59854 matches found
SUSE CVE-2025-71181
In the Linux kernel, the following vulnerability has been resolved: rustbinder: remove spinlock in rustshrinkfreepage When forward-porting Rust Binder to 6.18, I neglected to take commit fb56fdf8b9a2 "mm/listlru: split the lock to per-cgroup scope" into account, and apparently I did not end up...
SUSE CVE-2025-71182
In the Linux kernel, the following vulnerability has been resolved: can: j1939: make j1939sessionactivate fail if device is no longer registered syzbot is still reporting unregisternetdevice: waiting for vcan0 to become free. Usage count = 2 even after commit 93a27b5891b8 "can: j1939: add missing...
SUSE CVE-2025-71183
In the Linux kernel, the following vulnerability has been resolved: btrfs: always detect conflicting inodes when logging inode refs After rename exchanging either with the rename exchange operation or regular renames in multiple non-atomic steps two inodes and at least one of them is a directory,...
SUSE CVE-2025-71184
In the Linux kernel, the following vulnerability has been resolved: btrfs: fix NULL dereference on root when tracing inode eviction When evicting an inode the first thing we do is to setup tracing for it, which implies fetching the root's id. But in btrfsevictinode the root might be NULL, as...
SUSE CVE-2025-71185
In the Linux kernel, the following vulnerability has been resolved: dmaengine: ti: dma-crossbar: fix device leak on am335x route allocation Make sure to drop the reference taken when looking up the crossbar platform device during am335x route allocation...
SUSE CVE-2025-71186
In the Linux kernel, the following vulnerability has been resolved: dmaengine: stm32: dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent i...
SUSE CVE-2025-71187
In the Linux kernel, the following vulnerability has been resolved: dmaengine: sh: rz-dmac: fix device leak on probe failure Make sure to drop the reference taken when looking up the ICU device during probe also on probe failures e.g. probe deferral...
SUSE CVE-2025-71188
In the Linux kernel, the following vulnerability has been resolved: dmaengine: lpc18xx-dmamux: fix device leak on route allocation Make sure to drop the reference taken when looking up the DMA mux platform device during route allocation. Note that holding a reference to a device does not prevent...
SUSE CVE-2025-71189
In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw: dmamux: fix OF node leak on route allocation failure Make sure to drop the reference taken to the DMA master OF node also on late route allocation failures...
SUSE CVE-2025-71190
In the Linux kernel, the following vulnerability has been resolved: dmaengine: bcm-sba-raid: fix device leak on probe Make sure to drop the reference taken when looking up the mailbox device during probe on probe failures and on driver unbind...
SUSE CVE-2025-71191
In the Linux kernel, the following vulnerability has been resolved: dmaengine: athdmac: fix device leak on ofdmaxlate Make sure to drop the reference taken when looking up the DMA platform device during ofdmaxlate when releasing channel resources. Note that commit 3832b78b3ec2 "dmaengine: athdmac...
SUSE CVE-2026-23015
In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: fix reference leak in gpiompsseprobe error paths The reference obtained by calling usbgetdev is not released in the gpiompsseprobe error paths. Fix that by using device managed helper functions. Also remove the...
SUSE CVE-2026-23016
In the Linux kernel, the following vulnerability has been resolved: inet: frags: drop fraglist conntrack references Jakub added a warning in nfconntrackcleanupnetlist to make debugging leaked skbs/conntrack references more obvious. syzbot reports this as triggering, and I can also reproduce this...
SUSE CVE-2026-23017
In the Linux kernel, the following vulnerability has been resolved: idpf: fix error handling in the inittask on load If the inittask fails during a driver load, we end up without vports and netdevs, effectively failing the entire process. In that state a subsequent reset will result in a crash as...
SUSE CVE-2026-23018
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before initializing extent tree in btrfsreadlockedinode In btrfsreadlockedinode we are calling btrfsinitfileextenttree while holding a path with a read locked leaf from a subvolume tree, and...
SUSE CVE-2026-23019
In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix NULL dereference on devlinkalloc failure devlinkalloc may return NULL on allocation failure, but presteradevlinkalloc unconditionally calls devlinkpriv on the returned pointer. This leads to a NULL...
SUSE CVE-2026-23020
In the Linux kernel, the following vulnerability has been resolved: net: 3com: 3c59x: fix possible null dereference in vortexprobe1 pdev can be null and freering: can be called in 1297 with a null pdev...
SUSE CVE-2026-23021
In the Linux kernel, the following vulnerability has been resolved: net: usb: pegasus: fix memory leak in updateethregsasync When asynchronously writing to the device registers and if usbsubmiturb fail, the code fail to release allocated to this point resources...
SUSE CVE-2026-23022
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvccoredeinit Make sure to free hw-lanregs. Reported by kmemleak during reset: unreferenced object 0xff1b913d02a936c0 size 96: comm "kworker/u258:14", pid 2174, jiffies 4294958305 hex dump first 32...
SUSE CVE-2026-23023
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak in idpfvportrel Free vport-rxptypelkup in idpfvportrel to avoid leaking memory during a reset. Reported by kmemleak: unreferenced object 0xff450acac838a000 size 4096: comm "kworker/u258:5", pid 7732, jiffies...
SUSE CVE-2026-23024
In the Linux kernel, the following vulnerability has been resolved: idpf: fix memory leak of flow steer list on rmmod The flow steering list maintains entries that are added and removed as ethtool creates and deletes flow steering rules. Module removal with active entries causes memory leak as th...
SUSE CVE-2026-23025
In the Linux kernel, the following vulnerability has been resolved: mm/pagealloc: prevent pcp corruption with SMP=n The kernel test robot has reported: BUG: spinlock trylock failure on UP on CPU0, kcompactd0/28 lock: 0xffff888807e35ef0, .magic: dead4ead, .owner: kcompactd0/28, .ownercpu: 0 CPU: 0...
SUSE CVE-2026-23026
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: gpi: Fix memory leak in gpiperipheralconfig Fix a memory leak in gpiperipheralconfig where the original memory pointed to by gchan-config could be lost if krealloc fails. The issue occurs when: 1. gchan-config...
SUSE CVE-2026-23027
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmpchpicdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmpchpicdestroy is not currently doing this...
SUSE CVE-2026-23028
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmipidestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmipidestroy is not currently doing this, that...
SUSE CVE-2026-23029
In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Fix kvmdevice leak in kvmeiointcdestroy In kvmioctlcreatedevice, kvmdevice has allocated memory, kvmdevice-destroy seems to be supposed to free its kvmdevice struct, but kvmeiointcdestroy is not currently doing...
SUSE CVE-2026-23030
In the Linux kernel, the following vulnerability has been resolved: phy: rockchip: inno-usb2: Fix a double free bug in rockchipusb2phyprobe The foreachavailablechildofnode calls ofnodeput to release childnp in each success loop. After breaking from the loop with the childnp has been released, the...
SUSE CVE-2026-23031
In the Linux kernel, the following vulnerability has been resolved: can: gsusb: gsusbreceivebulkcallback: fix URB memory leak In gscanopen, the URBs for USB-in transfers are allocated, added to the parent-rxsubmitted anchor and submitted. In the complete callback gsusbreceivebulkcallback, the URB...
SUSE CVE-2026-23032
In the Linux kernel, the following vulnerability has been resolved: nullblk: fix kmemleak by releasing references to fault configfs items When CONFIGBLKDEVNULLBLKFAULTINJECTION is enabled, the null-blk driver sets up fault injection support by creating the timeoutinject, requeueinject, and...
SUSE CVE-2026-23033
In the Linux kernel, the following vulnerability has been resolved: dmaengine: omap-dma: fix dmapool resource leak in error paths The dmapool created by dmapoolcreate is not destroyed when dmaasyncdeviceregister or ofdmacontrollerregister fails, causing a resource leak in the probe error paths. A...
SUSE CVE-2026-23034
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/userq: Fix fence reference leak on queue teardown v2 The user mode queue keeps a pointer to the most recent fence in userq-lastfence. This pointer holds an extra dmafence reference. When the queue is destroyed, we free...
SUSE CVE-2026-23035
In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Pass netdev to mlx5edestroynetdev instead of priv mlx5epriv is an unstable structure that can be memset0 if profile attaching fails. Pass netdev to mlx5edestroynetdev to guarantee it will work on a valid netdev. On...
SUSE CVE-2026-23036
In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before igetfailed in btrfsreadlockedinode In btrfsreadlockedinode if we fail to lookup the inode, we jump to the 'out' label with a path that has a read locked leaf and then we call igetfailed. This can result...
SUSE CVE-2026-23037
In the Linux kernel, the following vulnerability has been resolved: can: etases58x: allow partial RX URB allocation to succeed When es58xallocrxurbs fails to allocate the requested number of URBs but succeeds in allocating some, it returns an error code. This causes es58xopen to return early,...
SUSE CVE-2026-23038
In the Linux kernel, the following vulnerability has been resolved: pnfs/flexfiles: Fix memory leak in nfs4ffallocdeviceidnode In nfs4ffallocdeviceidnode, if the allocation for dsversions fails, the function jumps to the outscratch label without freeing the already allocated dsaddrs list, leading...
SUSE CVE-2026-23039
In the Linux kernel, the following vulnerability has been resolved: drm/gud: fix NULL fb and crtc dereferences on USB disconnect On disconnect drmatomichelperdisableall is called which sets both the fb and crtc for a plane to NULL before invoking a commit. This causes a kernel oops on every displ...
SUSE CVE-2023-34440
Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2023-43758
Improper input validation in UEFI firmware for some IntelR processors may allow a privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2024-24582
Improper input validation in XmlCli feature for UEFI firmware for some IntelR processors may allow privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2024-28127
Improper input validation in UEFI firmware for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2024-29214
Improper input validation in UEFI firmware CseVariableStorageSmm for some IntelR Processors may allow a privileged user to potentially enable escalation of privilege via local access...
SUSE CVE-2025-67601
A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the -cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher's setting cacerts...
SUSE CVE-2026-24905
Inspektor Gadget is a set of tools and framework for data collection and system inspection on Kubernetes clusters and Linux hosts using eBPF. The ig binary provides a subcommand for image building, used to generate custom gadget OCI images. A part of this functionality is implemented in the file...
SUSE CVE-2026-25061
tcpflow is a TCP/IP packet demultiplexer. In versions up to and including 1.61, wifipcap parses 802.11 management frame elements and performs a length check on the wrong field when handling the TIM element. A crafted frame with a large TIM length can cause a 1-byte out-of-bounds write past...
SUSE CVE-2026-25128
fast-xml-parser allows users to validate XML, parse XML to JS object, or build XML from JS object without C/C++ based libraries and no callback. In versions 5.0.9 through 5.3.3, a RangeError vulnerability exists in the numeric entity processing of fast-xml-parser when parsing XML with out-of-rang...
SUSE CVE-2026-25210
In libexpat before 2.7.4, the doContent function does not properly determine the buffer size bufSize because there is no integer overflow check for tag buffer reallocation...
SUSE CVE-2020-37011
Gnome Fonts Viewer 3.34.0 contains a heap corruption vulnerability that allows attackers to trigger an out-of-bounds write by crafting a malicious TTF font file. Attackers can generate a specially crafted TTF file with an oversized pattern to exhaust memory through repeated malloc calls and...
SUSE CVE-2025-11187
Issue summary: PBMAC1 parameters in PKCS12 files are missing validation which can trigger a stack-based buffer overflow, invalid pointer or NULL pointer dereference during MAC verification. Impact summary: The stack buffer overflow or NULL pointer dereference may cause a crash leading to Denial o...
SUSE CVE-2025-14911
User-controlled chunkSize metadata from MongoDB lacks appropriate validation allowing malformed GridFS metadata to overflow the bounding container...
SUSE CVE-2025-15467
Issue summary: Parsing CMS AuthEnvelopedData or EnvelopedData message with maliciously crafted AEAD parameters can trigger a stack buffer overflow. Impact summary: A stack buffer overflow may lead to a crash, causing Denial of Service, or potentially remote code execution. When parsing CMS...