Lucene search
K
SusecveRecent

59854 matches found

SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•7 views

SUSE CVE-2025-71102

In the Linux kernel, the following vulnerability has been resolved: scs: fix a wrong parameter in scsmagic scsmagic needs a 'void ' variable, but a 'struct taskstruct ' is given. 'taskscstsk' is the starting address of the task's shadow call stack, and 'scsmagictaskscstsk' is the end address of t...

5.5CVSS6.4AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71104

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix VM hard lockup after prolonged inactivity with periodic HV timer When advancing the target expiration for the guest's APIC timer in periodic mode, set the expiration to "now" if the target expiration is in the past...

6.5CVSS6.6AI score0.00095EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•8 views

SUSE CVE-2025-71105

In the Linux kernel, the following vulnerability has been resolved: f2fs: use global inlinexattrslab instead of per-sb slab cache As Hong Yun reported in mailing list: loop7: detected capacity change from 0 to 131072 ------------ cut here ------------ kmemcache of name 'f2fsxattrentry-7:7' alread...

5.5CVSS6.4AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•6 views

SUSE CVE-2025-71107

In the Linux kernel, the following vulnerability has been resolved: f2fs: ensure node page reads complete before f2fsputsuper finishes Xfstests generic/335, generic/336 sometimes crash with the following message: F2FS-fs dm-0: detect filesystem reference count leak during umount, type: 9, count: ...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•4 views

SUSE CVE-2025-71108

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: Handle incorrect numconnectors capability The UCSI spec states that the numconnectors field is 7 bits, and the 8th bit is reserved and should be set to zero. Some buggy FW has been known to set this bit, and it...

5.5CVSS6.5AI score0.00123EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•3 views

SUSE CVE-2025-71113

In the Linux kernel, the following vulnerability has been resolved: crypto: afalg - zero initialize memory allocated via sockkmalloc Several crypto user API contexts and requests allocated with sockkmalloc were left uninitialized, relying on callers to set fields explicitly. This resulted in the...

6.6CVSS6.6AI score0.00123EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•6 views

SUSE CVE-2025-71114

In the Linux kernel, the following vulnerability has been resolved: viawdt: fix critical boot hang due to unnamed resource allocation The VIA watchdog driver uses allocateresource to reserve a MMIO region for the watchdog control register. However, the allocated resource was not given a name, whi...

6.1CVSS6.4AI score0.00123EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•4 views

SUSE CVE-2025-71116

In the Linux kernel, the following vulnerability has been resolved: libceph: make decodepool more resilient against corrupted osdmaps If the osdmap is maliciously corrupted such that the encoded length of cephpgpool envelope is less than what is expected for a particular encoding version,...

6.3CVSS6.5AI score0.00126EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•4 views

SUSE CVE-2025-71117

In the Linux kernel, the following vulnerability has been resolved: block: Remove queue freezing from several sysfs store callbacks Freezing the request queue from inside sysfs store callbacks may cause a deadlock in combination with the dm-multipath driver and the queueifnopath option...

5.5CVSS6.4AI score0.00083EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•7 views

SUSE CVE-2025-71119

In the Linux kernel, the following vulnerability has been resolved: powerpc/kexec: Enable SMT before waking offline CPUs If SMT is disabled or a partial SMT state is enabled, when a new kernel image is loaded for kexec, on reboot the following warning is observed: kexec: Waking offline cpu 228...

3.3CVSS6.2AI score0.00122EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71122

In the Linux kernel, the following vulnerability has been resolved: iommufd/selftest: Check for overflow in IOMMUTESTOPADDRESERVED syzkaller found it could overflow math in the test infrastructure and cause a WARNON by corrupting the reserved interval tree. This only effects test kernels with...

7.8CVSS6.6AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71124

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: move preemptpreparepostamble after error check Move the call to preemptpreparepostamble after verifying that preemptpostambleptr is valid. If preemptpostambleptr is NULL, dereferencing it in preemptpreparepostamble...

5.5CVSS6.5AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71126

In the Linux kernel, the following vulnerability has been resolved: mptcp: avoid deadlock on fallback while reinjecting Jakub reported an MPTCP deadlock at fallback time: WARNING: possible recursive locking detected 6.18.0-rc7-virtme 1 Not tainted --------------------------------------------...

5.5CVSS6.4AI score0.00111EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71127

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Discard Beacon frames to non-broadcast address Beacon frames are required to be sent to the broadcast address, see IEEE Std 802.11-2020, 11.1.3.1 "The Address 1 field of the Beacon .. frame shall be set to the...

5.5CVSS6.4AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71128

In the Linux kernel, the following vulnerability has been resolved: erspan: Initialize optionslen before referencing options. The struct iptunnelinfo has a flexible array member named options that is protected by a countedbyoptionslen attribute. The compiler will use this information to enforce...

5.5CVSS6.6AI score0.00124EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•4 views

SUSE CVE-2025-71129

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Sign extend kfunc call arguments The kfunc calls are native calls so they should follow LoongArch calling conventions. Sign extend its arguments properly to avoid kernel panic. This is done by adding a new...

5.5CVSS6.4AI score0.00114EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71130

In the Linux kernel, the following vulnerability has been resolved: drm/i915/gem: Zero-initialize the eb.vma array in i915gemdoexecbuffer Initialize the eb.vma array with values of 0 when the eb structure is first set up. In particular, this sets the eb-vmai.vma pointers to NULL, simplifying...

5.5CVSS6.5AI score0.00121EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•6 views

SUSE CVE-2025-71139

In the Linux kernel, the following vulnerability has been resolved: kernel/kexec: fix IMA when allocation happens in CMA area Bug description When I tested kexec with the latest kernel, I ran into the following warning: 40.712410 ------------ cut here ------------ 40.712576 WARNING: CPU: 2 PID:...

5.5CVSS6.5AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•6 views

SUSE CVE-2025-71140

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Use spinlock for context list protection lock Previously a mutex was added to protect the encoder and decoder context lists from unexpected changes originating from the SCP IP block, causing the context...

6.6AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•5 views

SUSE CVE-2025-71141

In the Linux kernel, the following vulnerability has been resolved: drm/tilcdc: Fix removal actions in case of failed probe The drmkmshelperpollfini and drmatomichelpershutdown helpers should only be called when the device has been successfully registered. Currently, these functions are called...

5.5CVSS6.6AI score0.00117EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/01/16 12:26 a.m.•4 views

SUSE CVE-2025-71142

In the Linux kernel, the following vulnerability has been resolved: cpuset: fix warning when disabling remote partition A warning was triggered as follows: WARNING: kernel/cgroup/cpuset.c:1651 at remotepartitiondisable+0xf7/0x110 RIP: 0010:remotepartitiondisable+0xf7/0x110 RSP:...

5.5CVSS6.4AI score0.00102EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-0861

Passing too large an alignment to the memalign suite of functions memalign, posixmemalign, alignedalloc in the GNU C Library version 2.30 to 2.42 may result in an integer overflow, which could consequently result in a heap corruption. Note that the attacker must have control over both, the size a...

7.8CVSS7.1AI score0.00352EPSS
Exploits1References18
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•3 views

SUSE CVE-2026-0959

IEEE 802.11 protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

5.3CVSS6.9AI score0.00178EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•6 views

SUSE CVE-2026-0960

HTTP3 protocol dissector infinite loop in Wireshark 4.6.0 to 4.6.2 allows denial of service...

5.5CVSS6.8AI score0.00122EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•4 views

SUSE CVE-2026-0961

BLF file parser crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

5.5CVSS6.9AI score0.00174EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-0962

SOME/IP-SD protocol dissector crash in Wireshark 4.6.0 to 4.6.2 and 4.4.0 to 4.4.12 allows denial of service...

5.3CVSS6.9AI score0.00206EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-0989

A flaw was identified in the RelaxNG parser of libxml2 related to how external schema inclusions are handled. The parser does not enforce a limit on inclusion depth when resolving nested directives. Specially crafted or overly complex schemas can cause excessive recursion during parsing. This may...

3.7CVSS6.7AI score0.00419EPSS
Exploits1References14
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•7 views

SUSE CVE-2026-0990

A flaw was found in libxml2, an XML parsing library. This uncontrolled recursion vulnerability occurs in the xmlCatalogXMLResolveURI function when an XML catalog contains a delegate URI entry that references itself. A remote attacker could exploit this configuration-dependent issue by providing a...

5.9CVSS6.7AI score0.00755EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•3 views

SUSE CVE-2026-0992

A flaw was found in the libxml2 library. This uncontrolled resource consumption vulnerability occurs when processing XML catalogs that contain repeated elements pointing to the same downstream catalog. A remote attacker can exploit this by supplying crafted catalogs, causing the parser to...

5.3CVSS6.7AI score0.00308EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•6 views

SUSE CVE-2026-21889

Weblate is a web based localization tool. Prior to 5.15.2, the screenshot images were served directly by the HTTP server without proper access control. This could allow an unauthenticated user to access screenshots after guessing their filename. This vulnerability is fixed in 5.15.2...

7.5CVSS6.9AI score0.00323EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•4 views

SUSE CVE-2026-22797

An issue was discovered in OpenStack keystonemiddleware 10.5 through 10.7 before 10.7.2, 10.8 and 10.9 before 10.9.1, and 10.10 through 10.12 before 10.12.1. The externaloauth2token middleware fails to sanitize incoming authentication headers before processing OAuth 2.0 tokens. By sending forged...

9.9CVSS5.5AI score0.00575EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-22851

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race condition between the RDPGFX dynamic virtual channel thread and the SDL render thread leads to a heap use-after-free. Specifically, an escaped pointer to sdl-primary SDLSurface is accessed after it has been...

5.9CVSS6.8AI score0.00247EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•4 views

SUSE CVE-2026-22852

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a malicious RDP server can trigger a heap-buffer-overflow write in the FreeRDP client when processing Audio Input AUDIN format lists. audinprocessformats reuses callback-formatscount across multiple MSGSNDINFORMATS...

7.5CVSS7.1AI score0.00365EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-22853

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, RDPEAR's NDR array reader does not perform bounds checking on the on-wire element count and can write past the heap buffer allocated from hints, causing a heap buffer overflow in ndrreaduint8Array. This vulnerabilit...

7.5CVSS7.4AI score0.00662EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•3 views

SUSE CVE-2026-22854

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap-buffer-overflow occurs in drive read when a server-controlled read length is used to read file data into an IRP output stream buffer without a hard upper bound, allowing an oversized read to overwrite heap...

7.5CVSS7AI score0.00453EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•4 views

SUSE CVE-2026-22855

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap out-of-bounds read occurs in the smartcard SetAttrib path when cbAttrLen does not match the actual NDR buffer length. This vulnerability is fixed in 3.20.1...

6.8CVSS7AI score0.00756EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•4 views

SUSE CVE-2026-22856

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a race in the serial channel IRP thread tracking allows a heap use-after-free when one thread removes an entry from serial-IrpThreads while another reads it. This vulnerability is fixed in 3.20.1...

7.5CVSS6.9AI score0.00286EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•7 views

SUSE CVE-2026-22857

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, a heap use-after-free occurs in irpthreadfunc because the IRP is freed by irp-Complete and then accessed again on the error path. This vulnerability is fixed in 3.20.1...

7.5CVSS7AI score0.00453EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/16 12:25 a.m.•5 views

SUSE CVE-2026-22858

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, global-buffer-overflow was observed in FreeRDP's Base64 decoding path. The root cause appears to be implementation-defined char signedness: on Arm/AArch64 builds, plain char is treated as unsigned, so the guard c = ...

6.8CVSS7AI score0.00599EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2026/01/16 12:24 a.m.•3 views

SUSE CVE-2026-22859

FreeRDP is a free implementation of the Remote Desktop Protocol. Prior to 3.20.1, the URBDRC client does not perform bounds checking on server-supplied MSUSBINTERFACEDESCRIPTOR values and uses them as indices in libusbudevcompletemsconfigsetup, causing an out-of-bounds read. This vulnerability is...

6.8CVSS6.9AI score0.00756EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2026/01/15 12:53 a.m.•5 views

SUSE CVE-2025-14242

A flaw was found in vsftpd. This vulnerability allows a denial of service DoS via an integer overflow in the ls command parameter parsing, triggered by a remote, authenticated attacker sending a crafted STAT command with a specific byte sequence...

6.5CVSS6.7AI score0.00737EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2026/01/15 12:29 a.m.•6 views

SUSE CVE-2025-56226

Libsndfile =1.2.2 contains a memory leak vulnerability in the mpegl3encoderinit function within the mpegl3encode.c file...

5.3CVSS6.9AI score0.00312EPSS
Exploits1References4
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•6 views

SUSE CVE-2025-68775

In the Linux kernel, the following vulnerability has been resolved: net/handshake: duplicate handshake cancellations leak socket When a handshake request is cancelled it is removed from the handshakenet-hnrequests list, but it is still present in the handshakerhashtbl until it is destroyed. If a...

5.9CVSS6.4AI score0.00168EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•5 views

SUSE CVE-2025-68776

In the Linux kernel, the following vulnerability has been resolved: net/hsr: fix NULL pointer dereference in prpgetuntaggedframe prpgetuntaggedframe calls pskbcopy to create frame-skbstd but doesn't check if the allocation failed. If pskbcopy returns NULL, skbclone is called with a NULL pointer,...

5.9CVSS6.4AI score0.00173EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•5 views

SUSE CVE-2025-68777

In the Linux kernel, the following vulnerability has been resolved: Input: tiam335xtsc - fix off-by-one error in wireorder validation The current validation 'wireorderi ARRAYSIZEconfigpins' allows wireorderi to equal ARRAYSIZEconfigpins, which causes out-of-bounds access when used as index in...

6.6CVSS6.6AI score0.00173EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•7 views

SUSE CVE-2025-68778

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't log conflicting inode if it's a dir moved in the current transaction We can't log a conflicting inode if it's a directory and it was moved from one parent directory to another parent directory in the current...

4.7CVSS6.3AI score0.00168EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•8 views

SUSE CVE-2025-68779

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid unregistering PSP twice PSP is unregistered twice in: mlx5eremove - mlx5epspunregister mlx5eniccleanup - mlx5epspunregister This leads to a refcount underflow in some conditions: ------------ cut here -----------...

6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•5 views

SUSE CVE-2025-68780

In the Linux kernel, the following vulnerability has been resolved: sched/deadline: only set freecpus for online runqueues Commit 16b269436b72 "sched/deadline: Modify cpudl::freecpus to reflect rd-online" introduced the cpudlset/clearfreecpu functions to allow the cpudl::freecpus mask to be...

6.5AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•3 views

SUSE CVE-2025-68781

In the Linux kernel, the following vulnerability has been resolved: usb: phy: fsl-usb: Fix use-after-free in delayed work during device removal The delayed work item otgevent is initialized in fslotgconf and scheduled under two conditions: 1. When a host controller binds to the OTG controller. 2...

6.3AI score0.00181EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/01/15 12:26 a.m.•5 views

SUSE CVE-2025-68782

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Reset ttaskcdb pointer in error case If allocation of cmd-ttaskcdb fails, it remains NULL but is later dereferenced in the 'err' path. In case of error, reset NULL ttaskcdb value to point at the default fixed-size...

6.5AI score0.00173EPSS
Exploits0References3
Total number of security vulnerabilities59854