Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2025/05/03 2:51 a.m.•9 views

SUSE CVE-2023-53068

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: Limit packet length to skb-len Packet length retrieved from descriptor may be larger than the actual socket buffer length. In such case the cloned skb passed up the network stack will leak kernel memory content...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/05/03 2:50 a.m.•9 views

SUSE CVE-2023-53097

In the Linux kernel, the following vulnerability has been resolved: powerpc/iommu: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead...

5.5CVSS6.4AI score0.00166EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/05/02 2:3 a.m.•9 views

SUSE CVE-2025-23155

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Fix accessing freed irq affinityhint In stmmacrequestirqmultimsi, a pointer to the stack variable cpumask is passed to irqsetaffinityhint. This value is stored in irqdesc-affinityhint, but once stmmacrequestirqmultim...

5.5CVSS6.3AI score0.00168EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/05/02 2:2 a.m.•9 views

SUSE CVE-2025-37787

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered Russell King reports that a system with mv88e6xxx dereferences a NULL pointer when unbinding this driver:...

5.5CVSS7.7AI score0.00156EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/05/02 2:2 a.m.•9 views

SUSE CVE-2025-37793

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix null-ptr-deref in avscomponentprobe devmkasprintf returns NULL when memory allocation fails. Currently, avscomponentprobe does not check for this case, which results in a NULL pointer dereference...

5.5CVSS7.8AI score0.00155EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/04/29 2:56 p.m.•9 views

SUSE CVE-2025-31650

Improper Input Validation vulnerability in Apache Tomcat. Incorrect error handling for some invalid HTTP priority headers resulted in incomplete clean-up of the failed request which created a memory leak. A large number of such requests could trigger an OutOfMemoryException resulting in a denial ...

7.5CVSS6.9AI score0.66933EPSS
Exploits5References9
SUSE CVE
SUSE CVE
•added 2025/04/23 2:38 a.m.•9 views

SUSE CVE-2025-22095

In the Linux kernel, the following vulnerability has been resolved: PCI: brcmstb: Fix error path after a call to regulatorbulkget If the regulatorbulkget returns an error and no regulators are created, we need to set their number to zero. If we don't do this and the PCIe link up fails, a call to...

5.5CVSS7.6AI score0.00176EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/04/18 11:20 p.m.•9 views

SUSE CVE-2025-22036

In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after getblock When getblock is called with a bufferhead allocated on the stack, such as dompagereadpage, stack corruption due to bufferhead UAF may occur in the following race condition...

5.5CVSS7.7AI score0.00163EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/04/18 11:20 p.m.•9 views

SUSE CVE-2025-22039

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix overflow in dacloffset bounds check The dacloffset field was originally typed as int and used in an unchecked addition, which could overflow and bypass the existing bounds check in both smbcheckpermdacl and...

7.1CVSS7.7AI score0.00257EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/04/18 11:18 p.m.•9 views

SUSE CVE-2025-40325

In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQNOWAIT raid10handlediscard should wait barrier before returning a discard bio which has REQNOWAIT. And there is no need to print warning calltrace if a discard bio...

5.5CVSS6.5AI score0.00214EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/04/18 1:24 a.m.•9 views

SUSE CVE-2025-22030

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix cryptofreeacomp deadlock in zswapcpucompdead Currently, zswapcpucompdead calls cryptofreeacomp while holding the per-CPU acompctx mutex. cryptofreeacomp then holds scomplock through cryptoexitscompopsasync. On the...

4.7CVSS7.7AI score0.00174EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/04/05 2:24 a.m.•9 views

SUSE CVE-2025-21991

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA nodes Currently, loadmicrocodeamd iterates over all NUMA nodes, retrieves their CPU masks and unconditionally accesses per-CPU data for the first CPU of each mask...

5.5CVSS7.6AI score0.00195EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/04/04 2:59 a.m.•9 views

SUSE CVE-2025-21923

In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the clienthdev used for intercepting hidraw access. This can lead to scheduling deferred work to reattach the input...

5.5CVSS7.6AI score0.00193EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/04/04 2:58 a.m.•9 views

SUSE CVE-2025-21963

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acdirmax mount option User-provided mount parameter acdirmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

5.5CVSS7.8AI score0.00178EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2025/04/04 2:58 a.m.•9 views

SUSE CVE-2025-21995

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix fence reference count leak The lastscheduled fence leaks when an entity is being killed and adding the cleanup callback fails. Decrement the reference count of prev when dmafenceaddcallback fails, ensuring proper...

5.5CVSS7.8AI score0.00176EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/03/29 3:4 a.m.•9 views

SUSE CVE-2025-1097

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of...

8.8CVSS7.6AI score0.34677EPSS
Exploits7References5
SUSE CVE
SUSE CVE
•added 2025/03/29 3:3 a.m.•9 views

SUSE CVE-2025-24514

A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the auth-url Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets...

8.8CVSS7.6AI score0.31809EPSS
Exploits8References5
SUSE CVE
SUSE CVE
•added 2025/03/28 3:0 a.m.•9 views

SUSE CVE-2025-21883

In the Linux kernel, the following vulnerability has been resolved: ice: Fix deinitializing VF in error path If iceenavfs fails after calling icecreatevfentries, it frees all VFs without removing them from snapshot PF-VF mailbox list, leading to list corruption. Reproducer: devlink dev eswitch se...

5.5CVSS7.6AI score0.00193EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/03/07 2:39 a.m.•9 views

SUSE CVE-2024-58051

In the Linux kernel, the following vulnerability has been resolved: ipmi: ipmb: Add check devmkasprintf returned value devmkasprintf can return a NULL pointer on failure but this returned value is not checked...

5.5CVSS7.7AI score0.00189EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/03/07 2:39 a.m.•9 views

SUSE CVE-2024-58052

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix potential NULL pointer dereference in atomctrlgetsmcsclkrangetable The function atomctrlgetsmcsclkrangetable does not check the return value of smuatomgetdatatable. If smuatomgetdatatable fails to retrieve SMUInfo...

5.5CVSS6.8AI score0.00201EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/03/07 2:39 a.m.•9 views

SUSE CVE-2024-58061

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARNON, but that should remain since internally we want to know about bugs that may cause this. Prevent deactivating all links in the debugf...

5.5CVSS7.7AI score0.00166EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/03/01 2:52 a.m.•9 views

SUSE CVE-2025-21802

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix oops when unload drivers paralleling When unload hclge driver, it tries to disable sriov first for each aedev node from hnae3aedevlist. If user unloads hns3 driver at the time, because it removes all the aedev node...

5.5CVSS6.7AI score0.00186EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/28 2:22 a.m.•9 views

SUSE CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using xacmpxchg to make sure this is the only time we are destroying this specific mr. Without this change, we could try to...

5.5CVSS6.7AI score0.00188EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/02/28 2:21 a.m.•9 views

SUSE CVE-2025-21719

In the Linux kernel, the following vulnerability has been resolved: ipmr: do not call mrmfcusesdev for unres entries syzbot found that calling mrmfcusesdev for unres entries would crash 1, because c-mfcun.res.minvif / c-mfcun.res.maxvif alias to "struct skbuffhead unresolved", which contain two...

5.5CVSS7.6AI score0.00181EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/02/28 2:21 a.m.•9 views

SUSE CVE-2025-21743

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix possible overflow in DPE length check Originally, it was possible for the DPE length check to overflow if wDatagramIndex + wDatagramLength U16MAX. This could lead to an OoB read. Move the wDatagramIndex term t...

5.5CVSS7.7AI score0.00204EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/28 2:21 a.m.•9 views

SUSE CVE-2025-21744

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix NULL pointer dereference in brcmftxfinalize On removal of the device or unloading of the kernel module a potential NULL pointer dereference occurs. The following sequence deletes the interface: brcmfdetach...

5.5CVSS6.8AI score0.00216EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/28 2:20 a.m.•9 views

SUSE CVE-2025-21776

In the Linux kernel, the following vulnerability has been resolved: USB: hub: Ignore non-compliant devices with too many configs or interfaces Robert Morris created a test program which can cause usbhubtostructhub to dereference a NULL or inappropriate pointer: Oops: general protection fault,...

5.5CVSS6.7AI score0.00229EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/02/27 3:10 a.m.•9 views

SUSE CVE-2022-49215

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xskunbinddev starts by setting xs-state to XSKUNBOUND, sets xs-dev to...

5.5CVSS6.7AI score0.00169EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/02/27 3:9 a.m.•9 views

SUSE CVE-2022-49264

In the Linux kernel, the following vulnerability has been resolved: exec: Force single empty string when argv is empty Quoting1 Ariadne Conill: "In several other operating systems, it is a hard requirement that the second argument to execve2 be the name of a program, thus prohibiting a scenario...

5.5CVSS6.4AI score0.00283EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/02/27 3:8 a.m.•9 views

SUSE CVE-2022-49372

In the Linux kernel, the following vulnerability has been resolved: tcp: tcprtxsynack can be called from process context Laurent reported the enclosed report 1 This bug triggers with following coditions: 0 Kernel built with CONFIGDEBUGPREEMPT=y 1 A new passive FastOpen TCP socket is created. This...

5.5CVSS6.2AI score0.00283EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/02/19 12:15 a.m.•9 views

SUSE CVE-2025-21703

In the Linux kernel, the following vulnerability has been resolved: netem: Update sch-q.qlen before qdisctreereducebacklog qdisctreereducebacklog notifies parent qdisc only if child qdisc becomes empty, therefore we need to reduce the backlog of the child qdisc before calling it. Otherwise it wou...

7.8CVSS6.3AI score0.00275EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/02/14 7:7 a.m.•9 views

SUSE CVE-2023-0459

Copyfromuser on 64-bit versions of the Linux kernel does not implement the uaccessbeginnospec allowing a user to bypass the "accessok" check and pass a kernel pointer to copyfromuser. This would allow an attacker to leak information. We recommend upgrading beyond commit...

4.7CVSS6.5AI score0.00635EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/02/14 6:11 a.m.•9 views

SUSE CVE-2023-45648

Improper Input Validation vulnerability in Apache Tomcat.Tomcat from 11.0.0-M1 through 11.0.0-M11, from 10.1.0-M1 through 10.1.13, from 9.0.0-M1 through 9.0.81 and from 8.5.0 through 8.5.93 did not correctly parse HTTP trailer headers. A specially crafted, invalid trailer header could cause Tomca...

7.5CVSS7.5AI score0.05848EPSS
Exploits2References6
SUSE CVE
SUSE CVE
•added 2025/02/14 5:47 a.m.•9 views

SUSE CVE-2024-4577

In PHP versions 8.1. before 8.1.29, 8.2. before 8.2.20, 8.3. before 8.3.8, when using Apache and PHP-CGI on Windows, if the system is set up to use certain code pages, Windows may use "Best-Fit" behavior to replace characters in command line given to Win32 API functions. PHP CGI module may...

9.8CVSS8.3AI score0.99987EPSS
Exploits64References6
SUSE CVE
SUSE CVE
•added 2025/02/14 4:3 a.m.•9 views

SUSE CVE-2024-53677

File upload logic in Apache Struts is flawed. An attacker can manipulate file upload params to enable paths traversal and under some circumstances this can lead to uploading a malicious file which can be used to perform Remote Code Execution. This issue affects Apache Struts: from 2.0.0 before...

9.8CVSS9.7AI score0.78198EPSS
Exploits15References3
SUSE CVE
SUSE CVE
•added 2025/02/11 3:48 a.m.•9 views

SUSE CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

7CVSS6.5AI score0.002EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/01/24 4:12 a.m.•9 views

SUSE CVE-2024-10846

The compose-go library component in versions v2.10-v2.4.0 allows an authorized user who sends malicious YAML payloads to cause the compose-go to consume excessive amount of Memory and CPU cycles while parsing YAML, such as used by Docker Compose from versions v2.27.0 to v2.29.7 included...

6.5CVSS6.9AI score0.00223EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/01/22 3:48 a.m.•9 views

SUSE CVE-2024-57932

In the Linux kernel, the following vulnerability has been resolved: gve: guard XDP xmit NDO on existence of xdp queues In GVE, dedicated XDP queues only exist when an XDP program is installed and the interface is up. As such, the NDO XDP XMIT callback should return early if either of these...

5.5CVSS7.7AI score0.00202EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/22 3:48 a.m.•9 views

SUSE CVE-2025-21656

In the Linux kernel, the following vulnerability has been resolved: hwmon: drivetemp Fix driver producing garbage data when SCSI errors occur scsiexecutecmd function can return both negative linux codes and positive scsicmnd result field error codes. Currently the driver just passes error codes o...

3.3CVSS7.7AI score0.00199EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/20 3:48 a.m.•9 views

SUSE CVE-2024-57906

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

3.3CVSS7.4AI score0.00214EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/20 3:48 a.m.•9 views

SUSE CVE-2024-57912

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp u32 pressure, u16...

3.3CVSS7.3AI score0.00214EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/01/16 3:49 a.m.•9 views

SUSE CVE-2024-57899

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix mbss changed flags corruption on 32 bit systems On 32-bit systems, the size of an unsigned long is 4 bytes, while a u64 is 8 bytes. Therefore, when using oreachsetbitbit, &bits, sizeofchanged BITSPERBYTE, the...

6.1CVSS7.7AI score0.00218EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/12 12:14 a.m.•9 views

SUSE CVE-2024-56638

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftinner: incorrect percpu area handling under softirq Softirq can interrupt ongoing packet from process context that is walking over the percpu area that contains inner header offsets. Disable bh and perform three...

5.3CVSS7.7AI score0.00222EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2025/01/10 12:22 a.m.•9 views

SUSE CVE-2024-56602

In the Linux kernel, the following vulnerability has been resolved: net: ieee802154: do not leave a dangling sk pointer in ieee802154create sockinitdata attaches the allocated sk object to the provided sock object. If ieee802154create fails later, the allocated sk object is freed, but the danglin...

7.8CVSS7.6AI score0.00231EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/01/09 12:22 a.m.•9 views

SUSE CVE-2024-56593

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...

5.5CVSS7.5AI score0.00224EPSS
Exploits0References14
SUSE CVE
SUSE CVE
•added 2025/01/09 12:20 a.m.•9 views

SUSE CVE-2024-56778

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in stihqvdpatomiccheck The return value of drmatomicgetcrtcstate needs to be checked. To avoid use of error pointer 'crtcstate' in case of the failure...

5.5CVSS7.7AI score0.00203EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/12/29 3:48 a.m.•9 views

SUSE CVE-2024-56688

In the Linux kernel, the following vulnerability has been resolved: sunrpc: clear XPRTSOCKUPDTIMEOUT when reset transport Since transport-sock has been set to NULL during reset transport, XPRTSOCKUPDTIMEOUT also needs to be cleared. Otherwise, the xstcpsetsockettimeouts may be triggered in...

5.5CVSS7.6AI score0.00225EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53175

In the Linux kernel, the following vulnerability has been resolved: ipc: fix memleak if msginitns failed in createipcns Percpu memory allocation may failed during createipcns however this fail is not handled properly since ipc sysctls and mq sysctls is not released properly. Fix this by release...

3.3CVSS7.8AI score0.00231EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53179

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free of signing key Customers have reported use-after-free in @ses-authkey.response with SMB2.1 + sign mounts which occurs due to following race: task A task B cifsmount dfsmountshare getsession...

7CVSS7.7AI score0.00245EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2024/12/28 3:50 a.m.•9 views

SUSE CVE-2024-53180

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Add sanity NULL check for the default mmap fault handler A driver might allow the mmap access before initializing its runtime-dmaarea properly. Add a proper NULL check before passing to virttopage for avoiding a panic...

5.5CVSS7.7AI score0.00231EPSS
Exploits0References13
Total number of security vulnerabilities5000