Lucene search
K
SusecveRecent

59218 matches found

SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•10 views

SUSE CVE-2026-46106

In the Linux kernel, the following vulnerability has been resolved: eventfs: Hold eventfsmutex and SRCU when remount walks events Commit 340f0c7067a9 "eventfs: Update all the eventfsinodes from the events descriptor" had eventfssetattrs recurse through ei-children on remount. The walk only holds...

4.1CVSS5.7AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46107

In the Linux kernel, the following vulnerability has been resolved: dm-thin: fix metadata refcount underflow There's a bug in dm-thin in the function rebalancechildren. If the internal btree node has one entry, the code tries to copy all btree entries from the node's child to the node itself and...

6.1CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46108

In the Linux kernel, the following vulnerability has been resolved: ipmi:si: Return state to normal if message allocation fails There were places where nothing would get started if a message allocation failed, so the driver needs to return to normal state...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•17 views

SUSE CVE-2026-46109

In the Linux kernel, the following vulnerability has been resolved: usb: ulpi: fix memory leak on ulpiregister error paths Commit 01af542392b5 "usb: ulpi: fix double free in ulpiregisterinterface error path" removed kfreeulpi from ulpiregisterinterface to fix a double-free when deviceregister...

5.5CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•14 views

SUSE CVE-2026-46110

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Prevent NULL deref when RX memory exhausted The CPU receives frames from the MAC through conventional DMA: the CPU allocates buffers for the MAC, then the MAC fills them and returns ownership to the CPU. For each...

4.7CVSS5.9AI score0.005EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46111

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fix potential UAF in createbigsync Add hciconnvalid check in createbigsync to detect stale connections before proceeding with BIG creation. Handle the resulting -ECANCELED in createbigcomplete and re-validate...

6.4CVSS5.8AI score0.00125EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46112

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix unlocked call to hnsroceqpremove Sashiko points out that hnsroceqpremove requires the caller to hold locks. The error flow in hnsrocecreateqpcommon doesn't hold those locks for the error unwind so it risks corruptin...

5.3CVSS5.8AI score0.001EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:17 a.m.•12 views

SUSE CVE-2026-46113

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix shadow paging use-after-free due to unexpected GFN The shadow MMU computes GFNs for direct shadow pages using sp-gfn plus the SPTE index. This assumption breaks for shadow paging if the guest page tables are modifie...

8.8CVSS5.7AI score0.00126EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•19 views

SUSE CVE-2026-46114

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject non-8-byte ATOMICWRITE payloads atomicwritereply at drivers/infiniband/sw/rxe/rxeresp.c unconditionally dereferences 8 bytes at payloadaddrpkt: value = u64 payloadaddrpkt; checkrkey previously accepted an...

5.4CVSS5.8AI score0.00467EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46115

In the Linux kernel, the following vulnerability has been resolved: block: add pgmap check to biovecphysmergeable biovecphysmergeable is used by the request merge, DMA mapping, and integrity merge paths to decide if two physically contiguous bvec segments can be coalesced into one. It currently h...

5.5CVSS5.7AI score0.00491EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•13 views

SUSE CVE-2026-46116

In the Linux kernel, the following vulnerability has been resolved: xfrm: defensively unhash xfrmstate lists in xfrmstatedelete KASAN reproduces a slab-use-after-free in xfrmstatedelete's hlistdelrcu calls under syzkaller load on linux-6.12.y stable reproduced on 6.12.47, also reachable via the...

7.8CVSS5.8AI score0.00125EPSS
Exploits1References9
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46117

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Remove user triggerable WARNON in manaibcreateqprss Sashiko points out that the user can specify WQs sharing the same CQ as a part of the uAPI and this will trigger the WARNON then go on to corrupt the kernel. Just...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•13 views

SUSE CVE-2026-46118

In the Linux kernel, the following vulnerability has been resolved: pseries/papr-hvpipe: Fix null ptr deref in paprhvpipedevcreatehandle commit 6d3789d347a7 "papr-hvpipe: convert paprhvpipedevcreatehandle to FDPREPARE", changed the create handle to FDPREPARE, but it caused kernel null-ptr-deref...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•17 views

SUSE CVE-2026-46119

In the Linux kernel, the following vulnerability has been resolved: libceph: Fix slab-out-of-bounds access in auth message processing If a potentially corrupted message of type CEPHMSGAUTHREPLY contains a positive value in its result field, it is treated as an error code by cephhandleauthreply an...

6.8CVSS6AI score0.00525EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46120

In the Linux kernel, the following vulnerability has been resolved: ip6gre: Use cached t-net in ip6erspanchangelink. After commit 5e72ce3e3980 "net: ipv6: Use link netns in newlink of rtnllinkops", ip6erspannewlink correctly resolves the per-netns ip6gre hash via linknet. ip6erspanchangelink was...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•21 views

SUSE CVE-2026-46121

In the Linux kernel, the following vulnerability has been resolved: mm/damon/sysfs-schemes: protect memcgpath kfree with damonsysfslock Patch series "mm/damon/sysfs-schemes: fix use-after-free for memcgpath". Reads of 'memcgpath' and 'path' files in DAMON sysfs interface could race with their...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46122

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: enforce bounds check on firmware key index in b43rx The firmware-controlled key index in b43rx can exceed the dev-key array size 58 entries. The existing B43WARNON is non-enforcing in production builds, allowing an...

6.1CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46123

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: virtiobt: clamp rx length before skbput virtbtrxwork calls skbputskb, len where len comes directly from virtqueuegetbuf with no validation against the buffer we posted to the device. The RX skb is allocated in...

7.7CVSS5.9AI score0.00142EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•16 views

SUSE CVE-2026-46124

In the Linux kernel, the following vulnerability has been resolved: isofs: validate block number from NFS file handle in isofsexportiget isofsfhtodentry and isofsfhtoparent pass an attacker- controlled block number ifid-block or ifid-parentblock from the NFS file handle to isofsexportiget, which...

5.5CVSS5.8AI score0.00425EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•14 views

SUSE CVE-2026-46125

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection preparation fails for MLO connections, then the interface is completely reset to non-MLD. In this case, we must not keep the station since it's related to the...

5.5CVSS5.8AI score0.00302EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46126

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix manadestroywqobj cleanup in manaibcreateqprss Sashiko points out there are two bugs here in the error unwind flow, both related to how the WQ table is unwound. First there is a double i-- on the first failure path...

3.3CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•15 views

SUSE CVE-2026-46127

In the Linux kernel, the following vulnerability has been resolved: RDMA/ocrdma: Don't NULL deref uctx on errors in ocrdmacopypduresp Sashiko points out that pd-uctx isn't initialized until late in the function so all these error flow references are NULL and will crash. Use the uctx that isn't NU...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•15 views

SUSE CVE-2026-46128

In the Linux kernel, the following vulnerability has been resolved: ipmi: Check event message buffer response for bad data The event message buffer response data size got checked later when processing, but check it right after the response comes back. It appears some BMCs may return an empty...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•18 views

SUSE CVE-2026-46129

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free in createspaceinfo error path When kobjectinitandadd fails, the call chain is: createspaceinfo - btrfssysfsaddspaceinfotype - kobjectinitandadd - failure - kobjectput&spaceinfo-kobj - spaceinforelease -...

5.5CVSS5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•13 views

SUSE CVE-2026-46130

In the Linux kernel, the following vulnerability has been resolved: dm-verity-fec: fix reading parity bytes split across blocks take 3 fecdecodebufs assumes that the parity bytes of the first RS codeword it decodes are never split across parity blocks. This assumption is false. Consider...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46131

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: check for nEPT/nNPT in slow flush hypercalls Checking isguestmodevcpu is incorrect, because translatenestedgpa is only valid if an L2 guest is running with nested EPT/NPT enabled. Instead use the same condition as...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46132

In the Linux kernel, the following vulnerability has been resolved: net: rtnetlink: zero iflavfbroadcast to avoid stack infoleak in rtnlfillvfinfo rtnlfillvfinfo declares struct iflavfbroadcast on the stack without initialisation: struct iflavfbroadcast vfbroadcast; The struct contains a single...

5.5CVSS5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•20 views

SUSE CVE-2026-46133

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Reject unknown opcodes before ICRC processing Even after applying commit 7244491dab34 "RDMA/rxe: Validate pad and ICRC before payloadsize in rxercv", a single unauthenticated UDP packet can still trigger panic. That pat...

5.5CVSS5.7AI score0.00574EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•17 views

SUSE CVE-2026-46134

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: crosectypec: Init mutex in Thunderbolt registration crostypecregisterthunderbolt missed initializing the adata-lock mutex. This leads to a NULL dereference when the mutex is later acquired e.g. in...

5.5CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•26 views

SUSE CVE-2026-46135

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown nvmettcphandleicreq updates queue-state after sending an Initialization Connection Response ICResp, but it does so without serializing against target-side queue...

7CVSS5.8AI score0.00353EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•13 views

SUSE CVE-2026-46136

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix a potential clc buffer length underflow The buflen is used to limit the iterations for retrieving the country power setting and may underflow under certain conditions due to changes in the power table in...

5.5CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•18 views

SUSE CVE-2026-46137

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: ADDADDR rtx: fix potential data-race This mptcppmaddtimer helper is executed as a timer callback in softirq context. To avoid any data races, the socket lock needs to be held with bhlocksock. If the socket is in use,...

5.9CVSS5.8AI score0.00426EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•17 views

SUSE CVE-2026-46138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: Fix OOB read and infinite loop in hcilecreatebigcompleteevt hcilecreatebigcompleteevt iterates over BTBOUND connections for a BIG handle using a while loop, accessing ev-bishandlei++ on each iteration. Howeve...

6.5CVSS5.7AI score0.00277EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•16 views

SUSE CVE-2026-46139

In the Linux kernel, the following vulnerability has been resolved: smb: client: use kzalloc to zero-initialize security descriptor buffer Commit 62e7dd0a39c2d "smb: common: change the data type of numaces to le16" split struct smbacl's le32 numaces field into le16 numaces and le16 reserved. The...

4.3CVSS5.9AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•10 views

SUSE CVE-2026-46140

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: validate WMT event SKB length before struct access btmtkusbhciwmtsync casts the WMT event response SKB data to struct btmtkhciwmtevt 7 bytes and struct btmtkhciwmtevtfuncc 9 bytes without first checking that the...

6.3CVSS5.8AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•9 views

SUSE CVE-2026-46141

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: fix kmemleak caused by incorrect chipdata lookup The kmemleak reports the following memory leak: Unreferenced object 0xc0000002a7fbc640 size 64: comm "kworker/8:1", pid 540, jiffies 4294937872 hex dump first 32 byte...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•10 views

SUSE CVE-2026-46142

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix VF illegal register access Register WXCFGPORTST is a PF restricted register. When a VF is initialized, attempting to read this register triggers an illegal register access, which lead to a system hang. When the...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•8 views

SUSE CVE-2026-46143

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: q6apm-lpass-dai: Fix multiple graph opens As prepare can be called mulitple times, this can result in multiple graph opens for playback path. This will result in a memory leaks, fix this by adding a check before openi...

4.7CVSS5.7AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46144

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Fix error unwind in manaibcreateqprss Sashiko points out that manaibcfgvportsteering is leaked, the normal destroy path cleans it up...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•17 views

SUSE CVE-2026-46145

In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rxhashkeylen Sashiko points out that rxhashkeylen comes from a uAPI structure and is blindly passed to memcpy, allowing the userspace to trash kernel memory. Bounds check it so the memcpy cannot overflow...

7CVSS5.9AI score0.00142EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•9 views

SUSE CVE-2026-46146

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Avoid potential endless loop in convertchmapv3 The convertchmapv3 has a loop with its increment size of csdesc-wLength, but we forgot to validate csdesc-wLength itself, which may lead to potential endless loop by...

5.5CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•27 views

SUSE CVE-2026-46147

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix pin leak and publication ordering in pkvminitvcpu Two bugs exist in the vCPU initialisation path: 1. If a check fails after hyppinsharedmem succeeds, the cleanup path jumps to 'unlock' without calling unpinhostvcp...

4.7CVSS5.8AI score0.00126EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•17 views

SUSE CVE-2026-46148

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core-qspi: control built-in cs manually The coreQSPI IP supports only a single chip select, which is automagically operated by the hardware - set low when the transmit buffer first gets written to and set high when...

5.5CVSS5.8AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46149

In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf return in tgptgpmembersshow targettgptgpmembersshow formats LUN paths with snprintf into a 256-byte stack buffer, then will memcpy curlen bytes from that buffer. snprintf returns the length...

5.5CVSS5.7AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•16 views

SUSE CVE-2026-46151

In the Linux kernel, the following vulnerability has been resolved: usb: usblp: fix heap leak in IEEE 1284 device ID via short response usblpctrlmsg collapses the usbcontrolmsg return value to 0/-errno, discarding the actual number of bytes transferred. A broken printer can complete the GETDEVICE...

6.3CVSS5.8AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•12 views

SUSE CVE-2026-46150

In the Linux kernel, the following vulnerability has been resolved: fanotify: fix false positive on permission events fsnotifygetmarksafe may return false for a mark on an unrelated group, which results in bypassing the permission check. Fix by skipping over detached marks that are not in the...

7.1CVSS5.8AI score0.00142EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46152

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: drop stray 'static' from fast-RX rxresult ieee80211invokefastrx is documented as safe for parallel RX, but its per-invocation rxresult is declared static. Concurrent callers then share one instance and can overwri...

5.5CVSS5.8AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•18 views

SUSE CVE-2026-46153

In the Linux kernel, the following vulnerability has been resolved: 8021q: delete cleared egress QoS mappings vlandevsetegresspriority currently keeps cleared egress priority mappings in the hash as tombstones. Repeated set/clear cycles with distinct skb priorities therefore accumulate mapping...

5.3CVSS5.8AI score0.00112EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•11 views

SUSE CVE-2026-46154

In the Linux kernel, the following vulnerability has been resolved: schedext: Read scxroot under scxcgroupopsrwsem in cgroup setters scxgroupsetweight,idle,bandwidth cache scxroot before acquiring scxcgroupopsrwsem, so the pointer can be stale by the time the op runs. If the loaded scheduler is...

5.5CVSS5.8AI score0.0012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/05/29 1:16 a.m.•32 views

SUSE CVE-2026-46155

In the Linux kernel, the following vulnerability has been resolved: smb/client: fix out-of-bounds read in smb2compoundop If a server sends a truncated response but a large OutputBufferLength, and terminates the EA list early, checkwsleas returns success without validating that the entire...

7CVSS5.8AI score0.00478EPSS
Exploits0References4
Total number of security vulnerabilities59218