Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.14 views

SUSE CVE-2026-23001

In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlanforwardsource Add RCU protection on struct macvlansourceentry-vlan. Whenever macvlanhashdelsource is called, we must clear entry-vlan pointer before RCU grace period starts. This allows...

7CVSS5.3AI score0.00188EPSS
Exploits0References32
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.7 views

SUSE CVE-2026-23002

In the Linux kernel, the following vulnerability has been resolved: lib/buildid: use kernelread for sleepable context Prevent a "BUG: unable to handle kernel NULL pointer dereference in filemapreadfolio". For the sleepable context, convert freader to use kernelread instead of direct page cache...

5.5CVSS5.3AI score0.0015EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.12 views

SUSE CVE-2026-23003

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: use skbvlaninetprepare in ip6tnlrcv Blamed commit did not take care of VLAN encapsulations as spotted by syzbot 1. Use skbvlaninetprepare instead of pskbinetmaypull. 1 BUG: KMSAN: uninit-value in INETECNdecapsulate...

6.6CVSS5.2AI score0.00468EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.4 views

SUSE CVE-2026-23004

In the Linux kernel, the following vulnerability has been resolved: dst: fix races in rt6uncachedlistdel and rtdeluncachedlist syzbot was able to crash the kernel in rt6uncachedlistflushdev in an interesting way 1 Crash happens in listdelinit/INITLISTHEAD while writing list-prev, while the prior...

7CVSS5.3AI score0.00118EPSS
Exploits0References117
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.6 views

SUSE CVE-2026-23005

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Clear XSTATEBVi in guest XSAVE state whenever XFDi=1 When loading guest XSAVE state via KVMSETXSAVE, and when updating XFD in response to a guest WRMSR, clear XFD-disabled features in the saved or to be restored XSTATEBV...

6.1CVSS5.4AI score0.00198EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.6 views

SUSE CVE-2026-23006

In the Linux kernel, the following vulnerability has been resolved: ASoC: tlv320adcx140: fix null pointer The "sndsoccomponent" in "adcx140priv" was only used once but never set. It was only used for reaching "dev" which is already present in "adcx140priv"...

5.5CVSS5.2AI score0.00186EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.17 views

SUSE CVE-2026-23007

In the Linux kernel, the following vulnerability has been resolved: block: zero non-PI portion of auto integrity buffer The auto-generated integrity buffer for writes needs to be fully initialized before being passed to the underlying block device, otherwise the uninitialized memory can be read...

5.5CVSS5.4AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.13 views

SUSE CVE-2026-23008

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix KMS with 3D on HW version 10 HW version 10 does not have GB Surfaces so there is no backing buffer for surface backed FBs. This would result in a nullptr dereference and crash the driver causing a black screen...

5.5CVSS5.6AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.21 views

SUSE CVE-2026-23009

In the Linux kernel, the following vulnerability has been resolved: xhci: sideband: don't dereference freed ring when removing sideband endpoint xhcisidebandremoveendpoint incorrecly assumes that the endpoint is running and has a valid transfer ring. Lianqin reported a crash during suspend/wake-u...

5.5CVSS5.2AI score0.00135EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.5 views

SUSE CVE-2026-23010

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix use-after-free in inet6addrdel. syzbot reported use-after-free of inet6ifaddr in inet6addrdel. 0 The cited commit accidentally moved ipv6deladdr for mngtmpaddr before reading its ifp-flags for temporary addresses in...

6.1CVSS5.2AI score0.00182EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.12 views

SUSE CVE-2026-23011

In the Linux kernel, the following vulnerability has been resolved: ipv4: ipgre: make ipgreheader robust Analog to commit db5b4e39c4e6 "ip6gre: make ip6greheader robust" Over the years, syzbot found many ways to crash the kernel in ipgreheader 1. This involves team or bonding drivers ability to...

5.5CVSS5.2AI score0.00187EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.14 views

SUSE CVE-2026-23012

In the Linux kernel, the following vulnerability has been resolved: mm/damon/core: remove callcontrol in inactive contexts If damoncall is executed against a DAMON context that is not running, the function returns error while keeping the damoncallcontrol object linked to the context's callcontrol...

7.8CVSS5.3AI score0.00151EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/26 12:24 a.m.12 views

SUSE CVE-2026-23013

In the Linux kernel, the following vulnerability has been resolved: net: octeonepvf: fix freeirq devid mismatch in IRQ rollback octepvfrequestirqs requests MSI-X queue IRQs with devid set to ioqvector. If requestirq fails part-way, the rollback loop calls freeirq with devid set to 'oct', which do...

7.8CVSS5.2AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/25 12:24 a.m.12 views

SUSE CVE-2025-71158

In the Linux kernel, the following vulnerability has been resolved: gpio: mpsse: ensure worker is torn down When an IRQ worker is running, unplugging the device would cause a crash. The sealevel hardware this driver was written for was not hotpluggable, so I never realized it. This change uses a...

5.5CVSS5.3AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/25 12:24 a.m.20 views

SUSE CVE-2025-71160

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: avoid chain re-validation if possible Hamza Mahfooz reports cpu soft lock-ups in nftchainvalidate: watchdog: BUG: soft lockup - CPU1 stuck for 27s! iptables-nft-re:37547 .. RIP: 0010:nftchainvalidate+0xcb/0x1...

5.5CVSS5.3AI score0.00164EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/25 12:24 a.m.13 views

SUSE CVE-2025-71161

In the Linux kernel, the following vulnerability has been resolved: dm-verity: disable recursive forward error correction There are two problems with the recursive correction: 1. It may cause denial-of-service. In fecreadbufs, there is a loop that has 253 iterations. For each iteration, we may ca...

5.5CVSS5.3AI score0.00165EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/01/25 12:24 a.m.5 views

SUSE CVE-2026-1299

The email module, specifically the "BytesGenerator" class, didn't properly quote newlines for email headers when serializing an email message allowing for header injection when an email is serialized. This is only applicable if using "LiteralHeader" writing headers that don't respect email foldin...

8.2CVSS5.5AI score0.0056EPSS
Exploits0References29
SUSE CVE
SUSE CVE
added 2026/01/25 12:23 a.m.5 views

SUSE CVE-2026-22982

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: Fix crash when adding interface under a lag Commit 15faa1f67ab4 "lan966x: Fix crash when adding interface under a lag" fixed a similar issue in the lan966x driver caused by a NULL pointer dereference. The...

5.5CVSS5.3AI score0.00121EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2026/01/25 12:23 a.m.8 views

SUSE CVE-2026-22993

In the Linux kernel, the following vulnerability has been resolved: idpf: Fix RSS LUT NULL ptr issue after soft reset During soft reset, the RSS LUT is freed and not restored unless the interface is up. If an ethtool command that accesses the rss lut is attempted immediately after reset, it will...

4.4CVSS5.4AI score0.00115EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/24 12:31 a.m.7 views

SUSE CVE-2025-66566

yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java-based decompressor implementations in lz4-java 1.10.0 and earlier allows remote attackers to read previous buffer contents via crafted compressed input. In applications where the output buffer is...

8.2CVSS5.9AI score0.00562EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.4 views

SUSE CVE-2025-71145

In the Linux kernel, the following vulnerability has been resolved: usb: phy: isp1301: fix non-OF device reference imbalance A recent change fixing a device reference leak in a UDC driver introduced a potential use-after-free in the non-OF case as the isp1301getclient helper only increases the...

7CVSS5.2AI score0.00152EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.5 views

SUSE CVE-2025-71146

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconncount: fix leaked ct in error paths There are some situations where ct might be leaked as error paths are skipping the refcounted check and return immediately. In order to solve it make sure that the check is...

5.5CVSS5.3AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.9 views

SUSE CVE-2025-71147

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix a memory leak in tpm2loadcmd 'tpm2loadcmd' allocates a tempoary blob indirectly via 'tpm2keydecode' but it is not freed in the failure paths. Address this by wrapping the blob into with a cleanup helper...

4.7CVSS5.2AI score0.00114EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.6 views

SUSE CVE-2025-71148

In the Linux kernel, the following vulnerability has been resolved: net/handshake: restore destructor on submit failure handshakereqsubmit replaces sk-skdestruct but never restores it when submission fails before the request is hashed. handshakeskdestruct then returns early and the original...

4.7CVSS5.3AI score0.0011EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.4 views

SUSE CVE-2025-71149

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.3CVSS6AI score0.00018EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.5 views

SUSE CVE-2025-71150

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix refcount leak when invalid session is found on session lookup When a session is found but its state is not SMB2SESSIONVALID, It indicates that no valid session was found, but it is missing to decrement the reference...

5.5CVSS5.3AI score0.00118EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.5 views

SUSE CVE-2025-71151

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory and information leak in smb3reconfigure In smb3reconfigure, if smb3syncsessionctxpasswords fails, the function returns immediately without freeing and erasing the newly allocated newpassword and newpassword2. Thi...

4.7CVSS5.2AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.6 views

SUSE CVE-2025-71152

In the Linux kernel, the following vulnerability has been resolved: net: dsa: properly keep track of conduit reference Problem description ------------------- DSA has a mumbo-jumbo of reference handling of the conduit net device and its kobject which, sadly, is just wrong and doesn't make sense...

7.8CVSS5.4AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.6 views

SUSE CVE-2025-71153

In the Linux kernel, the following vulnerability has been resolved: ksmbd: Fix memory leak in getfileallinfo In getfileallinfo, if vfsgetattr fails, the function returns immediately without freeing the allocated filename, leading to a memory leak. Fix this by freeing the filename before returning...

5.5CVSS5.2AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.8 views

SUSE CVE-2025-71154

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix memory leak on usbsubmiturb failure In asyncsetregisters, when usbsubmiturb fails, the allocated asyncreq structure and URB are not freed, causing a memory leak. The completion callback asyncsetregcb is...

4.7CVSS5.3AI score0.00114EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.6 views

SUSE CVE-2025-71155

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: Fix gmaphelperzaponepage again A few checks were missing in gmaphelperzaponepage, which can lead to memory corruption in the guest under specific circumstances. Add the missing checks...

7.8CVSS5.3AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.5 views

SUSE CVE-2025-71156

In the Linux kernel, the following vulnerability has been resolved: gve: defer interrupt enabling until NAPI registration Currently, interrupts are automatically enabled immediately upon request. This allows interrupt to fire before the associated NAPI context is fully initialized and cause...

5.5CVSS5.3AI score0.00119EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/01/24 12:25 a.m.5 views

SUSE CVE-2025-71157

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: always drop device refcount in ibdelsubdeviceandput Since nldevdeldev introduced by commit 060c642b2ab8 "RDMA/nldev: Add support to add/delete a sub IB device through netlink" grabs a reference using ibdevicegetbyindex...

4.7CVSS5.3AI score0.00119EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.4 views

SUSE CVE-2026-0994

A denial-of-service DoS vulnerability exists in google.protobuf.jsonformat.ParseDict in Python, where the maxrecursiondepth limit can be bypassed when parsing nested google.protobuf.Any messages. Due to missing recursion depth accounting inside the internal Any-handling logic, an attacker can...

5.9CVSS5.7AI score0.00613EPSS
Exploits0References15
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.5 views

SUSE CVE-2026-23831

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, the entry implementation can panic on attacker-controlled input when canonicalizing a proposed entry with an empty spec.message, causing nil Pointer Dereference. Function validate returns nil success when message is...

5.3CVSS5.4AI score0.00384EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.6 views

SUSE CVE-2026-23953

Incus is a system container and virtual machine manager. In versions 6.20.0 and below, a user with the ability to launch a container with a custom YAML configuration e.g a member of the 'incus' group can create an environment variable containing newlines, which can be used to add additional...

8.7CVSS6.1AI score0.00471EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.6 views

SUSE CVE-2026-23954

Incus is a system container and virtual machine manager. Versions 6.21.0 and below allow a user with the ability to launch a container with a custom image e.g a member of the 'incus' group to use directory traversal or symbolic links in the templating functionality to achieve host arbitrary file...

8.7CVSS6AI score0.00731EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.7 views

SUSE CVE-2026-24117

Rekor is a software supply chain transparency log. In versions 1.4.3 and below, attackers can trigger SSRF to arbitrary internal services because /api/v1/index/retrieve supports retrieving a public key via user-provided URL. Since the SSRF only can trigger GET requests, the request cannot mutate...

5.3CVSS5.7AI score0.00332EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.6 views

SUSE CVE-2026-24137

sigstore framework is a common go library shared across sigstore services and clients. In versions 1.10.3 and below, the legacy TUF client pkg/tuf/client.go supports caching target files to disk. It constructs a filesystem path by joining a cache base directory with a target name sourced from...

5.3CVSS5.7AI score0.0037EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2026/01/24 12:24 a.m.6 views

SUSE CVE-2026-24515

In libexpat before 2.7.4, XMLExternalEntityParserCreate does not copy unknown encoding handler user data...

5.5CVSS5.4AI score0.0017EPSS
Exploits0References11
SUSE CVE
SUSE CVE
added 2026/01/23 2:6 a.m.3 views

SUSE CVE-2024-31884

unknown...

5.4AI score0.00029EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/23 12:57 a.m.5 views

SUSE CVE-2025-12781

When passing data to the b64decode, standardb64decode, and urlsafeb64decode functions in the "base64" module the characters "+/" will always be accepted, regardless of the value of "altchars" parameter, typically used to establish an "alternative base64 alphabet" such as the URL safe alphabet. Th...

3.3CVSS5.5AI score0.00513EPSS
Exploits1References8
SUSE CVE
SUSE CVE
added 2026/01/23 12:56 a.m.5 views

SUSE CVE-2025-15523

MacOS version of Inkscape bundles a Python interpreter that inherits the Transparency, Consent, and Control TCC permissions granted by the user to the main application bundle. An attacker with local user access can invoke this interpreter with arbitrary commands or scripts, leveraging the...

4.8CVSS5.7AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/23 12:40 a.m.13 views

SUSE CVE-2025-38596

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF in panthorgemcreatewithhandle debugfs code The object is potentially already gone after the drmgemobjectput. In general the object should be fully constructed before calling drmgemhandlecreate, except the...

7.8CVSS6.3AI score0.00143EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/01/23 12:28 a.m.10 views

SUSE CVE-2025-66959

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the GGUF decoder...

7.5CVSS5.6AI score0.04549EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/01/23 12:28 a.m.4 views

SUSE CVE-2025-66960

An issue in ollama v.0.12.10 allows a remote attacker to cause a denial of service via the fs/ggml/gguf.go, function readGGUFV1String reads a string length from untrusted GGUF metadata...

7.5CVSS5.6AI score0.00362EPSS
Exploits1References3
SUSE CVE
SUSE CVE
added 2026/01/23 12:28 a.m.7 views

SUSE CVE-2025-67221

The orjson.dumps function in orjson thru 3.11.4 does not limit recursion for deeply nested JSON documents...

5.9CVSS5.4AI score0.0055EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/01/23 12:26 a.m.5 views

SUSE CVE-2025-71176

pytest through 9.0.2 on UNIX relies on directories with the /tmp/pytest-of-user name pattern, which allows local users to cause a denial of service or possibly gain privileges...

5.3CVSS5.6AI score0.0014EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/01/23 12:25 a.m.5 views

SUSE CVE-2026-1225

ACE vulnerability in configuration file processing by QOS.CH logback-core up to and including version 1.5.24 in Java applications, allows an attacker to instantiate classes already present on the class path by compromising an existing logback configuration file. The instantiation of a potentially...

6.4CVSS5.6AI score0.00159EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/01/23 12:25 a.m.5 views

SUSE CVE-2026-21947

unknown...

3.1CVSS5.4AI score0.00204EPSS
Exploits0References3
Total number of security vulnerabilities59854