6 matches found
SUSE CVE-2024-56737
GNU GRUB aka GRUB2 through 2.12 has a heap-based buffer overflow in fs/hfs.c via crafted sblock data in an HFS filesystem...
SUSE CVE-2024-42461
In the Elliptic package 6.5.6 for Node.js, ECDSA signature malleability occurs because BER-encoded signatures are allowed...
SUSE CVE-2024-6991
Use after free in Dawn in Google Chrome prior to 127.0.6533.72 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...
SUSE CVE-2024-40921
In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to brmstvlansetstate Pass the already obtained vlan group pointer to brmstvlansetstate instead of dereferencing it again. Each caller has already correctly dereferenced it for their...
SUSE CVE-2024-35892
In the Linux kernel, the following vulnerability has been resolved: net/sched: fix lockdep splat in qdisctreereducebacklog qdisctreereducebacklog is called with the qdisc lock held, not RTNL. We must use qdisclookuprcu instead of qdisclookup syzbot reported: WARNING: suspicious RCU usage...
SUSE CVE-2024-2606
Passing invalid data could have led to invalid wasm values being created, such as arbitrary integers turning into pointer values. This vulnerability affects Firefox 124...