Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•9 views

SUSE CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

6.3CVSS6.4AI score0.00207EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2025/10/28 12:42 a.m.•9 views

SUSE CVE-2025-12199

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and...

7.1AI score0.00012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/01 11:31 p.m.•9 views

SUSE CVE-2023-53452

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napiinit and napienable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then...

4.4CVSS6.3AI score0.00104EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/09/19 11:34 p.m.•9 views

SUSE CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

5.5CVSS6.6AI score0.00119EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/09/19 11:23 p.m.•9 views

SUSE CVE-2025-39848

In the Linux kernel, the following vulnerability has been resolved: ax25: properly unshare skbs in ax25kissrcv Bernard Pidoux reported a regression apparently caused by commit c353e8983e0d "net: introduce per netns packet chains". skb-dev becomes NULL and we crash in netifreceiveskbcore. Before...

5.7CVSS6.5AI score0.00149EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/09/19 11:23 p.m.•9 views

SUSE CVE-2025-39866

In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

6.4CVSS6.5AI score0.00286EPSS
Exploits1References20
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53377

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...

5.5CVSS6.5AI score0.00138EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53391

In the Linux kernel, the following vulnerability has been resolved: shmem: use ramfskillsb for killsb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfsinitfscontext for the initfscontext method, which allocates fc-sfsinfo, use ramfskillsb to free it and avoid a memory leak...

5.5CVSS6.6AI score0.00135EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/09/16 11:30 p.m.•9 views

SUSE CVE-2023-53286

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could...

5.5CVSS6.3AI score0.00142EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/09/11 11:24 p.m.•9 views

SUSE CVE-2025-39758

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix the sendmsg byte count in siwtcpsendpages Ever since commit c2ff29e99a76 "siw: Inline dotcpsendpages", we have been doing this: static int siwtcpsendpagesstruct socket s, struct page page, int offset, sizet size ......

5.5CVSS6.5AI score0.00145EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/09/05 11:22 p.m.•9 views

SUSE CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

5.5CVSS6.7AI score0.00137EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/08/28 11:31 p.m.•9 views

SUSE CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

2.5CVSS6.4AI score0.00144EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/22 11:29 p.m.•9 views

SUSE CVE-2025-38618

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept also has port...

7CVSS7.7AI score0.00152EPSS
Exploits0References100
SUSE CVE
SUSE CVE
•added 2025/08/22 11:28 p.m.•9 views

SUSE CVE-2025-38635

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...

5.5CVSS6.5AI score0.00159EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/19 11:23 p.m.•9 views

SUSE CVE-2025-38576

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

4.7CVSS6.3AI score0.00149EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/19 11:23 p.m.•9 views

SUSE CVE-2025-38590

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed by the time of this...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/08/16 11:22 p.m.•9 views

SUSE CVE-2025-38516

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

5.5CVSS6.4AI score0.00149EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/08/14 11:23 p.m.•9 views

SUSE CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

7CVSS6.4AI score0.0014EPSS
Exploits0References74
SUSE CVE
SUSE CVE
•added 2025/07/30 11:21 p.m.•9 views

SUSE CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

5.2CVSS6.9AI score0.00215EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•9 views

SUSE CVE-2025-38404

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of crostypecaltmodedata::mutex. The call chain is as follows: 1. crostypecaltmodework acquires the mutex 2. typecaltmodevd...

4.7CVSS6.4AI score0.00129EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•9 views

SUSE CVE-2025-38418

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to remote processor through rprocattach, if rprochandleresources returns failure, then the clean table should be...

5.5CVSS6.5AI score0.00156EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/28 11:22 p.m.•9 views

SUSE CVE-2025-38470

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/07/25 11:22 p.m.•9 views

SUSE CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

6.1CVSS6.5AI score0.00146EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/10 11:34 p.m.•9 views

SUSE CVE-2024-43394

Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server...

5.9CVSS6.6AI score0.01094EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/07/10 11:23 p.m.•9 views

SUSE CVE-2025-38273

In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipcaeadencrypt syzbot reported a refcount warning 1 caused by calling getnet on a network namespace that is being destroyed refcount=0. This happens when a TIPC discovery timer fires during...

3.3CVSS6.4AI score0.00161EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/10 11:23 p.m.•9 views

SUSE CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

4.4CVSS6.5AI score0.00155EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/07/10 11:22 p.m.•9 views

SUSE CVE-2025-38336

In the Linux kernel, the following vulnerability has been resolved: ata: patavia: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device attached, it can also...

4.1CVSS6.5AI score0.00162EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/07 11:24 p.m.•9 views

SUSE CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

7.8CVSS5.6AI score0.0017EPSS
Exploits0References34
SUSE CVE
SUSE CVE
•added 2025/07/04 11:22 p.m.•9 views

SUSE CVE-2025-38174

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tbcfgrequestdequeue: general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2...

4.7CVSS6.5AI score0.0015EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/04 11:22 p.m.•9 views

SUSE CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

6.1CVSS6.5AI score0.00161EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/04 2:38 p.m.•9 views

SUSE CVE-2025-38151

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

6.1CVSS6.4AI score0.00147EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/04 2:37 p.m.•9 views

SUSE CVE-2025-38166

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

6.6CVSS7.8AI score0.00147EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/07/03 11:23 p.m.•9 views

SUSE CVE-2025-38103

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhidparse Update struct hiddescriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note: the kernel currently...

2.5CVSS6.4AI score0.00175EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/03 11:23 p.m.•9 views

SUSE CVE-2025-38143

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wledconfigure devmkasprintf returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

5.5CVSS6.5AI score0.00166EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•9 views

SUSE CVE-2022-50012

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

5.5CVSS6.3AI score0.00205EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•9 views

SUSE CVE-2022-50015

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...

5.5CVSS6.1AI score0.00179EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/06/19 3:43 a.m.•9 views

SUSE CVE-2022-50026

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: fix shift out of bounds When validating NIC queues, queue offset calculation must be performed only for NIC queues...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:42 a.m.•9 views

SUSE CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aqvec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self-aqveci is not checked and then leads to the index out of range error. Also fixed this...

5.5CVSS6.4AI score0.00169EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•9 views

SUSE CVE-2022-50125

In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fix refcount leak in croseccodecplatformprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

5.5CVSS6.2AI score0.00159EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:40 a.m.•9 views

SUSE CVE-2022-50136

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

5.5CVSS6.2AI score0.00203EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/19 3:39 a.m.•9 views

SUSE CVE-2022-50190

In the Linux kernel, the following vulnerability has been resolved: spi: Fix simplification of devmspiregistercontroller This reverts commit 59ebbe40fb51 "spi: simplify devmspiregistercontroller". If devmaddaction fails in devmaddactionorreset, devmspiunregister will be called, it decreases the...

5.5CVSS6.3AI score0.00213EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:38 a.m.•9 views

SUSE CVE-2022-50229

In the Linux kernel, the following vulnerability has been resolved: ALSA: bcd2000: Fix a UAF bug on the error path of probing When the driver fails in sndcardregister at probe time, it will free the 'bcd2k-midiouturb' before killing it, which may cause a UAF bug. The following log can reveal it:...

5.5CVSS6.3AI score0.00204EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/06/19 3:15 a.m.•9 views

SUSE CVE-2025-38031

In the Linux kernel, the following vulnerability has been resolved: padata: do not leak refcount in reorderwork A recent patch that addressed a UAF introduced a reference count leak: the paralleldata refcount is incremented unconditionally, regardless of the return value of queuework. If the work...

6.1CVSS7.8AI score0.0017EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/06/19 3:15 a.m.•9 views

SUSE CVE-2025-38043

In the Linux kernel, the following vulnerability has been resolved: firmware: armffa: Set dmamask for ffa devices Set dmamask for FFA devices, otherwise DMA allocation using the device pointer lead to following warning: WARNING: CPU: 1 PID: 1 at kernel/dma/mapping.c:597 dmaallocattrs+0xe0/0x124...

7.9AI score0.0016EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/06/19 3:14 a.m.•9 views

SUSE CVE-2025-38060

In the Linux kernel, the following vulnerability has been resolved: bpf: copyverifierstate should copy 'loopentry' field The bpfverifierstate.loopentry state should be copied by copyverifierstate. Otherwise, .loopentry values from unrelated states would poison env-curstate. Additionally, env-stac...

7.8CVSS6.3AI score0.00146EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/06/10 2:8 a.m.•9 views

SUSE CVE-2025-38000

In the Linux kernel, the following vulnerability has been resolved: schhfsc: Fix qlen accounting bug when using peek in hfscenqueue When enqueuing the first packet to an HFSC class, hfscenqueue calls the child qdisc's peek operation before incrementing sch-q.qlen and sch-qstats.backlog. If the...

7CVSS6.5AI score0.00179EPSS
Exploits0References102
SUSE CVE
SUSE CVE
•added 2025/06/05 3:23 a.m.•9 views

SUSE CVE-2025-4435

When using a TarFile.errorlevel = 0 and extracting with a filter the documented behavior is that any filtered members would be skipped and not extracted. However the actual behavior of TarFile.errorlevel = 0 in affected versions is that the member would still be extracted and not skipped...

8.2CVSS6.7AI score0.00474EPSS
Exploits1References18
SUSE CVE
SUSE CVE
•added 2025/05/10 2:52 a.m.•9 views

SUSE CVE-2025-37865

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported Russell King reports that on the ZII dev rev B, deleting a bridge VLAN from a user port fails with -ENOENT:...

5.5CVSS7.7AI score0.00225EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/05/09 3:23 a.m.•9 views

SUSE CVE-2025-37820

In the Linux kernel, the following vulnerability has been resolved: xen-netfront: handle NULL returned by xdpconvertbufftoframe The function xdpconvertbufftoframe may return NULL if it fails to correctly convert the XDP buffer into an XDP frame due to memory constraints, internal errors, or inval...

5.5CVSS7.8AI score0.00156EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/07 2:19 a.m.•9 views

SUSE CVE-2022-49821

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDNdspelementregister Afer commit 1fa5ae857bb1 "driver core: get rid of struct device's busid string array", the name of device is allocated dynamically, use putdevice to give up the reference...

3.3CVSS6.4AI score0.00166EPSS
Exploits0References12
Total number of security vulnerabilities5000