Lucene search
K
SusecveRecent

59380 matches found

SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•6 views

SUSE CVE-2026-31506

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix double free of WoL irq We do not need to free wolirq since it was instantiated with devmrequestirq. So devres will free for us...

5.6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•10 views

SUSE CVE-2026-31507

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix double-free of smcspdpriv when tee duplicates splice pipe buffer smcrxsplice allocates one smcspdpriv per pipebuffer and stores the pointer in pipebuffer.private. The pipebufoperations for these buffers used .get =...

7.8CVSS5.8AI score0.00126EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31508

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdevdestroy...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31509

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: fix circular locking dependency in nciclosedevice nciclosedevice flushes rxwq and txwq while holding reqlock. This causes a circular locking dependency because ncirxwork running on rxwq can end up taking reqlock too:...

5.5CVSS5.6AI score0.00095EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•6 views

SUSE CVE-2026-31510

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix null-ptr-deref on l2capsockreadycb Before using sk pointer, check if it is null. Fix the following: KASAN: null-ptr-deref in range 0x0000000000000260-0x0000000000000267 CPU: 0 UID: 0 PID: 5985 Comm:...

5.6AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31511

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix dangling pointer on mgmtaddadvpatternsmonitorcomplete This fixes the condition checking so mgmtpendingvalid is executed whenever status != -ECANCELED otherwise calling mgmtpendingfreecmd would kfreecmd withou...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31512

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Validate PDU length before reading SDU length in l2capecreddatarcv l2capecreddatarcv reads the SDU length field from skb-data using getunalignedle16 without first verifying that skb contains at least...

7.1CVSS5.6AI score0.00123EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•6 views

SUSE CVE-2026-31513

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix stack-out-of-bounds read in l2capecredconnreq Syzbot reported a KASAN stack-out-of-bounds read in l2capbuildcmd that is triggered by a malformed Enhanced Credit Based Connection Request. The vulnerability...

5.8AI score0.00252EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31514

In the Linux kernel, the following vulnerability has been resolved: erofs: set fileio bio failed in short read case For file-backed mount, IO requests are handled by vfsiocbiterread. However, it can be interrupted by SIGKILL, returning the number of bytes actually copied. Unused folios in bio are...

5.6AI score0.00122EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31515

In the Linux kernel, the following vulnerability has been resolved: afkey: validate families in pfkeysendmigrate syzbot was able to trigger a crash in skbput 1 Issue is that pfkeysendmigrate does not check old/new families, and that setipsecrequest @family argument was truncated, thus possibly...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•6 views

SUSE CVE-2026-31516

In the Linux kernel, the following vulnerability has been resolved: xfrm: prevent policyhthresh.work from racing with netns teardown A XFRMMSGNEWSPDINFO request can queue the per-net work item policyhthresh.work onto the system workqueue. The queued callback, xfrmhashrebuild, retrieves the...

6.4CVSS5.6AI score0.00099EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•8 views

SUSE CVE-2026-31517

In the Linux kernel, the following vulnerability has been resolved: xfrm: iptfs: fix skbput panic on non-linear skb during reassembly In iptfsreassemcont, IP-TFS attempts to append data to the new inner packet 'newskb' that is being reassembled. First a zero-copy approach is tried if it succeeds...

5.5CVSS5.7AI score0.00121EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•7 views

SUSE CVE-2026-31518

In the Linux kernel, the following vulnerability has been resolved: esp: fix skb leak with espintcp and async crypto When the TX queue for espintcp is full, espoutputtailtcp will return an error and not free the skb, because with synchronous crypto, the common xfrm output code will drop the packe...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•12 views

SUSE CVE-2026-31519

In the Linux kernel, the following vulnerability has been resolved: btrfs: set BTRFSROOTORPHANCLEANUP during subvol create We have recently observed a number of subvolumes with broken dentries. ls-ing the parent dir looks like: drwxrwxrwt 1 root root 16 Jan 23 16:49 . drwxr-xr-x 1 root root 24 Ja...

5.5CVSS5.6AI score0.00123EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2026/04/23 1:25 a.m.•5 views

SUSE CVE-2026-31520

In the Linux kernel, the following vulnerability has been resolved: HID: apple: avoid memory leak in applereportfixup The applereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returned pointer, but ...

5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31521

In the Linux kernel, the following vulnerability has been resolved: module: Fix kernel panic when a symbol stshndx is out of bounds The module loader doesn't check for bounds of the ELF section index in simplifysymbols: for i = 1; i shsize / sizeofElfSym; i++ const char name = info-strtab +...

4.4CVSS5.6AI score0.00123EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31522

In the Linux kernel, the following vulnerability has been resolved: HID: magicmouse: avoid memory leak in magicmousereportfixup The magicmousereportfixup function was returning a newly kmemdup-allocated buffer, but never freeing it. The caller of reportfixup does not take ownership of the returne...

5.5CVSS5.7AI score0.00123EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-31523

In the Linux kernel, the following vulnerability has been resolved: nvme-pci: ensure we're polling a polled queue A user can change the polled queue count at run time. There's a brief window during a reset where a hipri task may try to poll that queue before the block layer has updated the queue...

5.6AI score0.00089EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31524

In the Linux kernel, the following vulnerability has been resolved: HID: asus: avoid memory leak in asusreportfixup The asusreportfixup function was returning a newly allocated kmemdup-allocated buffer, but never freeing it. Switch to devmkzalloc to ensure the memory is managed and freed...

4.7CVSS5.7AI score0.00123EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-31525

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix undefined behavior in interpreter sdiv/smod for INTMIN The BPF interpreter's signed 32-bit division and modulo handlers use the kernel abs macro on s32 operands. The abs macro documentation include/linux/math.h explicitl...

6.4CVSS5.7AI score0.00129EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-31526

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exception exit lock checking for subprogs processbpfexitfull passes checklock = !curframe to checkresourceleak, which is false in cases when bpfthrow is called from a static subprog. This makes checkresourceleak to skip...

5.5CVSS5.6AI score0.001EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•7 views

SUSE CVE-2026-31527

In the Linux kernel, the following vulnerability has been resolved: driver core: platform: use generic driveroverride infrastructure When a driver is probed through driverattach, the bus' match callback is called without the device lock held, thus accessing the driveroverride field without a lock...

7.8CVSS5.6AI score0.00129EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-31528

In the Linux kernel, the following vulnerability has been resolved: perf: Make sure to use pmuctx-pmu for groups Oliver reported that x86pmudel ended up doing an out-of-bound memory access when groupschedin fails and needs to roll back. This should be handled by the transaction callbacks, but he...

7CVSS5.5AI score0.00129EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-31529

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix leakage in constructregion Failing the first sysfsupdategroup needs to explicitly kfree the resource as it is too early for cxlregioniomemrelease to do so...

5.6AI score0.00107EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•5 views

SUSE CVE-2026-31530

In the Linux kernel, the following vulnerability has been resolved: cxl/port: Fix use after free of parentport in cxldetachep cxldetachep is called during bottom-up removal when all CXL memory devices beneath a switch port have been removed. For each port in the hierarchy it locks both the port a...

5.7AI score0.00125EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•5 views

SUSE CVE-2026-32147

Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal' vulnerability in Erlang OTP ssh sshsftpd module allows an authenticated SFTP user to modify file attributes outside the configured chroot directory. The SFTP daemon sshsftpd stores the raw, user-supplied path in file...

4.3CVSS5.8AI score0.00354EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-33254

An attacker can create a large number of concurrent DoQ or DoH3 connections, causing unlimited memory allocation in DNSdist and leading to a denial of service. DOQ and DoH3 are disabled by default...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-33256

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

7.5CVSS5.8AI score0.00606EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-33257

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.7AI score0.00514EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-33258

By publishing and querying a crafted zone an attacker can cause allocation of large entries in the negative and aggressive NSEC3 caches...

7.5CVSS5.8AI score0.00583EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•7 views

SUSE CVE-2026-33259

Having many concurrent transfers of the same RPZ can lead to inconsistent RPZ data, use after free and/or a crash of the recursor. Normally concurrent transfers of the same RPZ zone can only occur with a malfunctioning RPZ provider...

5CVSS5.8AI score0.00225EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-33260

An attacker can send a web request that causes unlimited memory allocation in the internal web server, leading to a denial of service. The internal web server is disabled by default...

5.3CVSS5.7AI score0.00524EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-33261

A zone transition from NSEC to NSEC3 might trigger an internal inconsistency and cause a denial of service...

5.9CVSS5.8AI score0.00228EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•7 views

SUSE CVE-2026-33262

An attacker can send replies that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service. Cookies are disabled by default...

5.9CVSS5.8AI score0.00418EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•11 views

SUSE CVE-2026-33593

A client can trigger a divide by zero error leading to crash by sending a crafted DNSCrypt query...

7.5CVSS5.7AI score0.00381EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-33594

A client can trigger excessive memory allocation by generating a lot of queries that are routed to an overloaded DoH backend, causing queries to accumulate into a buffer that will not be released until the end of the connection...

7.5CVSS6AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33595

A client can trigger excessive memory allocation by generating a lot of errors responses over a single DoQ and DoH3 connection, as some resources were not properly released until the end of the connection...

7.5CVSS5.8AI score0.00371EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-33596

A client might theoretically be able to cause a mismatch between queries sent to a backend and the received responses by sending a flood of perfectly timed queries that are routed to a TCP-only or DNS over TLS backend...

6.5CVSS5.7AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33597

PRSD detection denial of service...

7.5CVSS5.7AI score0.00348EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•10 views

SUSE CVE-2026-33598

A cached crafted response can cause an out-of-bounds read if custom Lua code calls getDomainListByAddress or getAddressListByDomain on a packet cache...

9.1CVSS5.8AI score0.01073EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•12 views

SUSE CVE-2026-33599

A rogue backend can send a crafted SVCB response to a Discovery of Designated Resolvers request, when requested via either the autoUpgrade Lua option to newServer or autoupgrade YAML settings. DDR upgrade is not enabled by default...

8.1CVSS5.8AI score0.00283EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-33600

An RPZ sent by a malicious authoritative server can result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.4CVSS5.8AI score0.00523EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•9 views

SUSE CVE-2026-33601

If you use the zoneToCache function with a malicious authoritative server, an attacker can send a zone that result in a null pointer dereference, caused by a missing consistency check and leading to a denial of service...

4.4CVSS5.8AI score0.00512EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•7 views

SUSE CVE-2026-33602

A rogue backend can send a crafted UDP response with a query ID off by one related to the maximum configured value, triggering an out-of-bounds write leading to a denial of service...

8.2CVSS5.8AI score0.00731EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•20 views

SUSE CVE-2026-33608

An attacker can send a notify request that causes a new secondary domain to be added to the bind backend, but causes said backend to update its configuration to an invalid one, leading to the backend no longer able to run on the next restart, requiring manual operation to fix it...

9.8CVSS5.8AI score0.00383EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•6 views

SUSE CVE-2026-33609

Incomplete escaping of LDAP queries when running with 8bit-dns enabled allows users to perform queries of internal domain subtrees...

5.3CVSS5.8AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•5 views

SUSE CVE-2026-33610

A rogue primary server may cause file descriptor exhaustion and eventually a denial of service, when a PowerDNS secondary server forwards a DNS update request to it...

7.5CVSS5.8AI score0.00393EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•5 views

SUSE CVE-2026-33611

An operator allowed to use the REST API can cause the Authoritative server to produce invalid HTTPS or SVCB record data, which can in turn cause LMDB database corruption, if using the LMDB backend...

6.5CVSS5.8AI score0.00423EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•8 views

SUSE CVE-2026-34268

unknown...

2.9CVSS7.2AI score0.00122EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2026/04/23 1:24 a.m.•5 views

SUSE CVE-2026-34282

unknown...

7.5CVSS7.2AI score0.00635EPSS
Exploits0References15
Total number of security vulnerabilities59380