Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2024/08/06 2:1 a.m.•9 views

SUSE CVE-2024-41068

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclpinit cleanup on failure If sclpinit fails it only partially cleans up: if there are multiple failing calls to sclpinit sclpstatechangeevent will be added several times to sclpreglist, which results in the...

3.3CVSS6.3AI score0.00243EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/08/06 2:1 a.m.•9 views

SUSE CVE-2024-41093

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: avoid using null object of framebuffer Instead of using state-fb-obj0 directly, get object from framebuffer by calling drmgemfbgetobj and return error code when object is null to avoid using null object of framebuffer...

5.5CVSS6.5AI score0.00225EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2024/07/16 2:33 a.m.•9 views

SUSE CVE-2024-41000

In the Linux kernel, the following vulnerability has been resolved: block/ioctl: prefer different overflow check Running syzkaller with the newly reintroduced signed integer overflow sanitizer shows this report: 62.982337 ------------ cut here ------------ 62.985692 cgroup: Invalid name 62.986211...

5.5CVSS6.5AI score0.00299EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2024/07/13 2:37 a.m.•9 views

SUSE CVE-2024-39509

In the Linux kernel, the following vulnerability has been resolved: HID: core: remove unnecessary WARNON in implement Syzkaller hit a warning 1 in a call to implement when trying to write a value into a field of smaller size in an output report. Since implement already has a warn message printed...

5.5CVSS6.5AI score0.00302EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/07/11 3:13 a.m.•9 views

SUSE CVE-2024-39490

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix missing skbuff release in seg6inputcore The seg6input function is responsible for adding the SRH into a packet, delegating the operation to the seg6inputcore. This function uses the skbcowhead to ensure that there i...

3.3CVSS6.5AI score0.00223EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/06/26 11:17 p.m.•9 views

SUSE CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfsemptydir misjudgment and long loop on I/O errors The error handling in nilfsemptydir when a directory folio/page read fails is incorrect, as in the old ext2 implementation, and if the folio/page cannot be read or...

4.7CVSS6.5AI score0.00247EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/06/22 3:36 a.m.•9 views

SUSE CVE-2024-36270

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports: general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 1 PREEMPT SMP KASAN PTI KASAN: null-ptr-deref in range...

5.5CVSS6.5AI score0.00258EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/06/22 3:35 a.m.•9 views

SUSE CVE-2024-38565

In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: enable proper endpoint verification Syzkaller reports 1 hitting a warning about an endpoint in use not having an expected type to it. Fix the issue by checking for the existence of all proper endpoints with their...

5.7CVSS6.4AI score0.00741EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/06/22 3:34 a.m.•9 views

SUSE CVE-2024-38610

In the Linux kernel, the following vulnerability has been resolved: drivers/virt/acrn: fix PFNMAP PTE checks in acrnvmrammap Patch series "mm: followpte improvements and acrn followpte fixes". Patch 1 fixes a bunch of issues I spotted in the acrn driver. It compiles, that's all I know. I'll...

7.8CVSS6.9AI score0.00213EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/06/21 3:6 a.m.•9 views

SUSE CVE-2024-36974

In the Linux kernel, the following vulnerability has been resolved: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP If one TCATAPRIOATTRPRIOMAP attribute has been provided, taprioparsemqprioopt must validate it, or userspace can inject arbitrary data to the kernel, the second time...

7.8CVSS6.3AI score0.00281EPSS
Exploits0References27
SUSE CVE
SUSE CVE
•added 2024/06/16 4:19 a.m.•9 views

SUSE CVE-2023-6710

A flaw was found in the modproxycluster in the Apache server. This issue may allow a malicious user to add a script in the 'alias' parameter in the URL to trigger the stored cross-site scripting XSS vulnerability. By adding a script on the alias parameter on the URL, it adds a new virtual host an...

5.4CVSS5.7AI score0.02242EPSS
Exploits5References2
SUSE CVE
SUSE CVE
•added 2024/06/13 4:0 a.m.•9 views

SUSE CVE-2024-5831

Use after free in Dawn in Google Chrome prior to 126.0.6478.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

8.8CVSS9.3AI score0.00484EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/06/08 3:49 a.m.•9 views

SUSE CVE-2021-47534

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drmcrtccommitput Commit 9ec03d7f1ed3 "drm/vc4: kms: Wait on previous FIFO users before a commit" introduced a global state for the HVS, with each FIFO storing the current CRTC commit so that we can...

4.1CVSS6.4AI score0.00185EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/06/04 12:49 p.m.•9 views

SUSE CVE-2022-1516

A NULL pointer dereference flaw was found in the Linux kernel's X.25 set of standardized network protocols functionality in the way a user terminates their session using a simulated Ethernet card and continued usage of this connection. This flaw allows a local user to crash the system...

5.5CVSS5.9AI score0.00328EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2024/06/04 12:37 p.m.•9 views

SUSE CVE-2023-1390

A remote denial of service vulnerability was found in the Linux kernel's TIPC kernel module. The while loop in tipclinkxmit hits an unknown state while attempting to parse SKBs, which are not in the queue. Sending two small UDP packets to a system with a UDP bearer results in the CPU utilization...

7.5CVSS5.9AI score0.05095EPSS
Exploits0References36
SUSE CVE
SUSE CVE
•added 2024/06/04 2:25 a.m.•9 views

SUSE CVE-2024-36933

In the Linux kernel, the following vulnerability has been resolved: nsh: Restore skb-protocol,data,macheader for outer header in nshgsosegment. syzbot triggered various splats see 0 and links by a crafted GSO packet of VIRTIONETHDRGSOUDP layering the following protocols: ETHP8021AD + ETHPNSH +...

5.3CVSS6.3AI score0.00285EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/06/04 2:24 a.m.•9 views

SUSE CVE-2024-36964

In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain 9P2000's perm bits is allowed through, which causes it to be able to set among others the suid bit. This was presumably not the intent since the unix extende...

7.2CVSS6.2AI score0.00218EPSS
Exploits0References143
SUSE CVE
SUSE CVE
•added 2024/06/01 2:24 a.m.•9 views

SUSE CVE-2024-36020

In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...

4.7CVSS6.6AI score0.00247EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/23 2:57 a.m.•9 views

SUSE CVE-2023-52784

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

4.7CVSS6.2AI score0.00242EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/23 2:56 a.m.•9 views

SUSE CVE-2023-52821

In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatilepanelgetmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a NULL pointer dereference on failure of drmmodeduplicate. Add a check to...

5.5CVSS6.4AI score0.00241EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/05/21 2:2 a.m.•9 views

SUSE CVE-2023-52667

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...

5.5CVSS6.5AI score0.00269EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/21 2:2 a.m.•9 views

SUSE CVE-2023-52679

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap In ofparsephandlewithargsmap the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired by the previous iteration of the inner loop. Thi...

5.5CVSS6.5AI score0.00264EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•9 views

SUSE CVE-2024-35800

In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if getnextvariable is actually valid pointer before calling it. In kdump kernel this method is set to NULL that causes panic during the kexec-ed kernel boot. Tested with QEMU and OVMF firmware...

5.5CVSS6.6AI score0.00225EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•9 views

SUSE CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

7.8CVSS6.3AI score0.00228EPSS
Exploits0References69
SUSE CVE
SUSE CVE
•added 2024/05/21 1:59 a.m.•9 views

SUSE CVE-2024-35895

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2024/05/21 1:59 a.m.•9 views

SUSE CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

7.8CVSS6.5AI score0.00223EPSS
Exploits0References64
SUSE CVE
SUSE CVE
•added 2024/05/18 2:48 a.m.•9 views

SUSE CVE-2023-52661

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fix missing clkput in the error handling paths of tegradcrgbprobe If clkgetsys..., "plld2out0" fails, the clkgetsys call must be undone. Add the missing clkput and a new 'putplldout0' label in the error handling...

3.3CVSS6.3AI score0.00223EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/18 2:46 a.m.•9 views

SUSE CVE-2024-27410

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an overwrite of data i...

5.5CVSS6.4AI score0.00247EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2024/05/07 2:49 a.m.•9 views

SUSE CVE-2022-48694

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ibdrainsq to hang with no completion. Fix this to generate...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2024/05/04 2:29 a.m.•9 views

SUSE CVE-2022-48705

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run macreset several times. The sequence would trigger system crash as the log below. Because we do not re-enable/schedule "txnapi...

5.5CVSS6.3AI score0.00193EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/05/04 2:23 a.m.•9 views

SUSE CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

5.5CVSS6.8AI score0.00262EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-26938

In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intelbiosencodersupportsdpdualmode If we have no VBT, or the VBT didn't declare the encoder in question, we won't have the 'devdata' for the encoder. Instead of oopsing just bail early. We...

3.3CVSS6.4AI score0.00222EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27000

In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uarthandlectschange function in serialcore expects the caller to hold uport-lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded ...

3.3CVSS6.3AI score0.00327EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27014

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

5.5CVSS6.3AI score0.00175EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27079

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferredattach mode. In this mode, info-domain may not yet be assigned by the time the releasedevice function is called. It leads to the...

5.5CVSS6.4AI score0.00242EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27078

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

5.5CVSS6.3AI score0.00291EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27389

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

5.5CVSS6.7AI score0.00226EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/04/23 1:44 a.m.•9 views

SUSE CVE-2024-26915

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Reset IH OVERFLOWCLEAR bit Allows us to detect subsequent IH ring buffer overflows as well...

5.5CVSS6.7AI score0.00246EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/04/19 2:20 a.m.•9 views

SUSE CVE-2023-52645

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs i...

5.5CVSS6.3AI score0.00173EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/04/19 2:18 a.m.•9 views

SUSE CVE-2024-26825

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet wit...

5.5CVSS6.3AI score0.00237EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2024/04/18 2:31 a.m.•9 views

SUSE CVE-2024-3844

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS6.7AI score0.00649EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2024/04/18 2:30 a.m.•9 views

SUSE CVE-2024-26839

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

3.3CVSS6.2AI score0.00239EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/04/17 2:29 a.m.•9 views

SUSE CVE-2021-47198

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfcunregrpi routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfcunregrpi+0x1b1b" The NLPREGLOGINSEND nlpflag is set in...

5.5CVSS7.6AI score0.00219EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/17 2:21 a.m.•9 views

SUSE CVE-2024-26700

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm:...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/04/15 11:12 p.m.•9 views

SUSE CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...

4.4CVSS6.2AI score0.00223EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/04/12 2:21 a.m.•9 views

SUSE CVE-2021-47181

In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

5.5CVSS7.8AI score0.00226EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/12 2:21 a.m.•9 views

SUSE CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

5.5CVSS7.5AI score0.00238EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/05 2:23 a.m.•9 views

SUSE CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

5.3CVSS8.8AI score0.91969EPSS
Exploits1References66
SUSE CVE
SUSE CVE
•added 2024/04/04 2:17 a.m.•9 views

SUSE CVE-2024-26660

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'streamencregs' array is an array of dcn10streamencregisters structures. The array is initialized with four elements, corresponding to the four calls t...

5.5CVSS6.7AI score0.00248EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/03/28 4:15 a.m.•9 views

SUSE CVE-2023-52621

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld before calling bpf map helpers These three bpfmaplookup,update,deleteelem helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program,...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References12
Total number of security vulnerabilities5000