Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2025/03/28 3:0 a.m.•9 views

SUSE CVE-2025-21883

In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...

5.5CVSS7.6AI score0.00193EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/03/12 3:23 p.m.•9 views

SUSE CVE-2025-21865

In the Linux kernel, the following vulnerability has been resolved: gtp: Suppress list corruption splat in gtpnetexitbatchrtnl. Brad Spengler reported the listdel corruption splat in gtpnetexitbatchrtnl. 0 Commit eb28fd76c0a0 "gtp: Destroy device along with udp socket's netns dismantle." added th...

5.5CVSS6.8AI score0.00209EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/03/07 2:39 a.m.•9 views

SUSE CVE-2024-58052

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrlgetsmcsclkrangetable The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails to retrieve SMUInfo...

5.5CVSS6.8AI score0.00201EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/03/07 2:39 a.m.•9 views

SUSE CVE-2024-58061

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARNON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugf...

5.5CVSS7.7AI score0.00166EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/03/07 2:38 a.m.•9 views

SUSE CVE-2024-58072

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: remove unused checkbuddypriv Commit 2461c7d60f9f "rtlwifi: Update header file" introduced a global list of private data structures. Later on, commit 26634c4b1868 "rtlwifi Modify existing bits to match vendor versio...

5.5CVSS6.7AI score0.00184EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/02/28 2:22 a.m.•9 views

SUSE CVE-2025-21708

In the Linux kernel, the following vulnerability has been resolved: net: usb: rtl8150: enable basic endpoint checking Syzkaller reports 1 encountering a common issue of utilizing a wrong usb endpoint type during URB submitting stage. This, in turn, triggers a warning shown below. For now, enable...

5.5CVSS6.6AI score0.00191EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/28 2:22 a.m.•9 views

SUSE CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...

5.5CVSS6.7AI score0.00188EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/02/28 2:21 a.m.•9 views

SUSE CVE-2025-21744

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmftxfinalize On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the interface: brcmfdetach...

5.5CVSS6.8AI score0.00216EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/28 2:20 a.m.•9 views

SUSE CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

5.5CVSS6.7AI score0.00229EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/27 3:10 a.m.•9 views

SUSE CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...

5.5CVSS6.7AI score0.00169EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/02/27 3:9 a.m.•9 views

SUSE CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS6.4AI score0.00283EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/02/27 3:2 a.m.•9 views

SUSE CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport init-annotated hvinitclocksource EXPORTSYMBOL and init is a bad combination because the .init.text section is freed up after the initialization. Hence, modules cannot use symbols annotated init. The...

5.5CVSS6.2AI score0.00266EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/02/19 12:15 a.m.•9 views

SUSE CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

7.8CVSS6.3AI score0.00275EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/02/14 7:7 a.m.•9 views

SUSE CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond commit...

4.7CVSS6.5AI score0.00635EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/02/14 6:11 a.m.•9 views

SUSE CVE-2023-45648

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomca...

7.5CVSS7.5AI score0.05848EPSS
Exploits2References6
SUSE CVE
SUSE CVE
•added 2025/02/14 5:47 a.m.•9 views

SUSE CVE-2024-4577

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

9.8CVSS8.3AI score0.99987EPSS
Exploits64References6
SUSE CVE
SUSE CVE
•added 2025/02/14 4:9 a.m.•9 views

SUSE CVE-2024-52317

Incorrect object re-cycling and re-use vulnerability in Apache Tomcat. Incorrect recycling of the request and response used by HTTP/2 requests could lead to request and/or response mix-up between users. This issue affects Apache Tomcat: from 11.0.0-M23 through 11.0.0-M26, from 10.1.27 through...

6.5CVSS7.8AI score0.02008EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2025/02/14 4:3 a.m.•9 views

SUSE CVE-2024-53677

File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before...

9.8CVSS9.7AI score0.78198EPSS
Exploits15References3
SUSE CVE
SUSE CVE
•added 2025/02/11 3:48 a.m.•9 views

SUSE CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

7CVSS6.5AI score0.00191EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/01/24 4:12 a.m.•9 views

SUSE CVE-2024-10846

The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...

6.5CVSS6.9AI score0.00223EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/01/22 3:48 a.m.•9 views

SUSE CVE-2024-57932

In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on existence of xdp queues In GVE, dedicated XDP queues only exist when an XDP program is installed and the interface is up. As such, the NDO XDP XMIT callback should return early if either of these...

5.5CVSS7.7AI score0.00202EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/22 3:48 a.m.•9 views

SUSE CVE-2025-21656

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

3.3CVSS7.7AI score0.00199EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/20 3:48 a.m.•9 views

SUSE CVE-2024-57906

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

3.3CVSS7.4AI score0.00214EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/20 3:48 a.m.•9 views

SUSE CVE-2024-57912

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp u32 pressure, u16...

3.3CVSS7.3AI score0.00214EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/20 3:48 a.m.•9 views

SUSE CVE-2024-57924

In the Linux kernel, the following vulnerability has been resolved: fs: relax assertions on failure to encode file handles Encoding file handles is usually performed by a filesystem encodefh method that may fail for various reasons. The legacy users of exportfsencodefh, namely, nfsd and...

5.5CVSS7.7AI score0.002EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/01/16 3:49 a.m.•9 views

SUSE CVE-2024-57899

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix mbss changed flags corruption on 32 bit systems On 32-bit systems, the size of an unsigned long is 4 bytes, while a u64 is 8 bytes. Therefore, when using oreachsetbitbit, &bits, sizeofchanged BITSPERBYTE, the...

6.1CVSS7.7AI score0.00218EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/12 12:14 a.m.•9 views

SUSE CVE-2024-56638

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...

5.3CVSS7.7AI score0.00222EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/01/10 12:22 a.m.•9 views

SUSE CVE-2024-56602

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...

7.8CVSS7.6AI score0.00231EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/01/09 12:20 a.m.•9 views

SUSE CVE-2024-56778

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stihqvdpatomiccheck The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

5.5CVSS7.7AI score0.00203EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/12/29 3:48 a.m.•9 views

SUSE CVE-2024-56688

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

5.5CVSS7.6AI score0.00225EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53175

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...

3.3CVSS7.8AI score0.00231EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53179

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses-authkey.response with SMB2.1 + sign mounts which occurs due to following race: task A task B cifsmount dfsmountshare getsession...

7CVSS7.7AI score0.00245EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53180

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its runtime-dmaarea properly. Add a proper NULL check before passing to virttopage for avoiding a panic...

5.5CVSS7.7AI score0.00231EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/12/28 3:48 a.m.•9 views

SUSE CVE-2024-56570

In the Linux kernel, the following vulnerability has been resolved: ovl: Filter invalid inodes with missing lookup function Add a check to the ovldentryweird function to prevent the processing of directory inodes that lack the lookup function. This is important because such inodes can cause error...

5.5CVSS7.6AI score0.0023EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2024/12/18 3:51 a.m.•9 views

SUSE CVE-2024-50379

Time-of-check Time-of-use TOCTOU Race Condition vulnerability during JSP compilation in Apache Tomcat permits an RCE on case insensitive file systems when the default servlet is enabled for write non-default configuration. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.1, from...

7CVSS7AI score0.43663EPSS
Exploits13References11
SUSE CVE
SUSE CVE
•added 2024/12/05 12:16 a.m.•9 views

SUSE CVE-2024-53127

In the Linux kernel, the following vulnerability has been resolved: Revert "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" The commit 8396c793ffdf "mmc: dwmmc: Fix IDMAC operation with pages bigger than 4K" increased the maxreqsize, even for 4K pages, causing various issues: - Panic...

5.5CVSS8.1AI score0.00223EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/11/28 3:56 a.m.•9 views

SUSE CVE-2024-42330

The HttpRequest object allows to get the HTTP headers from the server's response after sending the request. The problem is that the returned strings are created directly from the data returned by the server and are not correctly encoded for JavaScript. This allows to create internal strings that...

9.1CVSS6.9AI score0.00952EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2024/11/22 3:48 a.m.•9 views

SUSE CVE-2024-53090

In the Linux kernel, the following vulnerability has been resolved: afs: Fix lock recursion afswakeupasynccall can incur lock recursion. The problem is that it is called from AFRXRPC whilst holding the -notifylock, but it tries to take a ref on the afscall struct in order to pass it to a work que...

5.5CVSS7.6AI score0.00194EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2024/11/10 3:49 a.m.•9 views

SUSE CVE-2024-50245

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix possible deadlock in miread Mutex lock with another subclass used in nilockdir...

4.7CVSS7.7AI score0.00219EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/11/08 3:49 a.m.•9 views

SUSE CVE-2024-50142

In the Linux kernel, the following vulnerability has been resolved: xfrm: validate new SA's prefixlen using SA family when sel.family is unset This expands the validation introduced in commit 07bf7908950a "xfrm: Validate address prefix lengths in the xfrm selector." syzbot created an SA with...

6.3CVSS7.7AI score0.00259EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2024/11/08 3:48 a.m.•9 views

SUSE CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msmdispstateprintregs If the allocation in msmdispstatedumpregs failed then block-state can be NULL. The msmdispstateprintregs function does have code to try to handle it with: if reg dumpaddr =...

5.5CVSS7.7AI score0.00216EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/11/08 3:48 a.m.•9 views

SUSE CVE-2024-50167

In the Linux kernel, the following vulnerability has been resolved: be2net: fix potential memory leak in bexmit The bexmit returns NETDEVTXOK without freeing skb in case of bexmitenqueue fails, add devkfreeskbany to fix it...

5.5CVSS6.8AI score0.00253EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2024/11/08 3:48 a.m.•9 views

SUSE CVE-2024-50171

In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcmsysportxmit The bcmsysportxmit returns NETDEVTXOK without freeing skb in case of dmamapsingle fails, add devkfreeskb to fix it...

4CVSS7.7AI score0.00239EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2024/11/06 3:49 a.m.•9 views

SUSE CVE-2024-50093

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: int340x: processor: Fix warning during module unload The processorthermal driver uses pcimdeviceenable to enable a PCI device, which means the device will be automatically disabled on driver detach. Thus there is ...

5.5CVSS7.4AI score0.00235EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2024/11/06 3:49 a.m.•9 views

SUSE CVE-2024-50101

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix incorrect pciforeachdmaalias for non-PCI devices Previously, the domaincontextclear function incorrectly called pciforeachdmaalias to set up context entries for non-PCI devices. This could lead to kernel hangs or...

5.5CVSS7.6AI score0.00235EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/11/06 3:48 a.m.•9 views

SUSE CVE-2024-50128

In the Linux kernel, the following vulnerability has been resolved: net: wwan: fix global oob in wwanrtnlpolicy The variable wwanrtnllinkops assign a bigger maxtype which leads to a global out-of-bounds read when parsing the netlink attributes. Exactly same bug cause as the oob fixed in commit...

6.8CVSS7.4AI score0.00227EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2024/10/29 4:15 a.m.•9 views

SUSE CVE-2024-50073

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Fix use-after-free in gsmcleanupmux BUG: KASAN: slab-use-after-free in gsmcleanupmux+0x77b/0x7b0 drivers/tty/ngsm.c:3160 ngsm Read of size 8 at addr ffff88815fe99c00 by task poc/3379 CPU: 0 UID: 0 PID: 3379 Comm: poc N...

6.1CVSS6.3AI score0.00258EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2024/10/29 4:15 a.m.•9 views

SUSE CVE-2024-50082

In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rqqoswait vs. rqqoswakefunction race We're seeing crashes from rqqoswakefunction that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 PF: supervisor write access in kernel...

5.5CVSS6.4AI score0.00212EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2024/10/25 3:7 a.m.•9 views

SUSE CVE-2024-49930

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix array out-of-bound access in SoC stats Currently, the ath11ksocdpstats::halreoerror array is defined with a maximum size of DPREODSTRINGMAX. However, the ath11kdpprocessrx function access...

7.8CVSS6.3AI score0.00258EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2024/10/24 3:18 a.m.•9 views

SUSE CVE-2024-49959

In the Linux kernel, the following vulnerability has been resolved: jbd2: stop waiting for space when jbd2cleanupjournaltail returns error In jbd2logwaitforspace, we might call jbd2cleanupjournaltail to recover some journal space. But if an error occurs while executing jbd2cleanupjournaltail e.g....

5.5CVSS6.5AI score0.00259EPSS
Exploits0References21
Total number of security vulnerabilities5000