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop. After breaking from the loop with the childnp has been released, the...

4.7CVSS5.8AI score0.00217EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•5 views

SUSE CVE-2026-23031

In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...

4.4CVSS5.8AI score0.00197EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•7 views

SUSE CVE-2026-23032

In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...

5.7AI score0.00206EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•8 views

SUSE CVE-2026-23033

In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...

3.3CVSS5.8AI score0.00202EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•19 views

SUSE CVE-2026-23034

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer holds an extra dmafence reference. When the queue is destroyed, we free...

5.8AI score0.00177EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•7 views

SUSE CVE-2026-23035

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...

5.5CVSS5.8AI score0.00209EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•20 views

SUSE CVE-2026-23036

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...

5.8AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•8 views

SUSE CVE-2026-23037

In the Linux kernel, the following vulnerability has been resolved: can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58xopen to return early,...

3.3CVSS5.7AI score0.00217EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•5 views

SUSE CVE-2026-23038

In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...

3.3CVSS5.8AI score0.00222EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/02/01 12:23 a.m.•13 views

SUSE CVE-2026-23039

In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...

5.8AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/31 12:47 a.m.•3 views

SUSE CVE-2023-34440

Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.9AI score0.00237EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/31 12:47 a.m.•3 views

SUSE CVE-2023-43758

Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.9AI score0.00259EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/31 12:44 a.m.•4 views

SUSE CVE-2024-24582

Improper input validation in XmlCli feature for UEFI firmware for some IntelR processors may allow privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.9AI score0.00239EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/31 12:43 a.m.•4 views

SUSE CVE-2024-28127

Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.9AI score0.00237EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/31 12:43 a.m.•4 views

SUSE CVE-2024-29214

Improper input validation in UEFI firmware CseVariableStorageSmm for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...

8.7CVSS5.9AI score0.00237EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2026/01/31 12:26 a.m.•5 views

SUSE CVE-2025-67601

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the -cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher's setting cacerts...

8.3CVSS5.7AI score0.00153EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•7 views

SUSE CVE-2026-24905

Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...

7.8CVSS6.1AI score0.01281EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•6 views

SUSE CVE-2026-25061

tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...

7.5CVSS6.3AI score0.00517EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•5 views

SUSE CVE-2026-25128

fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...

7.5CVSS5.7AI score0.00559EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2026/01/31 12:24 a.m.•9 views

SUSE CVE-2026-25210

In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...

6.5CVSS6AI score0.00193EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2026/01/30 1:37 a.m.•12 views

SUSE CVE-2020-37011

Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...

8.4CVSS5.8AI score0.00411EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:43 a.m.•8 views

SUSE CVE-2025-11187

Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...

7.5CVSS6.3AI score0.00515EPSS
Exploits1References15
SUSE CVE
SUSE CVE
•added 2026/01/30 12:43 a.m.•10 views

SUSE CVE-2025-14911

User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container...

7.1CVSS5.9AI score0.00275EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/30 12:43 a.m.•5 views

SUSE CVE-2025-15467

Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...

9.8CVSS7.5AI score0.47621EPSS
Exploits7References22
Total number of security vulnerabilities59854