Lucene search
K
SusecveRecent

59218 matches found

SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.9 views

SUSE CVE-2026-46206

In the Linux kernel, the following vulnerability has been resolved: batman-adv: reject new tpmeter sessions during teardown Prevent tpmeter from starting new sender or receiver sessions after meshstate has left BATADVMESHACTIVE...

5.5CVSS5.8AI score0.00139EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.10 views

SUSE CVE-2026-46207

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix empty payload in tap skb for non-linear buffers For non-linear skbs, virtiotransportbuildskb goes through virtiotransportcopynonlinearskb to copy the original payload in the new skb to be delivered to the vsockm...

3.3CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.15 views

SUSE CVE-2026-46208

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop tpmeter sessions during mesh teardown TP meter sessions remain linked on batpriv-tplist after the netlink request has already finished. When the mesh interface is removed, batadvmeshfree currently tears down the...

5.5CVSS5.8AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.12 views

SUSE CVE-2026-46209

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Fix inconsistent plane dimension calculation in drmgemfbinitwithfuncs drmgemfbinitwithfuncs computes sub-sampled plane dimensions using plain integer division: unsigned int width = modecmd-width / i ? info-hsub : 1;...

7CVSS5.8AI score0.00139EPSS
Exploits0References14
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.9 views

SUSE CVE-2026-46210

In the Linux kernel, the following vulnerability has been resolved: media: iris: fix use-after-free of fmtsrc during MBPF check During concurrency testing, multiple instances can run in parallel, and each instance uses its own inst-lock while the core-lock protects the list of active instances. T...

7CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.17 views

SUSE CVE-2026-46211

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gem: fix error handling in msmioctlgeminfogetmetadata msmioctlgeminfogetmetadata always returns 0 regardless of errors. When copytouser fails or the user buffer is too small, the error code stored in ret is ignored becaus...

6.6CVSS5.9AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.14 views

SUSE CVE-2026-46212

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: prevent use-after-free when deleting claims When batadvbladelbackboneclaims removes all claims for a backbone, it does this by dropping the link entry in the hash list. This list entry itself was one of the...

7.5CVSS5.7AI score0.00274EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:15 a.m.12 views

SUSE CVE-2026-46213

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix UAF in inactivity-timer cleanup path Commit 38224c472a03 "HID: appletb-kbd: fix slab use-after-free bug in appletbkbdprobe" added timerdeletesync&kbd-inactivitytimer to both the probe closehw error path and...

7.8CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.9 views

SUSE CVE-2026-46214

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: fix accept queue count leak on transport mismatch virtiotransportrecvlisten calls skacceptqadded before vsockassigntransport. If vsockassigntransport fails or selects a different transport, the error path returns...

4.7CVSS5.8AI score0.00128EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.14 views

SUSE CVE-2026-46215

In the Linux kernel, the following vulnerability has been resolved: drm: Set old handle to NULL before prime swap in changehandle There was a potential race condition in changehandle. The ioctl briefly had a single object with two idr entries; a concurrent gemclose could delete the object and...

7CVSS5.8AI score0.00133EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46216

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Add NULL check for mediagt in intelhdcpgsccheckstatus When media GT is disabled via configfs, there is no allocation for mediagt, which is kept as NULL. In such scenario, intelhdcpgsccheckstatus results in a kernel...

5.5CVSS5.8AI score0.00127EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-46217

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5CVSS5.2AI score0.00013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.11 views

SUSE CVE-2026-46218

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add bounds checking to ibget,setvalue The uvd/vce/vcn code accesses the IB at predefined offsets without checking that the IB is large enough. Check the bounds here. The caller is responsible for making sure it can...

5.5CVSS6AI score0.00131EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.11 views

SUSE CVE-2026-46219

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on unbind The state machine work is scheduled by the interrupt handler and therefore needs to be cancelled after disabling interrupts to avoid a potential use-after-free...

7CVSS5.7AI score0.00135EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.9 views

SUSE CVE-2026-46220

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/sdma4: replace BUGON with WARNON in fence emission sdmav40ringemitfence contains two BUGONaddr & 0x3 assertions that verify fence writeback addresses are dword-aligned. These assertions can be reached from unprivileged...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.16 views

SUSE CVE-2026-46221

In the Linux kernel, the following vulnerability has been resolved: EDAC/versalnet: Fix device name memory leak The device name allocated via kzalloc in initonemc is assigned to dev-initname but never freed on the normal removal path. deviceregister copies initname and then sets dev-initname to...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-46222

In the Linux kernel, the following vulnerability has been resolved: media: rockchip: rkcif: Add missing MUSTCONNECT flag to pads The pads missed checks for connected devices which may a null dereference when the stream is enabled. Unable to handle kernel NULL pointer dereference at virtual addres...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-46223

In the Linux kernel, the following vulnerability has been resolved: cgroup: Defer css percpuref kill on rmdir until cgroup is depopulated A chain of commits going back to v7.0 reworked rmdir to satisfy the controller invariant that a subsystem's -cssoffline must not run while tasks are still doin...

4.7CVSS5.7AI score0.00083EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46224

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix bo leak in xedmabufinitobj on allocation failure When drmgpuvmresvobjectalloc fails, the pre-allocated storage bo is not freed. Add xebofreestorage before returning the error. xedmabufinitobj calls xeboinitlocked, whi...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.9 views

SUSE CVE-2026-46225

In the Linux kernel, the following vulnerability has been resolved: spi: rspi: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-46226

In the Linux kernel, the following vulnerability has been resolved: spi: fsl: fix controller deregistration Make sure to deregister the controller before releasing underlying resources like DMA during driver unbind...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.19 views

SUSE CVE-2026-46227

In the Linux kernel, the following vulnerability has been resolved: sctp: revalidate list cursor after sctpsendmsgtoasoc in SCTPSENDALL The SCTPSENDALL path in sctpsendmsg iterates ep-asocs with listforeachentrysafe, which caches the next entry in @tmp before the loop body runs. The body calls...

7CVSS5.7AI score0.00104EPSS
Exploits0References16
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46228

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix devres lifetime USB drivers bind to USB interfaces and any device managed resources should have their lifetime tied to the interface rather than parent USB device. This avoids issues like memory leaks when drivers...

5.5CVSS5.8AI score0.00117EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-46229

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Clear VRAM on allocation to prevent stale data exposure KFD VRAM allocations set AMDGPUGEMCREATEVRAMWIPEONRELEASE but not AMDGPUGEMCREATEVRAMCLEARED, leaving freshly allocated VRAM with stale data from prior use...

7.1CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46230

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg...

5.5CVSS5.8AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-46231

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: put backbone reference on failed claim hash insert When batadvblaaddclaim fails to insert a new claim into the hash, it leaked a reference to the backbonegw for which the claim was intended. Call...

6.5CVSS5.8AI score0.00119EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46232

In the Linux kernel, the following vulnerability has been resolved: HID: playstation: Clamp numtouchreports A device would never lie about the number of touch reports would it? If it does the loop in dualshock4parsereport will read off the end of the touchreports array, up to about 2 KiB for the...

6.1CVSS5.7AI score0.00258EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.14 views

SUSE CVE-2026-46233

In the Linux kernel, the following vulnerability has been resolved: batman-adv: bla: only purge non-released claims When batadvblapurgeclaims goes through the list of claims, it is only traversing the hash list with an rcureadlock. Due to a potential parallel batadvclaimput, it can happen that it...

4.7CVSS5.7AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.14 views

SUSE CVE-2026-46234

In the Linux kernel, the following vulnerability has been resolved: vsock: fix buffer size clamping order In vsockupdatebuffersize, the buffer size was being clamped to the maximum first, and then to the minimum. If a user sets a minimum buffer size larger than the maximum, the minimum check...

5.5CVSS5.9AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-46235

In the Linux kernel, the following vulnerability has been resolved: media: saa7164: add ioremap return checks and cleanups Add checks for ioremap return values in saa7164devsetup. If ioremap for BAR0 or BAR2 fails, release the already allocated PCI memory regions, remove the device from the globa...

4.7CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.13 views

SUSE CVE-2026-46236

In the Linux kernel, the following vulnerability has been resolved: media: rc: xboxremote: heed DMA restrictions The buffer for IO must not be part of the device structure because that violates the DMA coherency rules...

5.5CVSS5.8AI score0.00119EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46237

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

5.5CVSS5.2AI score0.00013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.14 views

SUSE CVE-2026-46238

In the Linux kernel, the following vulnerability has been resolved: batman-adv: stop caching unowned originator pointers in BAT IV BAT IV keeps the last-hop neighbor address in each neighnode, but some paths also cache an originator pointer derived from a temporary lookup. That pointer is not own...

5.5CVSS5.7AI score0.00262EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-46239

In the Linux kernel, the following vulnerability has been resolved: media: i2c: ov5647: Fix runtime PM refcount leak in sctrl Three control cases AUTOGAIN, EXPOSUREAUTO, ANALOGUEGAIN directly return without calling pmruntimeput, causing runtime PM reference count leaks. Change these cases from...

5.5CVSS5.8AI score0.00105EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.10 views

SUSE CVE-2026-46240

In the Linux kernel, the following vulnerability has been resolved: media: iris: Fix use-after-free in irisreleaseinternalbuffers The recent change in commit 1dabf00ee206 "media: iris: gen1: Destroy internal buffers after FW releases" introduced a regression where sessionreleasebuf may free the...

5.5CVSS5.8AI score0.00124EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.9 views

SUSE CVE-2026-46241

In the Linux kernel, the following vulnerability has been resolved: spi: mpc52xx: fix use-after-free on registration failure Make sure to disable and free the interrupts in case controller registration fails to avoid a potential use-after-free and resource leak. This issue was flagged by Sashiko...

5.5CVSS5.8AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/29 1:14 a.m.12 views

SUSE CVE-2026-47104

libusb before version 1.0.30 contains a one-byte out-of-bounds read vulnerability in parseiadarray in descriptor.c that allows attackers to trigger a denial of service by supplying a malformed USB descriptor whose bLength equals size minus one, causing the bounds check to use the original buffer...

5.5CVSS5.9AI score0.0013EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.15 views

SUSE CVE-2025-70103

Heap buffer overflow vulnerability in libjxl 0.12.0 via crafted PBM images to the jxl::extras::DecodeImagePNM function in file lib/extras/dec/pnm.cc...

8.1CVSS6AI score0.00367EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.17 views

SUSE CVE-2025-71303

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix race condition when checking rpmon When autosuspend is triggered, driver rpmon flag is set to indicate that a suspend/resume is already in progress. However, when a userspace application submits a command durin...

4.7CVSS5.8AI score0.00102EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.14 views

SUSE CVE-2025-71304

In the Linux kernel, the following vulnerability has been resolved: smack: /smack/doi: accept previously used values Writing to /smack/doi a value that has ever been written there in the past disables networking for non-ambient labels. E.g. cat /smack/doi 3 netlabelctl -p cipso list Configured...

5.7AI score0.0016EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.13 views

SUSE CVE-2025-71305

In the Linux kernel, the following vulnerability has been resolved: drm/display/dpmst: Add protection against 0 vcpi When releasing a timeslot there is a slight chance we may end up with the wrong payload mask due to overflow if the delayeddestroywork ends up coming into play after a DP 2.1 monit...

5.8AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.19 views

SUSE CVE-2025-71306

In the Linux kernel, the following vulnerability has been resolved: ima: Fix stack-out-of-bounds in isbprmcredsforexec KASAN reported a stack-out-of-bounds access in imaappraisemeasurement from isbprmcredsforexec: BUG: KASAN: stack-out-of-bounds in imaappraisemeasurement+0x12dc/0x16a0 Read of siz...

7.1CVSS5.8AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.12 views

SUSE CVE-2025-71307

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix NULL pointer dereference on panthorfwunplug This patch removes the MCU halt and wait for halt procedures during panthorfwunplug as the MCU can be in a variety of states or the FW may not even be loaded/initialize...

5.7AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.12 views

SUSE CVE-2025-71308

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix potential NULL pointer dereference in context cleanup aiedestroycontext is invoked during error handling in aie2createcontext. However, aiedestroycontext assumes that the context's mailbox channel pointer is...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.15 views

SUSE CVE-2025-71309

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix deadlock in nireadfoliocmpr Syzbot reported a task hung in nireadpagecmpr now nireadfoliocmpr. This is caused by a lock inversion deadlock involving the inode mutex nilock and page locks. Scenario: 1. Task A enters...

5.8AI score0.00106EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.17 views

SUSE CVE-2025-71311

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize new folios before use KMSAN reports an uninitialized value in longestmatchstd, invoked from ntfscompresswrite. When new folios are allocated without being marked uptodate and nireadframe is skipped because th...

5.5CVSS5.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 4:1 a.m.11 views

SUSE CVE-2025-71312

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: fix ntfsmountoptions leak in ntfsfillsuper In ntfsfillsuper, the fc-fsprivate pointer is set to NULL without first freeing the memory it points to. This causes the subsequent call to ntfsfsfree to skip freeing the...

5.5CVSS5.8AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2026/05/28 3:59 a.m.16 views

SUSE CVE-2026-34303

unknown...

6.5CVSS7.2AI score0.00303EPSS
Exploits0References10
SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.20 views

SUSE CVE-2026-39821

The ToASCII and ToUnicode functions incorrectly accept Punycode-encoded labels that decode to an ASCII-only label. For example, ToUnicode"xn--example-.com" incorrectly returns the name "example.com" rather than an error. This behavior can lead to privilege escalation in programs using the idna...

7.4CVSS5.8AI score0.00478EPSS
Exploits0References46
SUSE CVE
SUSE CVE
added 2026/05/28 3:58 a.m.15 views

SUSE CVE-2026-40034

gix-submodule before 0.29.0 gitoxide before 0.5.21, gix before 0.84.0 incorrectly validates the update field in .gitmodules, allowing attackers to bypass the CommandForbiddenInModulesConfiguration guard when a submodule has been initialized with only partial configuration in .git/config. An...

8.5CVSS6.2AI score0.00351EPSS
Exploits0References3
Total number of security vulnerabilities59218