SUSE CVE-2018-8043

The unimacmdioprobe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service NULL pointer dereference...

SUSE CVE-2018-10074

The hi3660stubclkprobe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service NULL pointer dereference by triggering a failure of resource retrieval...

SUSE CVE-2018-10846

A cache-based side channel in GnuTLS implementation that leads to plain text recovery in cross-VM attack setting was found. An attacker could use a combination of "Just in Time" Prime+probe attack in combination with Lucky-13 attack to recover plain text using crafted packets...

SUSE CVE-2018-19824

In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device with zero interfaces that is mishandled in usbaudioprobe in sound/usb/card.c...

SUSE CVE-2019-15291

An issue was discovered in the Linux kernel through 5.2.9. There is a NULL pointer dereference caused by a malicious USB device in the flexcopusbprobe function in the drivers/media/usb/b2c2/flexcop-usb.c driver...

SUSE CVE-2019-18813

A memory leak in the dwc3pciprobe function in drivers/usb/dwc3/dwc3-pci.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service memory consumption by triggering platformdeviceaddproperties failures, aka CID-9bbfceea12a8...

SUSE CVE-2019-19054

A memory leak in the cx23888irprobe function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering kfifoalloc failures, aka CID-a7b2df76b42b...

SUSE CVE-2019-19064

A memory leak in the fsllpspiprobe function in drivers/spi/spi-fsl-lpspi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service memory consumption by triggering pmruntimegetsync failures, aka CID-057b8945f78f. NOTE: third parties dispute the relevance of this because a...

SUSE CVE-2019-19075

A memory leak in the ca8210probe function in drivers/net/ieee802154/ca8210.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service memory consumption by triggering ca8210getplatformdata failures, aka CID-6402939ec86e...

SUSE CVE-2022-3028

A race condition was found in the Linux kernel's IP framework for transforming packets XFRM subsystem when multiple calls to xfrmprobealgs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an...

SUSE CVE-2022-4639

A vulnerability, which was classified as critical, has been found in sslh. This issue affects the function hexdump of the file probe.c of the component Packet Dumping Handler. The manipulation of the argument msginfo leads to format string. The attack may be initiated remotely. The name of the...

SUSE CVE-2022-29916

Firefox behaved slightly differently for already known resources when loading CSS resources involving CSS variables. This could have been used to probe the browser history. This vulnerability affects Thunderbird 91.9, Firefox ESR 91.9, and Firefox 100...

SUSE CVE-2022-34495

rpmsgprobe in drivers/rpmsg/virtiorpmsgbus.c in the Linux kernel before 5.18.4 has a double free...

GSD-2023-1002098 dmaengine: idxd: Let probe fail when workqueue cannot be enabled

dmaengine: idxd: Let probe fail when workqueue cannot be enabled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.90 by commit...

GSD-2023-1001960 dmaengine: idxd: Let probe fail when workqueue cannot be enabled

dmaengine: idxd: Let probe fail when workqueue cannot be enabled This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.8 by commit...

PT-2023-35103 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.93 Description: The issue concerns error handling code in the ufx usb probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions prior to...

PT-2023-35018 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v6.1.9 Description: The issue is related to a potential null pointer dereference in the sp usb phy probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux...

PT-2023-35174 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions prior to v5.15.90 Description: The issue is related to the dmaengine: idxd, where the probe fails when the workqueue cannot be enabled. The actual impact and attack plausibility have not yet been proven. Recommendations:...

PT-2023-35164 · Linux · Linux Kernel

Name of the Vulnerable Software and Affected Versions: Linux Kernel versions v3.6 through v5.15.90 Description: A memory leak issue exists in the highbank mc probe function. The actual impact and attack plausibility have not yet been proven. Recommendations: For Linux Kernel versions v3.6 through...

Buffer overflow

Transient DOS in WLAN Firmware due to buffer over-read while processing probe response or beacon...