Lucene search
K
SusecveRecent

59178 matches found

SUSE CVE
SUSE CVE
•added 6 days ago•8 views

SUSE CVE-2026-53166

In the Linux kernel, the following vulnerability has been resolved: futex/requeue: Prevent NULL pointer dereference in removewaiter on self-deadlock When FUTEXCMPREQUEUEPI requeues a non-top waiter that already owns the target PI futex, taskblocksonrtmutex returns -EDEADLK before setting...

5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53167

In the Linux kernel, the following vulnerability has been resolved: fuse: limit FUSENOTIFYRETRIEVE to uptodate folios FUSENOTIFYRETRIEVE must be limited to uptodate folios; !uptodate folios can contain uninitialized data. Since FUSENOTIFYRETRIEVE is intended to only return data that is already in...

5.8AI score0.00166EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53168

In the Linux kernel, the following vulnerability has been resolved: fuse: reject fusenotify pagecache ops on directories The operations FUSENOTIFYSTORE and FUSENOTIFYRETRIEVE allow the FUSE daemon to actively write/read pagecache contents. For directories with FOPENCACHEDIR, the pagecache is used...

5.8AI score0.00176EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53169

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject NPUOPRESIZE commands from userspace NPUOPRESIZE is a U85-only command that the driver does not yet implement. The existing WARNON1 placeholder fires unconditionally whenever userspace submits this command via...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53170

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: reject DMA commands with uninitialized length cmdstateinit initializes the command state with memset0xff, leaving dma-len at U64MAX to signal missing setup. The only setter is NPUSETDMA0LEN; if userspace omits this...

8.8CVSS5.9AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53171

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix arithmetic issues in dmalength dmalength derives DMA region usage from command stream values and updates regionsize: len = len + stride0 size0 + stride1 size1 regionsizeregion = max..., len + dma-offset Several...

8.8CVSS6AI score0.00137EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•7 views

SUSE CVE-2026-53172

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix IFM region index out-of-bounds in command stream parser NPUSETIFMREGION extracts the region index with param & 0x7f, giving a maximum value of 127. However regionsize and outputregion in struct...

7.8CVSS5.7AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53173

In the Linux kernel, the following vulnerability has been resolved: accel/ethosu: fix OOB write in ethosugemcmdstreamcopyandvalidate The command stream parsing loop increments the index variable a second time when a 64-bit command word is encountered bit 14 set, but does not re-check the loop bou...

7.8CVSS6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•7 views

SUSE CVE-2026-53174

In the Linux kernel, the following vulnerability has been resolved: ovl: keep err zero after successful ovlcacheget ovliteratemerged stores PTRERRcache in err before checking ISERRcache. On success err holds the truncated cache pointer and can be returned as a bogus non-zero error. The syzbot...

7.8CVSS5.8AI score0.00129EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53175

In the Linux kernel, the following vulnerability has been resolved: inet: frags: fix use-after-free caused by the fqdirpreexit flush On netns teardown, fqdirpreexit walks the fqdir rhashtable and flushes every fragment queue that is not yet complete using inetfragqueueflush. That helper frees all...

9.8CVSS5.8AI score0.00327EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53176

In the Linux kernel, the following vulnerability has been resolved: IB/isert: Reject login PDUs shorter than ISERHEADERSLEN In drivers/infiniband/ulp/isert/ibisert.c, isertloginrecvdone computes the login request payload length as wc-bytelen minus ISERHEADERSLEN with no lower bound, and loginreql...

9.8CVSS6AI score0.00397EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•7 views

SUSE CVE-2026-53177

In the Linux kernel, the following vulnerability has been resolved: bnxten: Fix NULL pointer dereference PCIe errors detected by a Root Port or Downstream Port cause error recovery services to run on all subordinate devices regardless of administrative state. The .errordetected callback,...

5.8AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53178

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: rtwmlme: add bounds checks before ielength subtraction Add guards to ensure ielength is large enough before subtracting fixed IE offsets to prevent unsigned integer underflow...

8.1CVSS5.8AI score0.00214EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53179

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix buffer over-read in rtwupdateprotection rtwupdateprotection is called with a pointer offset into the ies buffer but the full ielength is passed, causing a potential buffer over-read...

5.9AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53180

In the Linux kernel, the following vulnerability has been resolved: timers/migration: Fix livelock in tmigrhandleremoteup tmigrhandleremotecpu skips timerexpireremote when cpu == smpprocessorid, assuming the local softirq path already handled this CPU's timers. This assumption is wrong because...

7.5CVSS5.9AI score0.00466EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53181

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: fix skackbacklog leak on failed handshake When vmcitransportrecvconnectingserver returns an error, vmcitransportrecvlisten calls vsockremovepending but never calls skacceptqremoved. This leaves skackbacklog incremente...

5.8AI score0.00184EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•4 views

SUSE CVE-2026-53182

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject oversized EMA RNR lists nl80211parsernrelems stores the parsed element count in a u8-backed cfg80211rnrelems::cnt field and uses that count to size the flexible array allocation. Reject nested...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•4 views

SUSE CVE-2026-53183

In the Linux kernel, the following vulnerability has been resolved: mptcp: allow subflow rcv wnd to shrink In MPTCP connection, the window field in the TCP header refers to the MPTCP-level rcvnxt and it's right edge should not move backward. Such constraint is enforced at DSS option generation...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53184

In the Linux kernel, the following vulnerability has been resolved: udp: clear skb-dev before running a sockmap verdict On the UDP receive path skb-dev is repurposed as devscratch the truesize/state cache set by udpsetdevscratch, through the union struct netdevice dev; unsigned long devscratch; i...

7.5CVSS5.8AI score0.00506EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53185

In the Linux kernel, the following vulnerability has been resolved: zram: fix use-after-free in zrambvecwritepartial zramreadpage picks the sync or async backing device read path based on whether the parent bio is NULL. zrambvecwritepartial passes its parent bio down, so for ZRAMWB slots the read...

7.8CVSS5.8AI score0.00099EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53186

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: bound SRPRSP sense copy by the received length srpprocessrsp copies sense data from rsp-data + respdatalen, where respdatalen is the full 32-bit value supplied by the SRP target and is never checked against the number o...

9.1CVSS6AI score0.00544EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53187

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate cpuid against nrcpuids in DMAH alloc The cpuid attribute supplied by user space through UVERBSATTRALLOCDMAHCPUID is passed directly to cpumasktestcpu without first verifying that the value is within the valid...

7.1CVSS5.8AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53188

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Validate the passed in fops for ibgetucaps Sashiko pointed out it is not safe to rely only on the devt because char/block alias so if the user finds a block device with the same devt it can masquerade as a ucap cdev fd...

8.8CVSS5.8AI score0.00136EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53189

In the Linux kernel, the following vulnerability has been resolved: mm/hugememory: update file PMD counter before folioput splithugepmdlocked updates the file/shmem RSS counter after dropping the PMD mapping's folio reference. If folioput drops the last reference, mmcounterfile can later read fre...

7.8CVSS5.8AI score0.00138EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53190

In the Linux kernel, the following vulnerability has been resolved: drm/virtio: fix dmafence refcount leak on error in virtiogpudmafencewait dmafenceunwrapforeach internally calls dmafenceunwrapfirst which does cursor-chain = dmafencegethead, taking an extra reference. On normal loop completion,...

5.8AI score0.00175EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53191

In the Linux kernel, the following vulnerability has been resolved: iouring/net: inherit IORINGCQEFBUFMORE across bundle recv retries When a bundle recv retries inside iorecvfinish, the merge logic OR the saved cflags from the previous iteration with the cflags returned by the new iteration: cfla...

7.8CVSS6AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53192

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Fix UAF at sndtimeruserparams At releasing a timer object, e.g. when a userspace timer CONFIGSNDUTIMER gets closed and sndtimerfree is called, it tries to detach the timer instances and release the resources. However...

7.8CVSS5.8AI score0.00134EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53193

In the Linux kernel, the following vulnerability has been resolved: ALSA: timer: Forcibly close timer instances at closing When sndtimer object is freed via sndtimerfree and still pending sndtimerinstance objects are assigned to the timer object, it tries to unlink all instances and just set NULL...

7.8CVSS5.8AI score0.00141EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53194

In the Linux kernel, the following vulnerability has been resolved: USB: serial: kl5kusb105: fix bulk-out buffer overflow klsi105preparewritebuffer is called by the generic write path with the bulk-out buffer and its size bulkoutsize, 64 bytes. It stores a two-byte length header at the start of t...

7.8CVSS6AI score0.00146EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53195

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in buildi2cfwhdr buildi2cfwhdr allocates a fixed-size buffer of 161024 - 512 + sizeofstruct tii2cfirmwarerec bytes, then copies le16tocpuimgheader-Length bytes into it without validating that...

6AI score0.00203EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53196

In the Linux kernel, the following vulnerability has been resolved: USB: serial: ioti: fix heap overflow in getmanufinfo getmanufinfo reads le16tocpuromdesc-Size bytes from the device I2C EEPROM into a buffer allocated with kmallocobj, which is sizeofstruct edgetimanufdescriptor = 10 bytes. The...

6AI score0.00155EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53197

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix ABBA deadlock in iptfsdestroystate iptfsdestroystate calls hrtimercancel while holding a spinlock that the timer callback also acquires, leading to an ABBA deadlock on SMP systems. For the output timer iptfstimer...

5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53198

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free of a deferred filelock on double SMB2CANCEL A deferred byte-range lock an SMB2LOCK that blocks registers an async work on conn-asyncrequests via setupasyncwork, with cancelfn = smb2removeblockedlock and...

8.8CVSS5.6AI score0.00466EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53199

In the Linux kernel, the following vulnerability has been resolved: hvnetvsc: use kmaplocalpage in netvsccopytosendbuf netvsccopytosendbuf copies page buffer entries into the VMBus send buffer using phystovirt on the entry PFN. Entries for the RNDIS header and the skb linear data come from...

7.5CVSS6AI score0.0053EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53200

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: nv: Fix handling of XN0 when !FEATXNX XN has already been extracted from its bitfield position so using FIELDPREP on the mask that clears XN0 is completely broken, having the effect of unconditionally granting execute...

8.8CVSS5.9AI score0.00129EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53201

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/xe: Skip exec queue schedule toggle if queue is idle during suspend" This reverts commit 8533051ce92015e9cc6f75e0d52119b9d91610b6. The idle-skip optimization bypasses GuC suspend, so the GPU may not perform the contex...

7.8CVSS5.8AI score0.00137EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•8 views

SUSE CVE-2026-53202

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix signed integer truncation in IPC receive Fix potential buffer overflow where firmware-supplied datasize is cast to signed int before being used in mint. Large unsigned values = 0x80000000 become negative, causing...

7.8CVSS6AI score0.00146EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53203

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add buffer overflow check in MS getinfoioctl Add validation that the info size returned from the metric stream info query is not exceeded when checked against the allocated buffer size. If the firmware returns a size...

7.1CVSS6AI score0.00146EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53204

In the Linux kernel, the following vulnerability has been resolved: firmware: stratix10-rsu: Fix NULL deref on rsusendmsg timeout in probe rsusendmsg can return -ETIMEDOUT when waitforcompletioninterruptibletimeout fires while the SMC call is still pending. In stratix10rsuprobe, the error paths f...

5.8AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53205

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds checks for firmware log indices Add validation that read and write indices in the firmware log buffer are within valid bounds datasize before using them. If out-of-bounds indices are encountered from...

7.1CVSS5.9AI score0.00131EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53206

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Add bounds check for firmware runtime memory Validate that the firmware runtime memory specified in the image header is properly aligned and sized to hold the firmware image. This prevents errors during memory...

5.8AI score0.00162EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•7 views

SUSE CVE-2026-53207

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix hugetlblock AA deadlock in gethugepageforhwpoison Two concurrent madviseMADVHWPOISON calls on the same hugetlb page can trigger a recursive spinlock self-deadlock AA deadlock on hugetlblock when racing with...

5.8AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53208

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: reject BR/EDR signaling packets over MTUsig net/bluetooth/l2capcore.c:l2capsigchannel accepts BR/EDR signaling packets up to the channel MTU and dispatches each command without enforcing the signaling MTU MTUsig...

5.8AI score0.00176EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53209

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: reject oversized Broadcast Announcement prepend Existing advertising instances can already hold the maximum extended advertising payload. When hciadvbcastannoucement prepends the Broadcast Announcement service...

7.8CVSS5.9AI score0.00138EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53210

In the Linux kernel, the following vulnerability has been resolved: tee: shm: fix shm leak in registershmhelper registershmhelper allocates shm before calling ioviternpages. If ioviternpages returns 0, the function jumps to errctxput and leaks shm. This can be triggered by TEEIOCSHMREGISTER with...

5.8AI score0.00175EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53211

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftmetabridge: fix stale stack leak via IIFHWADDR register NFTMETABRIIIFHWADDR declares its destination register with len = ETHALEN 6 bytes, which the register-init tracking rounds up to two 32-bit registers 8 bytes...

5.8AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53212

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfttunnel: fix use-after-free on object destroy nfttunnelobjdestroy calls metadatadstfree which directly kfrees the metadatadst, ignoring the dstentry refcount. Packets that took a reference via dsthold in...

7.8CVSS5.8AI score0.00125EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53213

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: fix krealloc memory leak Don't just overwrite the original pointer passed to krealloc with its return value without checking latter: MEM = kreallocMEM, SZ, GFP; If krealloc returns NULL, that erases the pointer to the...

5.8AI score0.0018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•6 views

SUSE CVE-2026-53214

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix a potential NPD in cleanupprefixroute addrconfgetprefixroute can return the fib6nullentry sentinel entry which has a NULL fib6table pointer. Therefore, before setting the route's expiration time, check that we are not...

5.8AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 6 days ago•5 views

SUSE CVE-2026-53215

In the Linux kernel, the following vulnerability has been resolved: net: mvpp2: refill RX buffers before XDP or skb use The RX error path returns the current descriptor buffer to the hardware BM pool. That is only valid while the driver still owns the buffer. mvpp2rxrefill can fail after the...

9.8CVSS6AI score0.00546EPSS
Exploits0References2
Total number of security vulnerabilities59178