SUSE CVE-2017-6507

An issue was discovered in AppArmor before 2.12. Incorrect handling of unknown AppArmor profiles in AppArmor init scripts, upstart jobs, and/or systemd unit files allows an attacker to possibly have increased attack surfaces of processes that were intended to be confined by AppArmor. This is due ...

SUSE CVE-2017-14934

processdebuginfo in dwarf.c in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service infinite loop via a crafted ELF file that contains a negative size value in a CU structure...

SUSE CVE-2017-15537

The x86/fpu Floating Point Unit subsystem in the Linux kernel before 4.13.5, when a processor supports the xsave feature but not the xsaves feature, does not correctly handle attempts to set reserved bits in the xstate header via the ptrace or rtsigreturn system call, allowing local users to read...

SUSE CVE-2018-12891

An issue was discovered in Xen through 4.10.x. Certain PV MMU operations may take a long time to process. For that reason Xen explicitly checks for the need to preempt the current vCPU at certain points. A few rarely taken code paths did bypass such checks. By suitably enforcing the conditions...

SUSE CVE-2018-14522

An issue was discovered in aubio 0.4.6. A SEGV signal can occur in aubiopitchsetunit in pitch/pitch.c, as demonstrated by aubionotes...

SUSE CVE-2018-15686

A vulnerability in unitdeserialize of systemd allows an attacker to supply arbitrary state across systemd re-execution via NotifyAccess. This can be used to improperly influence systemd execution and possibly lead to root privilege escalation. Affected releases are systemd versions up to and...

SUSE CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

SUSE CVE-2019-18424

An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via DMA in a situation where an untrusted domain has access to a physical device. This occurs because passed through PCI devices may corrupt host memory after deassignment. When a PCI device is assigned to...

SUSE CVE-2019-19577

An issue was discovered in Xen through 4.12.x allowing x86 AMD HVM guest OS users to cause a denial of service or possibly gain privileges by triggering data-structure access during pagetable-height updates. When running on AMD systems with an IOMMU, Xen attempted to dynamically adapt the number ...

SUSE CVE-2020-16593

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor BFD library aka libbfd, as distributed in GNU Binutils 2.35, in scanunitforsymbols, as demonstrated in addr2line, that can cause a denial of service via a crafted file...

SUSE CVE-2021-26312

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

SUSE CVE-2021-26329

AMD System Management Unit SMU may experience an integer overflow when an invalid length is provided which may result in a potential loss of resources...

SUSE CVE-2021-26330

AMD System Management Unit SMU may experience a heap-based overflow which may result in a loss of resources...

SUSE CVE-2021-26331

AMD System Management Unit SMU contains a potential issue where a malicious user may be able to manipulate mailbox entries leading to arbitrary code execution...

SUSE CVE-2021-26336

Insufficient bounds checking in System Management Unit SMU may cause invalid memory accesses/updates that could result in SMU hang and subsequent failure to service any further requests from other components...

SUSE CVE-2021-26337

Insufficient DRAM address validation in System Management Unit SMU may result in a DMA read from invalid DRAM address to SRAM resulting in SMU not servicing further requests...

SUSE CVE-2021-26338

Improper access controls in System Management Unit SMU may allow for an attacker to override performance control tables located in DRAM resulting in a potential lack of system resources...

SUSE CVE-2021-26350

A TOCTOU race condition in SMU may allow for the caller to obtain and manipulate the address of a message port register which may result in a potential denial of service...

SUSE CVE-2021-26348

Failure to flush the Translation Lookaside Buffer TLB of the I/O memory management unit IOMMU may lead an IO device to write to memory it should not be able to access, resulting in a potential loss of integrity...

SUSE CVE-2021-26373

Insufficient bound checks in the System Management Unit SMU may result in a system voltage malfunction that could result in denial of resources and/or possibly denial of service...