Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2025/12/10 12:34 a.m.•9 views

SUSE CVE-2023-53845

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfsbmaplookupatlevel may return the same...

5.3CVSS6.7AI score0.00225EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/11/14 12:23 a.m.•9 views

SUSE CVE-2025-40194

In the Linux kernel, the following vulnerability has been resolved: cpufreq: intelpstate: Fix object lifecycle issue in updateqosrequest The cpufreqcpuput call in updateqosrequest takes place too early because the latter subsequently calls freqqosupdaterequest that indirectly accesses the policy...

4.7CVSS6.5AI score0.00175EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/11/14 12:23 a.m.•9 views

SUSE CVE-2025-40205

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid potential out-of-bounds in btrfsencodefh The function btrfsencodefh does not properly account for the three cases it handles. Before writing to the file handle fh, the function only returns to the user...

5.5CVSS6.8AI score0.00175EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/11/13 12:24 a.m.•9 views

SUSE CVE-2025-40140

In the Linux kernel, the following vulnerability has been resolved: net: usb: Remove disruptive netifwakequeue in rtl8150setmulticast syzbot reported WARNING in rtl8150startxmit/usbsubmiturb. This is the sequence of events that leads to the warning: rtl8150startxmit netifstopqueue;...

3.3CVSS6.5AI score0.00188EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/11/09 12:33 a.m.•9 views

SUSE CVE-2025-27093

Sliver is a command and control framework that uses a custom Wireguard netstack. In versions 1.5.43 and earlier, and in development version 1.6.0-dev, the netstack does not limit traffic between Wireguard clients. This allows clients to communicate with each other unrestrictedly, potentially...

6.3CVSS7AI score0.00217EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/10/31 12:24 a.m.•9 views

SUSE CVE-2025-40103

In the Linux kernel, the following vulnerability has been resolved: smb: client: Fix refcount leak for cifssbtlink Fix three refcount inconsistency issues related to cifssbtlink. Comments for cifssbtlink state that cifsputtlink needs to be called after successful calls to cifssbtlink. Three calls...

3.3CVSS6.6AI score0.00188EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•9 views

SUSE CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

6.3CVSS6.4AI score0.00207EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2025/10/28 12:42 a.m.•9 views

SUSE CVE-2025-12199

REJECT DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: Based on the analysis by MITRE and review of community feedback, the reported conditions represent expected and...

7.1AI score0.00012EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/01 11:31 p.m.•9 views

SUSE CVE-2023-53452

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: fix potential race condition between napiinit and napienable A race condition can happen if netdev is registered, but NAPI isn't initialized yet, and meanwhile user space starts the netdev that will enable NAPI. Then...

4.4CVSS6.3AI score0.00104EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/09/19 11:34 p.m.•9 views

SUSE CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

5.5CVSS6.6AI score0.00119EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/09/19 11:23 p.m.•9 views

SUSE CVE-2025-39866

In the Linux kernel, the following vulnerability has been resolved: fs: writeback: fix use-after-free in markinodedirty An use-after-free issue occurred when markinodedirty get the bdiwriteback that was in the progress of switching. CPU: 1 PID: 562 Comm: systemd-random- Not tainted...

6.4CVSS6.5AI score0.00286EPSS
Exploits1References20
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53354

In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...

5.5CVSS6.7AI score0.00177EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53368

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix race issue between cpu buffer write and swap Warning happened in rbendcommit at code: if RBWARNONcpubuffer, !localread&cpubuffer-committing WARNING: CPU: 0 PID: 139 at kernel/trace/ringbuffer.c:3142...

5.5CVSS6.6AI score0.00123EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53377

In the Linux kernel, the following vulnerability has been resolved: cifs: prevent use-after-free by freeing the cfile later In smb2compoundop we have a possible use-after-free which can cause hard to debug problems later on. This was revealed during stress testing with KASAN enabled kernel. Fixin...

5.5CVSS6.5AI score0.00138EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/09/18 11:38 p.m.•9 views

SUSE CVE-2023-53391

In the Linux kernel, the following vulnerability has been resolved: shmem: use ramfskillsb for killsb method of ramfs-based tmpfs As the ramfs-based tmpfs uses ramfsinitfscontext for the initfscontext method, which allocates fc-sfsinfo, use ramfskillsb to free it and avoid a memory leak...

5.5CVSS6.6AI score0.00135EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/09/16 11:30 p.m.•9 views

SUSE CVE-2023-53286

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Return the firmware result upon destroying QP/RQ Previously when destroying a QP/RQ, the result of the firmware destruction function was ignored and upper layers weren't informed about the failure. Which in turn could...

5.5CVSS6.3AI score0.00142EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/09/05 11:22 p.m.•9 views

SUSE CVE-2025-39718

In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Validate length in packet header before skbput When receiving a vsock packet in the guest, only the virtqueue buffer size is validated prior to virtiovsockskbrxput. Unfortunately, virtiovsockskbrxput uses the length...

5.5CVSS6.7AI score0.00137EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/08/28 11:31 p.m.•9 views

SUSE CVE-2024-58240

In the Linux kernel, the following vulnerability has been resolved: tls: separate no-async decryption request handling from async If we're not doing async, the handling is much simpler. There's no reference counting, we just need to wait for the completion to wake us up and return its result. We...

2.5CVSS6.4AI score0.00144EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/22 11:29 p.m.•9 views

SUSE CVE-2025-38618

In the Linux kernel, the following vulnerability has been resolved: vsock: Do not allow binding to VMADDRPORTANY It is possible for a vsock to autobind to VMADDRPORTANY. This can cause a use-after-free when a connection is made to the bound socket. The socket returned by accept also has port...

7CVSS7.7AI score0.00152EPSS
Exploits0References100
SUSE CVE
SUSE CVE
•added 2025/08/22 11:28 p.m.•9 views

SUSE CVE-2025-38635

In the Linux kernel, the following vulnerability has been resolved: clk: davinci: Add NULL check in davincilpscclkregister devmkasprintf returns NULL when memory allocation fails. Currently, davincilpscclkregister does not check for this case, which results in a NULL pointer dereference. Add NULL...

5.5CVSS6.5AI score0.00159EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/19 11:23 p.m.•9 views

SUSE CVE-2025-38576

In the Linux kernel, the following vulnerability has been resolved: powerpc/eeh: Make EEH driver device hotplug safe Multiple race conditions existed between the PCIe hotplug driver and the EEH driver, leading to a variety of kernel oopses of the same general nature: A second class of oops is als...

4.7CVSS6.3AI score0.00149EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/08/19 11:23 p.m.•9 views

SUSE CVE-2025-38590

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Remove skb secpath if xfrm state is not found Hardware returns a unique identifier for a decrypted packet's xfrm state, this state is looked up in an xarray. However, the state might have been freed by the time of this...

5.5CVSS6.4AI score0.00146EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/08/16 11:22 p.m.•9 views

SUSE CVE-2025-38516

In the Linux kernel, the following vulnerability has been resolved: pinctrl: qcom: msm: mark certain pins as invalid for interrupts On some platforms, the UFS-reset pin has no interrupt logic in TLMM but is nevertheless registered as a GPIO in the kernel. This enables the user-space to trigger a...

5.5CVSS6.4AI score0.00149EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/08/14 11:23 p.m.•9 views

SUSE CVE-2025-38500

In the Linux kernel, the following vulnerability has been resolved: xfrm: interface: fix use-after-free after changing collectmd xfrm interface collectmd property on xfrm interfaces can only be set on device creation, thus xfrmichangelink should fail when called on such interfaces. The check to...

7CVSS6.4AI score0.0014EPSS
Exploits0References74
SUSE CVE
SUSE CVE
•added 2025/07/30 11:21 p.m.•9 views

SUSE CVE-2025-54388

Moby is an open source container framework developed by Docker Inc. that is distributed as Docker Engine, Mirantis Container Runtime, and various other downstream projects/products. In versions 28.2.0 through 28.3.2, when the firewalld service is reloaded it removes all iptables rules including...

5.2CVSS6.9AI score0.00215EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•9 views

SUSE CVE-2025-38404

In the Linux kernel, the following vulnerability has been resolved: usb: typec: displayport: Fix potential deadlock The deadlock can occur due to a recursive lock acquisition of crostypecaltmodedata::mutex. The call chain is as follows: 1. crostypecaltmodework acquires the mutex 2. typecaltmodevd...

4.7CVSS6.4AI score0.00129EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/29 11:23 p.m.•9 views

SUSE CVE-2025-38418

In the Linux kernel, the following vulnerability has been resolved: remoteproc: core: Release rproc-cleantable after rprocattach fails When rproc-state = RPROCDETACHED is attached to remote processor through rprocattach, if rprochandleresources returns failure, then the clean table should be...

5.5CVSS6.5AI score0.00156EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/28 11:22 p.m.•9 views

SUSE CVE-2025-38470

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the 8021q module will automatically add or remove VLAN 0 when the net device is put...

5.5CVSS6.3AI score0.00161EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/07/28 11:22 p.m.•9 views

SUSE CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: schqfq: Fix race condition on qfqaggregate A race condition can occur when 'agg' is modified in qfqchangeagg called during qfqenqueue while other threads access it concurrently. For example, qfqdumpclass may trigger a...

7CVSS6.4AI score0.00115EPSS
Exploits0References117
SUSE CVE
SUSE CVE
•added 2025/07/25 11:22 p.m.•9 views

SUSE CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk-skforwardalloc can overflow. When we send data, if an skb exists at the tail of the write queue, the kernel will attempt to append the...

6.1CVSS6.5AI score0.00146EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/10 11:34 p.m.•9 views

SUSE CVE-2024-43394

Server-Side Request Forgery SSRF in Apache HTTP Server on Windows allows to potentially leak NTLM hashes to a malicious server via modrewrite or apache expressions that pass unvalidated request input. This issue affects Apache HTTP Server: from 2.4.0 through 2.4.63. Note: The Apache HTTP Server...

5.9CVSS6.6AI score0.01094EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/07/10 11:23 p.m.•9 views

SUSE CVE-2025-38273

In the Linux kernel, the following vulnerability has been resolved: net: tipc: fix refcount warning in tipcaeadencrypt syzbot reported a refcount warning 1 caused by calling getnet on a network namespace that is being destroyed refcount=0. This happens when a TIPC discovery timer fires during...

3.3CVSS6.4AI score0.00161EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/10 11:23 p.m.•9 views

SUSE CVE-2025-38274

In the Linux kernel, the following vulnerability has been resolved: fpga: fix potential null pointer deref in fpgamgrtestimgloadsgt fpgamgrtestimgloadsgt allocates memory for sgt using kunitkzalloc however it does not check if the allocation failed. It then passes sgt to sgalloctable, which passe...

4.4CVSS6.5AI score0.00155EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/07/10 11:22 p.m.•9 views

SUSE CVE-2025-38336

In the Linux kernel, the following vulnerability has been resolved: ata: patavia: Force PIO for ATAPI devices on VT6415/VT6330 The controller has a hardware bug that can hard hang the system when doing ATAPI DMAs without any trace of what happened. Depending on the device attached, it can also...

4.1CVSS6.5AI score0.00162EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/07 11:24 p.m.•9 views

SUSE CVE-2025-38180

In the Linux kernel, the following vulnerability has been resolved: net: atm: fix /proc/net/atm/lec handling /proc/net/atm/lec must ensure safety against devlec changes. It appears it had devput calls without prior devhold, leading to imbalance and UAF...

7.8CVSS5.6AI score0.0017EPSS
Exploits0References34
SUSE CVE
SUSE CVE
•added 2025/07/04 11:22 p.m.•9 views

SUSE CVE-2025-38174

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Do not double dequeue a configuration request Some of our devices crash in tbcfgrequestdequeue: general protection fault, probably for non-canonical address 0xdead000000000122 CPU: 6 PID: 91007 Comm: kworker/6:2...

4.7CVSS6.5AI score0.0015EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/04 11:22 p.m.•9 views

SUSE CVE-2025-38193

In the Linux kernel, the following vulnerability has been resolved: netsched: schsfq: reject invalid perturb period Gerrard Tai reported that SFQ perturbperiod has no range check yet, and this can be used to trigger a race condition fixed in a separate patch. We want to make sure ctl-perturbperio...

6.1CVSS6.5AI score0.00161EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/04 2:38 p.m.•9 views

SUSE CVE-2025-38151

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix hang when cmaneteventcallback fails to queuework The cited commit fixed a crash when cmaneteventcallback was called for a cmaid while work on that id from a previous call had not yet started. The work item was...

6.1CVSS6.4AI score0.00147EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/07/04 2:37 p.m.•9 views

SUSE CVE-2025-38166

In the Linux kernel, the following vulnerability has been resolved: bpf: fix ktls panic with sockmap 2172.936997 ------------ cut here ------------ 2172.936999 kernel BUG at lib/ioviter.c:629! ...... 2172.944996 PKRU: 55555554 2172.945155 Call Trace: 2172.945299 2172.945428 ? die+0x36/0x90...

6.6CVSS7.8AI score0.00147EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/07/03 11:23 p.m.•9 views

SUSE CVE-2025-38103

In the Linux kernel, the following vulnerability has been resolved: HID: usbhid: Eliminate recurrent out-of-bounds bug in usbhidparse Update struct hiddescriptor to better reflect the mandatory and optional parts of the HID Descriptor as per USB HID 1.11 specification. Note: the kernel currently...

2.5CVSS6.4AI score0.00175EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/03 11:23 p.m.•9 views

SUSE CVE-2025-38124

In the Linux kernel, the following vulnerability has been resolved: net: fix udp gso skbsegment after pull from fraglist Commit a1e40ac5b5e9 "net: gso: fix udp gso fraglist segmentation after pull from fraglist" detected invalid geometry in fraglist skbs and redirects them from skbsegmentlist to...

5.5CVSS6.5AI score0.00148EPSS
Exploits0References23
SUSE CVE
SUSE CVE
•added 2025/07/03 11:23 p.m.•9 views

SUSE CVE-2025-38143

In the Linux kernel, the following vulnerability has been resolved: backlight: pm8941: Add NULL check in wledconfigure devmkasprintf returns NULL when memory allocation fails. Currently, wledconfigure does not check for this case, which results in a NULL pointer dereference. Add NULL check after...

5.5CVSS6.5AI score0.00166EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•9 views

SUSE CVE-2022-50012

In the Linux kernel, the following vulnerability has been resolved: powerpc/64: Init jump labels before parseearlyparam On 64-bit, calling jumplabelinit in setupfeaturekeys is too late because static keys may be used in subroutines of parseearlyparam which is again subroutine of earlyinitdevtree...

5.5CVSS6.3AI score0.00205EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:44 a.m.•9 views

SUSE CVE-2022-50015

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-ipc: Do not process IPC reply before firmware boot It is not yet clear, but it is possible to create a firmware so broken that it will send a reply message before a FWREADY message it is not yet clear if...

5.5CVSS6.1AI score0.00179EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/06/19 3:43 a.m.•9 views

SUSE CVE-2022-50026

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: fix shift out of bounds When validating NIC queues, queue offset calculation must be performed only for NIC queues...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:42 a.m.•9 views

SUSE CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aqvec index out of range error The final update statement of the for loop exceeds the array range, the dereference of self-aqveci is not checked and then leads to the index out of range error. Also fixed this...

5.5CVSS6.4AI score0.00169EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•9 views

SUSE CVE-2022-50104

In the Linux kernel, the following vulnerability has been resolved: powerpc/xive: Fix refcount leak in xivegetmaxprio offindnodebypath returns a node pointer with refcount incremented, we should use ofnodeput on it when done. Add missing ofnodeput to avoid refcount leak...

5.5CVSS6.3AI score0.0016EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•9 views

SUSE CVE-2022-50120

In the Linux kernel, the following vulnerability has been resolved: remoteproc: imxrproc: Fix refcount leak in imxrprocaddrinit ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not needed anymore. This function has two paths missing ofnodeput...

5.5CVSS6.2AI score0.00159EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:41 a.m.•9 views

SUSE CVE-2022-50125

In the Linux kernel, the following vulnerability has been resolved: ASoC: croseccodec: Fix refcount leak in croseccodecplatformprobe ofparsephandle returns a node pointer with refcount incremented, we should use ofnodeput on it when not need anymore. Add missing ofnodeput to avoid refcount leak...

5.5CVSS6.2AI score0.00159EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/06/19 3:40 a.m.•9 views

SUSE CVE-2022-50136

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix duplicated reported IWCMEVENTCONNECTREPLY event If siwrecvmparr returns -EAGAIN, it means that the MPA reply hasn't been received completely, and should not report IWCMEVENTCONNECTREPLY in this case. This may trigge...

5.5CVSS6.2AI score0.00203EPSS
Exploits0References11
Total number of security vulnerabilities5000