SUSE CVE-2021-42327

dplinksettingswrite in drivers/gpu/drm/amd/display/amdgpudm/amdgpudmdebugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parsewritebufferintoparam...

SUSE CVE-2022-24959

An issue was discovered in the Linux kernel before 5.16.5. There is a memory leak in yamsiocdevprivate in drivers/net/hamradio/yam.c...

SUSE CVE-2022-40476

A null pointer dereference issue was discovered in fs/iouring.c in the Linux kernel before 5.15.62. A local user could use this flaw to crash the system or potentially cause a denial of service...

GSD-2023-1002166 drm/amd/display: Calculate output_color_space after pixel encoding adjustment

drm/amd/display: Calculate outputcolorspace after pixel encoding adjustment This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.165 by commit...

GSD-2023-1002106 xhci: Fix null pointer dereference when host dies

xhci: Fix null pointer dereference when host dies This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.90 by commit...

GSD-2023-1001944 IB/hfi1: Immediately remove invalid memory from hardware

IB/hfi1: Immediately remove invalid memory from hardware This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

GSD-2023-1001917 bnxt: Do not read past the end of test names

bnxt: Do not read past the end of test names This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

GSD-2023-1001906 drm/drm_vma_manager: Add drm_vma_node_allow_once()

drm/drmvmamanager: Add drmvmanodeallowonce This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.9 by commit...

PT-2023-34950 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v6.1.11 Description: A memory leak issue exists in the ovs flow cmd new function. The actual impact and attack plausibility have not yet been proven. This issue was introduced in Linux Kernel version v6.1.2 and i...

PT-2023-34981 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: The issue concerns a potential Spectre v1 gadget in the netlink component. The actual impact and attack plausibility have not yet been proven. It was introduced in version v2.6.15 and fixed i...

OESA-2023-1055 kernel security update

The Linux Kernel, the operating system core itself. Security Fixes: In rndisqueryoid in drivers/net/wireless/rndiswlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.CVE-2023-23559 No description is available for this CVE.CVE-2023-0047...

CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next...

GSD-2023-1001739 tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer

tty: serial: qcom-geni-serial: fix slab-out-of-bounds on RX FIFO buffer This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.90 by commit...

GSD-2023-1001730 io_uring/poll: add hash if ready poll request can't complete inline

iouring/poll: add hash if ready poll request can't complete inline This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

GSD-2023-1001700 net/mlx5: Fix command stats access after free

net/mlx5: Fix command stats access after free This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.7 by commit...

PT-2023-34794 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.7 Description: The issue is related to the iommu/arm-smmu component. It was introduced in version v6.1 and fixed in version v6.1.7. The actual impact and attack plausibility have not yet been proven...

PT-2023-34751 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.8 Description: The issue concerns the handling of PTE markers in the hugetlb change protection function. It was introduced in version v5.19 and fixed in version v6.1.8. The actual impact and attack...

PT-2023-34853 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.10.165 Description: A use-after-free race condition issue exists in the fastrpc component for maps. The actual impact and attack plausibility have not yet been proven. This issue was introduced in version v5....

GSD-2023-1001191 platform/x86: mxm-wmi: fix memleak in mxm_wmi_call_mx[ds|mx]()

platform/x86: mxm-wmi: fix memleak in mxmwmicallmxds|mx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...

GSD-2023-1001064 i2c: mux: reg: check return value after calling platform_get_resource()

i2c: mux: reg: check return value after calling platformgetresource This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.86 by commit...