SUSE CVE-2017-18203

The dmgetfromkobject function in drivers/md/dm.c in the Linux kernel before 4.14.3 allow local users to cause a denial of service BUG by leveraging a race condition with dmdestroy during creation and removal of DM devices...

SUSE CVE-2017-18222

In the Linux kernel before 4.12, Hisilicon Network Subsystem HNS does not consider the ETHSSPRIVFLAGS case when retrieving ssetcount data, which allows local users to cause a denial of service buffer overflow and memory corruption or possibly have unspecified other impact, as demonstrated by...

SUSE CVE-2018-7191

In the tun subsystem in the Linux kernel before 4.13.14, devgetvalidname is not called before registernetdevice. This allows local users to cause a denial of service NULL pointer dereference and panic via an ioctlTUNSETIFF call with a dev name containing a / character. This is similar to...

SUSE CVE-2018-11219

An Integer Overflow issue was discovered in the struct library in the Lua subsystem in Redis before 3.2.12, 4.x before 4.0.10, and 5.x before 5.0 RC2, leading to a failure of bounds checking...

SUSE CVE-2018-25020

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/bpf/core.c and net/core/filter.c...

SUSE CVE-2019-0155

Insufficient access control in a subsystem for Intel R processor graphics in 6th, 7th, 8th and 9th Generation IntelR CoreTM Processor Families; IntelR PentiumR Processor J, N, Silver and Gold Series; IntelR CeleronR Processor J, N, G3900 and G4900 Series; IntelR AtomR Processor A and E3900 Series...

SUSE CVE-2019-0169

Heap overflow in subsystem in IntelR CSME before versions 11.8.70, 11.11.70, 11.22.70, 12.0.45; IntelR TXE before versions 3.1.70 and 4.0.20 may allow an unauthenticated user to potentially enable escalation of privileges, information disclosure or denial of service via adjacent access...

SUSE CVE-2019-1353

An issue was found in Git before v2.24.1, v2.23.1, v2.22.2, v2.21.1, v2.20.2, v2.19.3, v2.18.2, v2.17.3, v2.16.6, v2.15.4, and v2.14.6. When running Git in the Windows Subsystem for Linux also known as "WSL" while accessing a working directory on a regular Windows drive, none of the NTFS...

SUSE CVE-2019-11109

Logic issue in the subsystem for IntelR SPS before versions SPSE504.01.04.275.0, SPSSoC-X04.00.04.100.0 and SPSSoC-A04.00.04.191.0 may allow a privileged user to potentially enable denial of service via local access...

SUSE CVE-2019-15214

An issue was discovered in the Linux kernel before 5.0.10. There is a use-after-free in the sound subsystem because card disconnection causes certain data structures to be deleted too early. This is related to sound/core/init.c and sound/core/info.c...

SUSE CVE-2019-25044

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blkmqfreerqs and blkcleanupqueue...

SUSE CVE-2019-25045

An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrmstatefini panic, aka CID-dbb2483b2a46...

SUSE CVE-2020-14351

A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with permission to monitor perf events to corrupt memory and possibly escalate privileges. The highest threat from this vulnerability is to data confidentiality and integri...

SUSE CVE-2020-25624

hw/usb/hcd-ohci.c in QEMU 5.0.0 has a stack-based buffer over-read via values obtained from the host controller driver...

SUSE CVE-2020-25641

A flaw was found in the Linux kernel's implementation of biovecs in versions before 5.9-rc7. A zero-length biovec request issued by the block subsystem could cause the kernel to enter an infinite loop, causing a denial of service. This flaw allows a local attacker with basic privileges to issue...

SUSE CVE-2020-25656

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnerability is to data confidentiality...

SUSE CVE-2020-27067

In the l2tp subsystem, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-152409173...

SUSE CVE-2020-27225

In versions 4.18 and earlier of the Eclipse Platform, the Help Subsystem does not authenticate active help requests to the local help web server, allowing an unauthenticated local attacker to issue active help commands to the associated Eclipse Platform process or Eclipse Rich Client Platform...

SUSE CVE-2020-28097

The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgaconscrolldelta out-of-bounds read, aka CID-973c096f6a85...

SUSE CVE-2020-29660

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/ttyio.c and drivers/tty/ttyjobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24...