OPENSUSE-SU-2025:15060-1 kanidm-1.6.0~git0.d7ae0f336-1.1 on GA media

These are all security issues fixed in the kanidm-1.6.0git0.d7ae0f336-1.1 package on the GA media of openSUSE Tumbleweed...

Discourse Code Review Plugin 跨站脚本漏洞

Discourse Code Review Plugin is an open source plugin for Discourse. A cross-site scripting vulnerability exists in versions of Discourse Code Review Plugin prior to eed3a80, which originates from a malicious GitHub commit link that can execute arbitrary JavaScript...

SUSE CVE-2022-49931

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Correctly move list in scdisable Commit 13bac861952a "IB/hfi1: Fix abba locking issue with scdisable" incorrectly tries to move a list from one list head to another. The result is a kernel crash. The crash is triggered...

CVE-2025-2509

Out-of-Bounds Read in Virglrenderer in ChromeOS 16093.57.0 allows a malicious guest VM to achieve arbitrary address access within the crosvm sandboxed process, potentially leading to VM escape via crafted vertex elements data triggering an out-of-bounds read in utilformatdescription...

CVE-2024-58100

CVE-2024-58100 concerns the Linux kernel BPF verifier and how it handles the changes_pkt_data property for extension/global programs. The available details describe a commit that: adds a changes_pkt_data flag to struct bpf_prog_aux, sets this flag for the main sub-program in check_cfg() and for o...

CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

SUSE CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

DEBIAN-CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

AZL-70123 CVE-2023-53042 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

UBUNTU-CVE-2023-53042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

CVE-2023-53042 drm/amd/display: Do not set DRR on pipe Commit

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

CVE-2023-53042

CVE-2023-53042 : In the Linux kernel, the drm/amd/display component was vulnerable when writing DRR registers (e.g., OTG_V_TOTAL_MIN) in the same frame as a pipe commit, which could cause underflow. The issue has been resolved by preventing DRR from being set on a pipe commit. The available conne...

CVE-2023-53042 drm/amd/display: Do not set DRR on pipe Commit

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not set DRR on pipe Commit WHY Writing to DRR registers such as OTGVTOTALMIN on the same frame as a pipe commit can cause underflow...

DEBIAN-CVE-2022-49919

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

CVE-2022-49888

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortexa76erratum1463225debughandler function is called when handling debug exceptions and synchronous exceptions from BRK instructions, and so is called when a probed function executes. If...

CVE-2022-49920

Affected product: Linux kernel (netfilter nf_tables). Vulnerability arises from a race in the netlink notifier during object release after the RCU grace period, where the netlink notifier handler might win a race to remove objects still referenced by the transaction context. Root cause: commit re...

CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

CVE-2022-49919 netfilter: nf_tables: release flow rule object from commit path

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: release flow rule object from commit path No need to postpone this to the commit release path, since no packets are walking over this object, this is accessed from control plane only. This helped uncovered UA...

CVE-2022-49916 rose: Fix NULL pointer dereference in rose_send_frame()

In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rosesendframe The syzkaller reported an issue: KASAN: null-ptr-deref in range 0x0000000000000380-0x0000000000000387 CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted...