Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2025/12/31 12:31 a.m.•13 views

SUSE CVE-2022-50822

In the Linux kernel, the following vulnerability has been resolved: RDMA/restrack: Release MR restrack when delete The MR restrack also needs to be released when delete it, otherwise it cause memory leak as the task struct won't be released...

5.5CVSS6.4AI score0.002EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 1:5 a.m.•13 views

SUSE CVE-2022-50716

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...

6.6CVSS6.5AI score0.00239EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/25 1:4 a.m.•13 views

SUSE CVE-2022-50734

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: Fix memleak in nvmemregister devsetname will alloc memory for nvmem-dev.kobj.name in nvmemregister, when nvmemvalidatekeepouts failed, nvmem's memory will be freed and return, but nobody will free memory for...

6.5AI score0.002EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/20 12:29 a.m.•13 views

SUSE CVE-2025-44005

An attacker can bypass authorization checks and force a Step CA ACME or SCEP provisioner to create certificates without completing certain protocol authorization checks...

10CVSS7AI score0.0326EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•13 views

SUSE CVE-2022-50631

In the Linux kernel, the following vulnerability has been resolved: RISC-V: kexec: Fix memory leak of fdt buffer This is reported by kmemleak detector: unreferenced object 0xff60000082864000 size 9588: comm "kexec", pid 146, jiffies 4294900634 age 64.788s hex dump first 32 bytes: d0 0d fe ed 00 0...

6.6AI score0.00172EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/10 12:39 a.m.•13 views

SUSE CVE-2022-50643

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscopyfilerange If the file is used by swap, before return -EOPNOTSUPP, should free the xid, otherwise, the xid will be leaked...

3.3CVSS6.5AI score0.00174EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/10 12:38 a.m.•13 views

SUSE CVE-2022-50653

In the Linux kernel, the following vulnerability has been resolved: mmc: atmel-mci: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, it will lead two issues: 1. The memory that allocated in mmcallochost is leaked. 2. In the remove path, mmcremovehos...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/11/14 12:24 a.m.•13 views

SUSE CVE-2025-40164

In the Linux kernel, the following vulnerability has been resolved: usbnet: Fix using smpprocessorid in preemptible code warnings Syzbot reported the following warning: BUG: using smpprocessorid in preemptible 00000000 code: dhcpcd/2879 caller is usbnetskbreturn+0x74/0x490...

4.7CVSS6.7AI score0.00171EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/24 11:24 p.m.•13 views

SUSE CVE-2025-40019

In the Linux kernel, the following vulnerability has been resolved: crypto: essiv - Check ssize for decryption and in-place encryption Move the ssize check to the start in essivaeadcrypt so that it's also checked for decryption and in-place encryption...

7CVSS6.5AI score0.00274EPSS
Exploits1References26
SUSE CVE
SUSE CVE
•added 2025/09/17 11:29 p.m.•13 views

SUSE CVE-2023-53189

In the Linux kernel, the following vulnerability has been resolved: ipv6/addrconf: fix a potential refcount underflow for idev Now in addrconfmodrstimer, reference idev depends on whether rstimer is not pending. Then modify rstimer timeout. There is a time gap in 1, during which if the pending...

5.5CVSS6.5AI score0.00146EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2025/09/15 11:27 p.m.•13 views

SUSE CVE-2023-53254

In the Linux kernel, the following vulnerability has been resolved: cacheinfo: Fix sharedcpumap to handle shared caches at different levels The cacheinfo sets up the sharedcpumap by checking whether the caches with the same index are shared between CPUs. However, this will trigger...

6.3CVSS6.5AI score0.00138EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/09/12 11:23 p.m.•13 views

SUSE CVE-2025-39787

In the Linux kernel, the following vulnerability has been resolved: soc: qcom: mdtloader: Ensure we don't read past the ELF header When the MDT loader is used in remoteproc, the ELF header is sanitized beforehand, but that's not necessary the case for other clients. Validate the size of the...

4.4CVSS6.6AI score0.00148EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/09/04 11:23 p.m.•13 views

SUSE CVE-2025-38728

In the Linux kernel, the following vulnerability has been resolved: smb3: fix for slab out of bounds on mount to ksmbd With KASAN enabled, it is possible to get a slab out of bounds during mount to ksmbd due to missing check in parseserverinterfaces see below: BUG: KASAN: slab-out-of-bounds in...

5.5CVSS6.2AI score0.0014EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•13 views

SUSE CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path putunusedfd doesn't free the installed file, if we've already done fdinstall. So we need to also free the syncfile. Patchwork: https://patchwork.freedesktop.org/patch/653583/...

3.3CVSS6.5AI score0.00156EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/04 2:38 p.m.•13 views

SUSE CVE-2025-38162

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftsetpipapo: prevent overflow in lookup table allocation When calculating the lookup table size, ensure the following multiplication does not overflow: - desc-fieldlen maximum value is U8MAX multiplied by...

6.6CVSS8.1AI score0.00138EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/06/19 3:45 a.m.•13 views

SUSE CVE-2022-49948

In the Linux kernel, the following vulnerability has been resolved: vt: Clear selection before changing the font When changing the console font with ioctlKDFONTOP the new font size can be bigger than the previous font. A previous selection may thus now be outside of the new screen size and thus...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•13 views

SUSE CVE-2022-49990

In the Linux kernel, the following vulnerability has been resolved: s390: fix double free of GS and RI CBs on fork failure The pointers for guarded storage and runtime instrumentation control blocks are stored in the threadstruct of the associated task. These pointers are initially copied on fork...

5.5CVSS6.3AI score0.0022EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•13 views

SUSE CVE-2022-49999

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix space cache corruption and potential double allocations When testing spacecache v2 on a large set of machines, we encountered a few symptoms: 1. "unable to add free space :-17" EEXIST errors. 2. Missing free space info...

5.5CVSS6.5AI score0.00211EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:43 a.m.•13 views

SUSE CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gccsleepclksrc Once the usb sleep clocks are disabled, clock framework is trying to disable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:...

5.5CVSS6.2AI score0.0016EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•13 views

SUSE CVE-2022-50118

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Optimize clearing the pending PMI and remove WARNON for PMI check in powerpmudisable commit 2c9ac51b850d "powerpc/perf: Fix PMU callbacks to clear pending PMI before resetting an overflown PMC" added a new function...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/12 3:31 a.m.•13 views

SUSE CVE-2025-40915

Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand function...

7CVSS7AI score0.00242EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/05/21 12:47 a.m.•13 views

SUSE CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlcmacrelease plfxlcmacrelease asserts that mac-lock is held. This assertion is incorrect, because even if it was possible, it would not be the valid behaviour. The function is used whe...

3.3CVSS7.6AI score0.0016EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/21 12:46 a.m.•13 views

SUSE CVE-2025-37944

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix invalid entry fetch in ath12kdpmonsrngprocess Currently, ath12kdpmonsrngprocess uses ath12khalsrngsrcgetnextentry to fetch the next entry from the destination ring. This is incorrect because...

5.5CVSS7.8AI score0.00168EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/21 12:45 a.m.•13 views

SUSE CVE-2025-37990

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmfusbdlwriteimage The function brcmfusbdlwriteimage calls the function brcmfusbdlcmd but dose not check its return value. The 'state.state' and the 'state.bytes' are uninitialized ...

5.5CVSS7.7AI score0.00166EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/03 2:53 a.m.•13 views

SUSE CVE-2022-49837

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix memory leaks in checkfunccall kmemleak reports this issue: unreferenced object 0xffff88817139d000 size 2048: comm "testprogs", pid 33246, jiffies 4307381979 age 45851.820s hex dump first 32 bytes: 01 00 00 00 00 00 00 00...

3.3CVSS6.4AI score0.00164EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/05/03 2:50 a.m.•13 views

SUSE CVE-2023-53091

In the Linux kernel, the following vulnerability has been resolved: ext4: update sjournalinum if it changes after journal replay When mounting a crafted ext4 image, sjournalinum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/05/02 2:2 a.m.•13 views

SUSE CVE-2025-37789

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check that the attribute is OK first...

5.5CVSS6.3AI score0.00179EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/04/23 2:38 a.m.•13 views

SUSE CVE-2025-22106

In the Linux kernel, the following vulnerability has been resolved: vmxnet3: unregister xdp rxq info in the reset path vmxnet3 does not unregister xdp rxq info in the vmxnet3resetwork code path as vmxnet3rqdestroy is not invoked in this code path. So, we get below message with a backtrace. Missin...

5.5CVSS7.7AI score0.00177EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/03/12 3:23 p.m.•13 views

SUSE CVE-2025-21854

In the Linux kernel, the following vulnerability has been resolved: sockmap, vsock: For connectible sockets allow only connected sockmap expects all vsocks to have a transport assigned, which is expressed in vsockproto::psockupdateskprot. However, there is an edge case where an unconnected...

5.5CVSS7.6AI score0.00192EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/03/01 2:52 a.m.•13 views

SUSE CVE-2025-21821

In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usbfecm gether usbfrndis uether...

5.5CVSS6.7AI score0.00181EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/02/27 3:8 a.m.•13 views

SUSE CVE-2022-49328

In the Linux kernel, the following vulnerability has been resolved: mt76: fix use-after-free by removing a non-RCU wcid pointer Fixes an issue caught by KASAN about use-after-free in mt76txqschedule by protecting mtxq-wcid with rculock between mt76txqschedule and stainfoalloc, free. 18853.876689...

5.5CVSS6.3AI score0.00284EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/01/12 12:18 a.m.•13 views

SUSE CVE-2024-48873

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: check return value of ieee80211probereqget for RNR The return value of ieee80211probereqget might be NULL, so check it before using to avoid NULL pointer access. Addresses-Coverity-ID: 1529805 "Dereference null retur...

5.5CVSS7.7AI score0.0021EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/09 12:20 a.m.•13 views

SUSE CVE-2024-56776

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

5.5CVSS7.7AI score0.00203EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/12/27 12:16 a.m.•13 views

SUSE CVE-2024-53157

In the Linux kernel, the following vulnerability has been resolved: firmware: armscpi: Check the DVFS OPP count returned by the firmware Fix a kernel crash with the below call trace when the SCPI firmware returns OPP count of zero. dvfsinfo.oppcount may be zero on some platforms during the reboot...

5.5CVSS7.6AI score0.00225EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2024/11/10 3:49 a.m.•13 views

SUSE CVE-2024-50237

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: do not pass a stopped vif to the driver in .gettxpower Avoid potentially crashing in the driver because of uninitialized private data...

5.5CVSS7.7AI score0.00263EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2024/11/09 3:49 a.m.•13 views

SUSE CVE-2024-50180

In the Linux kernel, the following vulnerability has been resolved: fbdev: sisfb: Fix strbuf array overflow The values of the variables xres and yres are placed in strbuf. These variables are obtained from strbuf1. The strbuf1 array contains digit characters and a space if the array contains...

5.5CVSS7.4AI score0.00255EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/10/23 2:51 a.m.•13 views

SUSE CVE-2024-49917

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for clkmgr and clkmgr-funcs in dcn30inithw This commit addresses a potential null pointer dereference issue in the dcn30inithw function. The issue could occur when dc-clkmgr or dc-clkmgr-funcs is...

5.5CVSS7.2AI score0.00237EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/10/21 3:46 p.m.•13 views

SUSE CVE-2024-47728

In the Linux kernel, the following vulnerability has been resolved: bpf: Zero former ARGPTRTOLONG,INT args in case of error For all non-tracing helpers which formerly had ARGPTRTOLONG,INT as input arguments, zero the value for the case of an error as otherwise it could leak memory. For tracing, i...

5.5CVSS6.3AI score0.00235EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/10/21 3:46 p.m.•13 views

SUSE CVE-2024-47749

In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Added NULL check for lookupatid The lookupatid function can return NULL if the ATID is invalid or does not exist in the identifier table, which could lead to dereferencing a null pointer without a check in the...

5.5CVSS6.4AI score0.00231EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2024/10/11 2:48 a.m.•13 views

SUSE CVE-2024-47667

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata i2037 AM65x SR 1.0 Errata i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0 SPRZ452DJuly 2018Revised December 2019 1 mentions when an inbound PCIe TLP spans more than two internal AXI...

4.4CVSS6.5AI score0.00207EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/08/06 1:59 a.m.•13 views

SUSE CVE-2024-42104

In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot reported that mounting and unmounting a specific pattern of corrupted nilfs2 filesystem images causes a use-after-free of metadata file inodes, which trigger...

6.1CVSS6.4AI score0.0026EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2024/07/16 2:33 a.m.•13 views

SUSE CVE-2024-41007

In the Linux kernel, the following vulnerability has been resolved: tcp: avoid too many retransmit packets If a TCP socket is using TCPUSERTIMEOUT, and the other peer retracted its window to zero, tcpretransmittimer can retransmit a packet every two jiffies 2 ms for HZ=1000, for about 4 minutes...

2.5CVSS6.4AI score0.00229EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•13 views

SUSE CVE-2024-35814

In the Linux kernel, the following vulnerability has been resolved: swiotlb: Fix double-allocation of slots due to broken alignment handling Commit bbb73a103fbb "swiotlb: fix a braino in the alignment check fix", which was a fix for commit 0eee5ae10256 "swiotlb: fix slot alignment checks", causes...

5.5CVSS6.7AI score0.00234EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/05/18 2:46 a.m.•13 views

SUSE CVE-2024-27405

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11 as host, at some instances, the gadgetgiveback has one byte appended at the end of a prop...

3.3CVSS6.4AI score0.01287EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/19 2:18 a.m.•13 views

SUSE CVE-2024-26900

In the Linux kernel, the following vulnerability has been resolved: md: fix kmemleak of rdev-serial If kobjectadd is fail in bindrdevtoarray, 'rdev-serial' will be alloc not be freed, and kmemleak occurs. unreferenced object 0xffff88815a350000 size 49152: comm "mdadm", pid 789, jiffies 4294716910...

5.5CVSS6.4AI score0.00287EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2024/04/15 11:12 p.m.•13 views

SUSE CVE-2024-26777

In the Linux kernel, the following vulnerability has been resolved: fbdev: sis: Error out if pixclock equals zero The userspace program could pass any values to the driver through ioctl interface. If the driver doesn't check the value of pixclock, it may cause divide-by-zero error. In...

5.5CVSS6AI score0.00254EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/03/20 3:48 a.m.•13 views

SUSE CVE-2024-26641

In the Linux kernel, the following vulnerability has been resolved: ip6tunnel: make sure to pull inner header in ip6tnlrcv syzbot found ip6tnlrcv could access unitiliazed data 1. Call pskbinetmaypull to fix this, and initialize ipv6h variable after this call as it can change skb-head. 1 BUG: KMSA...

6.1CVSS6.4AI score0.00241EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/02/13 3:50 a.m.•13 views

SUSE CVE-2024-25744

In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to arch/x86/coco/tdx/tdx.c and arch/x86/mm/memencryptamd.c...

7.8CVSS6.8AI score0.00278EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2023/08/24 2:24 a.m.•13 views

SUSE CVE-2023-4429

Use after free in Loader in Google Chrome prior to 116.0.5845.110 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.2AI score0.00943EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2023/02/15 6:10 a.m.•13 views

SUSE CVE-2007-6209

Util/difflog.pl in zsh 4.3.4 allows local users to overwrite arbitrary files via a symlink attack on temporary files...

4.6CVSS6.7AI score0.00325EPSS
Exploits0References3
Total number of security vulnerabilities5000