Lucene search
K
SusecveRecent

59178 matches found

SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52690

Spoofing replies to Recursor might mark an IP of an authoritative server as not supporting EDNS, causing valdiation of DNSSEC records served by that server to fail...

5.9CVSS5.8AI score0.00352EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52970

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftct: fix missing expect put in obj eval nftctexpectobjeval allocates an expectation and may call nfctexpectrelated, but never drops its local reference. Add nfctexpectputexp before return to balance allocation...

5.8AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52973

In the Linux kernel, the following vulnerability has been resolved: futex: Drop CLONETHREAD requirement for private default hash alloc Currently needfutexhashallocatedefault depends on strict pthread semantics, abusing CLONETHREAD. This breaks the non-concurrency assumptions when doing the...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-52974

In the Linux kernel, the following vulnerability has been resolved: net: tls: fix strparser anchor skb leak on offload RX setup failure When tlssetdeviceoffloadrx fails at tlsdevadd, the error path calls tlsswfreeresourcesrx to clean up the SW context that was initialized by tlssetswoffload. This...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-52975

In the Linux kernel, the following vulnerability has been resolved: bonding: 3ad: implement proper RCU rules for port-aggregator syzbot found a data-race in bond3adgetactiveagginfo / bond3adstatemachinehandler 1 which hints at lack of proper RCU implementation. Add rcu qualifier to port-aggregato...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52976

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix error cleanup in xeexecqueuecreateioctl Two error handling issues exist in xeexecqueuecreateioctl: 1. When xehwenginegroupaddexecqueue fails, the error path jumps to putexecqueue which skips xeexecqueuekill. If the VM...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-52977

In the Linux kernel, the following vulnerability has been resolved: futex: Prevent lockup in requeue-PI during signal/ timeout wakeup During wait-requeue-pi task A and requeue-PI task B the following race can happen: Task A Task B futexwaitrequeuepi futexsetuptimer futexdowait futexrequeue CLASSh...

5.7AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52978

In the Linux kernel, the following vulnerability has been resolved: net: psp: require admin permission for dev-set and key-rotate The dev-set and key-rotate netlink operations modify shared device state PSP version configuration and cryptographic key material, respectively but do not require...

5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52979

In the Linux kernel, the following vulnerability has been resolved: net: psp: check for device unregister when creating assoc pspassocdevicegetlocked obtains a pspdev reference via pspdevgetforsock which uses pspdevtryget under RCU; it then acquires psd-lock and drops the reference. Before the lo...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52980

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Clear reldeadline when initializing forked entities A yield-triggered crash can happen when a newly forked schedentity enters the fair class with se-reldeadline unexpectedly set. The failing sequence is: 1. A task is...

5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52981

In the Linux kernel, the following vulnerability has been resolved: neigh: let neighxmit take skb ownership neighxmit always releases the skb, except when no neighbour table is found. But even the first added user of neighxmit mpls relied on neighxmit to release the skb or queue it for tx. sashik...

7.5CVSS5.9AI score0.00539EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52982

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: fix use-after-free in rtl8150startxmit syzbot reported a KASAN slab-use-after-free read in rtl8150startxmit when accessing skb-len for tx statistics after usbsubmiturb has been called: BUG: KASAN:...

9.8CVSS5.8AI score0.00543EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52983

In the Linux kernel, the following vulnerability has been resolved: net: airoha: fix BQL imbalance in TX path Fix a possible BQL imbalance in airohadevxmit, where inflight packets are accounted only for the AIROHANUMTXRING netdev TX queues. The queue index is computed as: qid =...

7.5CVSS5.8AI score0.00451EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52984

In the Linux kernel, the following vulnerability has been resolved: net/sched: netem: fix queue limit check to include reordered packets The queue limit check in netemenqueue uses q-tlen which only counts packets in the internal tfifo. Packets placed in sch-q by the reorder path qdiscenqueuehead...

5.8AI score0.00184EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52985

In the Linux kernel, the following vulnerability has been resolved: netdevsim: zero initialize struct iphdr in dummy skbuff Syzbot reports a KMSAN uninit-value originating from nsimdevtrapskbbuild, with the allocation also being performed in the same function. Fix this by calling skbputzero inste...

5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-52986

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfconntracksip: don't use simplestrtoul Replace unsafe port parsing in epaddrlen, ctsipparseheaderuri, and ctsipparserequest with a new sipparseport helper that validates each digit against the buffer limit, eliminatin...

9.8CVSS6AI score0.00559EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-52987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid double drmexecfini in userq validate When newaddition is true, amdgpuuserqvmvalidate calls drmexecfini&exec before iterating over the collected HMM ranges and calling amdgputtmttgetuserpages. If...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52988

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: join hook list via splicelistrcu in commit phase Publish new hooks in the list into the basechain/flowtable using splicelistrcu to ensure netlink dump list traversal via rcu is safe while concurrent ruleset...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-52989

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: propagate nvmettcpbuildpduiovec errors to its callers Currently, when nvmettcpbuildpduiovec detects an out-of-bounds PDU length or offset, it triggers nvmettcpfatalerrorcmd-queue and returns early. However, because the...

9.8CVSS5.8AI score0.00342EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53027

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix missing run load for vcn0 in attrdatagetblocklocked When a compressed or sparse attribute has its clusters frame-aligned, vcn is rounded down to the frame start using cmask, which can result in vcn != vcn0. In this...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-53029

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: prevent uninitialized lcn caused by zero len syzbot reported a uninit-value in ntfsiomapbegin 1. Since runs was not touched yet, runlookupentry immediately fails and returns false, which makes the value of "len" 0...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53031

In the Linux kernel, the following vulnerability has been resolved: bpf: Validate nodeid in arenaallocpages arenaallocpages accepts a plain int nodeid and forwards it through the entire allocation chain without any bounds checking. Validate nodeid before passing it down the allocation chain in...

7.8CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-53033

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Take state lock for afunix iter When a BPF iterator program updates a sockmap, there is a race condition in unixstreambpfupdateproto where the peer pointer can become stale1 during a state transition TCPESTABLISHED ...

7.8CVSS5.8AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53036

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Fix off-by-one in checkimm signed range check checkimmbits, imm is used in the arm64 BPF JIT to verify that a branch displacement in arm64 instruction units fits into the signed N-bit immediate field of a B, B.cond or...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53038

In the Linux kernel, the following vulnerability has been resolved: imafs: Correctly create securityfs files for unsupported hash algos imatpmchip-allocatedbanksi.cryptoid is initialized to HASHALGOLAST if the TPM algorithm is not supported. However there are places relying on the algorithm to be...

5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53039

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate group add input before caching BUG OCFS2IOCGROUPADD can trigger a BUGON in ocfs2setnewbufferuptodate: kernel BUG at fs/ocfs2/uptodate.c:509! Oops: invalid opcode: 0000 1 SMP KASAN NOPTI RIP:...

6AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53040

In the Linux kernel, the following vulnerability has been resolved: ocfs2: validate bgbits during freefrag scan BUG A crafted filesystem can trigger an out-of-bounds bitmap walk when OCFS2IOCINFO is issued with OCFS2INFOFLNONCOHERENT. BUG: KASAN: use-after-free in instrumentatomicread...

7.1CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53041

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix listxattr handling when the buffer is full BUG If an OCFS2 inode has both inline and block-based xattrs, listxattr can return a size larger than the caller's buffer when the inline names consume that buffer exactly...

7.1CVSS5.9AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53043

In the Linux kernel, the following vulnerability has been resolved: ocfs2/dlm: validate qrnumregions in dlmmatchregions Patch series "ocfs2/dlm: fix two bugs in dlmmatchregions". In dlmmatchregions, the qrnumregions field from a DLMQUERYREGION network message is used to drive loops over the...

9.1CVSS5.9AI score0.00521EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53044

In the Linux kernel, the following vulnerability has been resolved: soc/tegra: cbb: Fix incorrect ARRAYSIZE in fabric lookup tables Fix incorrect ARRAYSIZE usage in fabric lookup tables which could cause out-of-bounds access during target timeout lookup...

7.1CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53045

In the Linux kernel, the following vulnerability has been resolved: memory: tegra124-emc: Fix dllchange check The code checking whether the specified memory timing enables DLL in the EMRS register was reversed. DLL is enabled if bit A0 is low. Fix the check...

9.8CVSS5.8AI score0.00521EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53051

In the Linux kernel, the following vulnerability has been resolved: PCI: tegra194: Fix CBB timeout caused by DBI access before core power-on When PERST is deasserted twice assert - deassert - assert - deassert, a CBB Control Backbone timeout occurs at DBI register offset 0x8bc PCIEMISCCONTROL1OFF...

5.8AI score0.00175EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53052

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: qdsp6: topology: check widget type before accessing data Check widget type before accessing the private data, as this could a virtual widget which is no associated with a dsp graph, container and module. Accessing...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53053

In the Linux kernel, the following vulnerability has been resolved: iommu/amd: Fix clonealias to use the original device's devid Currently clonealias assumes first argument pdev is always the original device pointer. This function is called by pciforeachdmaalias which based on topology decides to...

8.8CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53054

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix VMBIND UNMAP locking Wrong argument meant that the objs involved in UNMAP ops were not always getting locked. Since NOSHARE objs share a common resv with the VM which is always locked this would only show up with...

7.8CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-53056

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: fix mismatch between power and frequency During DPU runtime suspend, calling devpmoppsetratedev, 0 drops the MMCX rail to MINSVS while the core clock frequency remains at its original highest rate. When runtime resum...

5.8AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53067

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-ep-msi: Fix error unwind and prevent double alloc pciepfallocdoorbell stores the allocated doorbell message array in epf-dbmsg/epf-numdb before requesting MSI vectors. If MSI allocation fails, the array is free...

5.8AI score0.00154EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53068

In the Linux kernel, the following vulnerability has been resolved: drm/komeda: fix integer overflow in AFBC framebuffer size check The AFBC framebuffer size validation calculates the minimum required buffer size by adding the AFBC payload size to the framebuffer offset. This addition is performe...

7.1CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53077

In the Linux kernel, the following vulnerability has been resolved: net/rds: Restrict use of RDS/IB to the initial network namespace Prevent using RDS/IB in network namespaces other than the initial one. The existing RDS/IB code will not work properly in non-initial network namespaces...

7.8CVSS5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53079

In the Linux kernel, the following vulnerability has been resolved: netsched: fix skb memory leak in deferred qdisc drops When the network stack cleans up the deferred list via qdiscrunend, it operates on the root qdisc. If the root qdisc do not implement the TCQFDEQUEUEDROPS flag the packets que...

5.8AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53093

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix error pointer dereference The function brcmfchipaddcore can return an error pointer and is not checked. Add checks for error pointer. Detected by Smatch:...

5.8AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53101

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix potential deadlock in mt7921rocabortsync rocabortsync can deadlock with rocwork. rocwork holds dev-mt76.mutex, while cancelworksync waits for rocwork to finish. If the caller already owns the same mutex,...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53103

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix potential deadlock in mt7925rocabortsync rocabortsync can deadlock with rocwork. rocwork holds dev-mt76.mutex, while cancelworksync waits for rocwork to finish. If the caller already owns the same mutex,...

5.8AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53109

In the Linux kernel, the following vulnerability has been resolved: powerpc/pgtable-frag: Fix bad page state in ptefragdestroy powerpc uses ptfragrefcount as a reference counter for tracking it's pte and pmd page table fragments. For PTE table, in case of Hash with 64K pagesize, we have 16...

5.8AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53122

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between reflink and transaction commit when using flushoncommit When using the flushoncommit mount option, we can have a deadlock between a transaction commit and a reflink operation that copied an inline exte...

5.8AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53124

In the Linux kernel, the following vulnerability has been resolved: ublk: reset per-IO canceled flag on each fetch If a ublk server starts recovering devices but dies before issuing fetch commands for all IOs, cancellation of the fetch commands that were successfully issued may never complete. Th...

5.8AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-53125

In the Linux kernel, the following vulnerability has been resolved: md: fix arraystate=clear sysfs deadlock When "clear" is written to arraystate, mdattrstore breaks sysfs active protection so the array can delete itself from its own sysfs store method. However, mdattrstore currently drops the...

5.8AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-54448

Trivy is a security scanner. Prior to 0.71.0, when Trivy scans a Helm chart archive .tgz, its custom tar unpacker reads each entry with io.ReadAlltr and no size limit. An attacker who can place a malicious .tgz file in the scanned path can craft a small compressed archive that decompresses to...

6.9CVSS5.8AI score0.0025EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•6 views

SUSE CVE-2026-54679

jq is a command-line JSON processor. Prior to 1.8.2, on 32bit system, jvpstringappend has a chance of integer/multiple overflowing and then causing a massive buffer overrun. This vulnerability is fixed in 1.8.2...

6.9CVSS5.9AI score0.00103EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 5 days ago•5 views

SUSE CVE-2026-55092

Trivy is a security scanner. Prior to 0.71.1, when Trivy downloads an OCI artifact, it uses the org.opencontainers.image.title annotation from the artifact manifest as the destination filename without validation. An attacker who can make Trivy fetch an attacker-controlled artifact can supply a...

7.5CVSS5.9AI score0.00292EPSS
Exploits0References3
Total number of security vulnerabilities59178