Lucene search
K
SusecveMost viewed

59854 matches found

SUSE CVE
SUSE CVE
•added 2024/06/01 2:24 a.m.•9 views

SUSE CVE-2024-36020

In the Linux kernel, the following vulnerability has been resolved: i40e: fix vf may be used uninitialized in this function warning To fix the regression introduced by commit 52424f974bc5, which causes servers hang in very hard to reproduce conditions with resets races. Using two sources for the...

4.7CVSS6.6AI score0.00247EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/23 2:57 a.m.•9 views

SUSE CVE-2023-52784

In the Linux kernel, the following vulnerability has been resolved: bonding: stop the device in bondsetupbyslave Commit 9eed321cde22 "net: lapbether: only support ethernet devices" has been able to keep syzbot away from net/lapb, until today. In the following splat 1, the issue is that a lapbethe...

4.7CVSS6.2AI score0.00242EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/23 2:56 a.m.•9 views

SUSE CVE-2023-52821

In the Linux kernel, the following vulnerability has been resolved: drm/panel: fix a possible null pointer dereference In versatilepanelgetmodes, the return value of drmmodeduplicate is assigned to mode, which will lead to a NULL pointer dereference on failure of drmmodeduplicate. Add a check to...

5.5CVSS6.4AI score0.00241EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/05/21 2:2 a.m.•9 views

SUSE CVE-2023-52667

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fsanycreategroups When kcalloc for ft-g succeeds but kvzalloc for in fails, fsanycreategroups will free ft-g. However, its caller fsanycreatetable will free ft-g again through calling...

5.5CVSS6.5AI score0.00269EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/21 2:2 a.m.•9 views

SUSE CVE-2023-52679

In the Linux kernel, the following vulnerability has been resolved: of: Fix double free in ofparsephandlewithargsmap In ofparsephandlewithargsmap the inner loop that iterates through the map entries calls ofnodeputnew to free the reference acquired by the previous iteration of the inner loop. Thi...

5.5CVSS6.5AI score0.00264EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•9 views

SUSE CVE-2024-35800

In the Linux kernel, the following vulnerability has been resolved: efi: fix panic in kdump kernel Check if getnextvariable is actually valid pointer before calling it. In kdump kernel this method is set to NULL that causes panic during the kexec-ed kernel boot. Tested with QEMU and OVMF firmware...

5.5CVSS6.6AI score0.00225EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•9 views

SUSE CVE-2024-35817

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: amdgputtmgartbind set gtt bound flag Otherwise after the GTT bo is released, the GTT and gart space is freed but amdgputtmbackendunbind will not clear the gart page table entry and leave valid mapping entry pointing t...

7.8CVSS6.3AI score0.00228EPSS
Exploits0References69
SUSE CVE
SUSE CVE
•added 2024/05/21 2:0 a.m.•9 views

SUSE CVE-2024-35831

In the Linux kernel, the following vulnerability has been resolved: iouring: Fix release of pinned pages when iouaddrmap fails Looking at the error path of iouaddrmap, if we fail after pinning the pages for any reasons, ret will be set to -EINVAL and the error handler won't properly release the...

5.5CVSS6.5AI score0.00207EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2024/05/21 1:59 a.m.•9 views

SUSE CVE-2024-35895

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Prevent lock inversion deadlock in map delete elem syzkaller started using corpuses where a BPF tracing program deletes elements from a sockmap/sockhash map. Because BPF tracing programs can be invoked from any...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2024/05/21 1:59 a.m.•9 views

SUSE CVE-2024-35905

In the Linux kernel, the following vulnerability has been resolved: bpf: Protect against int overflow for stack access size This patch re-introduces protection against the size of access to stack memory being negative; the access size can appear negative as a result of overflowing its signed int...

7.8CVSS6.5AI score0.00223EPSS
Exploits0References64
SUSE CVE
SUSE CVE
•added 2024/05/18 2:48 a.m.•9 views

SUSE CVE-2023-52661

In the Linux kernel, the following vulnerability has been resolved: drm/tegra: rgb: Fix missing clkput in the error handling paths of tegradcrgbprobe If clkgetsys..., "plld2out0" fails, the clkgetsys call must be undone. Add the missing clkput and a new 'putplldout0' label in the error handling...

3.3CVSS6.3AI score0.00223EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/18 2:46 a.m.•9 views

SUSE CVE-2024-27410

In the Linux kernel, the following vulnerability has been resolved: wifi: nl80211: reject iftype change with mesh ID change It's currently possible to change the mesh ID when the interface isn't yet in mesh mode, at the same time as changing it into mesh mode. This leads to an overwrite of data i...

5.5CVSS6.4AI score0.00247EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2024/05/07 2:49 a.m.•9 views

SUSE CVE-2022-48694

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQ after QP is in error target the wrong CQ. This causes the ibdrainsq to hang with no completion. Fix this to generate...

5.5CVSS6.2AI score0.00234EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2024/05/04 2:29 a.m.•9 views

SUSE CVE-2022-48705

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run macreset several times. The sequence would trigger system crash as the log below. Because we do not re-enable/schedule "txnapi...

5.5CVSS6.3AI score0.00193EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/05/04 2:23 a.m.•9 views

SUSE CVE-2024-27012

In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: restore set elements when delete set fails From abort path, nftmapelemactivate needs to restore refcounters to the original state. Currently, it uses the set-ops-walk to iterate over these set elements. The...

5.5CVSS6.8AI score0.00262EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-26938

In the Linux kernel, the following vulnerability has been resolved: drm/i915/bios: Tolerate devdata==NULL in intelbiosencodersupportsdpdualmode If we have no VBT, or the VBT didn't declare the encoder in question, we won't have the 'devdata' for the encoder. Instead of oopsing just bail early. We...

3.3CVSS6.4AI score0.00222EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27003

In the Linux kernel, the following vulnerability has been resolved: clk: Get runtime PM before walking tree for clksummary Similar to the previous commit, we should make sure that all devices are runtime resumed before printing the clksummary through debugfs. Failure to do so would result in a...

3.3CVSS6.7AI score0.00173EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-26999

In the Linux kernel, the following vulnerability has been resolved: serial/pmaczilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may be better than a hard lock-up but it turns out that you get a crash anyway if you're using pmaczilog as ...

5.5CVSS6.6AI score0.00182EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27000

In the Linux kernel, the following vulnerability has been resolved: serial: mxs-auart: add spinlock around changing cts state The uarthandlectschange function in serialcore expects the caller to hold uport-lock. For example, I have seen the below kernel splat, when the Bluetooth driver is loaded ...

3.3CVSS6.3AI score0.00327EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27014

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Prevent deadlock while disabling aRFS When disabling aRFS under the priv-statelock, any scheduled aRFS works are canceled using the cancelworksync function, which waits for the work to end if it has already started...

5.5CVSS6.3AI score0.00175EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27078

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-tpg: fix some memleaks in tpgalloc In tpgalloc, resources should be deallocated in each and every error-handling paths, since they are allocated in for statements. Otherwise there would be memleaks because tpgfree is...

5.5CVSS6.3AI score0.00291EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/05/03 2:9 a.m.•9 views

SUSE CVE-2024-27389

In the Linux kernel, the following vulnerability has been resolved: pstore: inode: Only dinvalidate is needed Unloading a modular pstore backend with records in pstorefs would trigger the dput double-drop warning: WARNING: CPU: 0 PID: 2569 at fs/dcache.c:762 dput.part.0+0x3f3/0x410 Using the comb...

5.5CVSS6.7AI score0.00226EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2024/04/19 2:20 a.m.•9 views

SUSE CVE-2023-52645

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it is possible that a race condition occurs i...

5.5CVSS6.3AI score0.00173EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/04/19 2:18 a.m.•9 views

SUSE CVE-2024-26825

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rxdatareassembly skb on NCI device cleanup rxdatareassembly skb is stored during NCI data exchange for processing fragmented packets. It is dropped only when the last fragment is processed or when an NTF packet wit...

5.5CVSS6.3AI score0.00237EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2024/04/18 2:31 a.m.•9 views

SUSE CVE-2024-3844

Inappropriate implementation in Extensions in Google Chrome prior to 124.0.6367.60 allowed a remote attacker to perform UI spoofing via a crafted Chrome Extension. Chromium security severity: Low...

4.3CVSS6.7AI score0.00649EPSS
Exploits1References6
SUSE CVE
SUSE CVE
•added 2024/04/18 2:30 a.m.•9 views

SUSE CVE-2024-26839

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix a memleak in initcreditreturn When dmaalloccoherent fails to allocate dd-crbasei.va, initcreditreturn should deallocate dd-crbase and dd-crbasei that allocated before. Or those resources would be never freed and a...

3.3CVSS6.2AI score0.00239EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/04/17 2:29 a.m.•9 views

SUSE CVE-2021-47198

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfcunregrpi routine An error is detected with the following report when unloading the driver: "KASAN: use-after-free in lpfcunregrpi+0x1b1b" The NLPREGLOGINSEND nlpflag is set in...

5.5CVSS7.6AI score0.00219EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/17 2:21 a.m.•9 views

SUSE CVE-2024-26700

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix MST Null Ptr for RV The change try to fix below error specific to RV platform: BUG: kernel NULL pointer dereference, address: 0000000000000008 PGD 0 P4D 0 Oops: 0000 1 PREEMPT SMP NOPTI CPU: 4 PID: 917 Comm:...

5.5CVSS6.3AI score0.00227EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/04/15 11:12 p.m.•9 views

SUSE CVE-2024-26814

In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfdctx trigger pointer of the vfiofslmcirq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. The interrupt handler itself...

4.4CVSS6.2AI score0.00223EPSS
Exploits0References15
SUSE CVE
SUSE CVE
•added 2024/04/13 2:10 a.m.•9 views

SUSE CVE-2024-26764

In the Linux kernel, the following vulnerability has been resolved: fs/aio: Restrict kiocbsetcancelfn to I/O submitted via libaio If kiocbsetcancelfn is called for I/O submitted via iouring, the following kernel warning appears: WARNING: CPU: 3 PID: 368 at fs/aio.c:598 kiocbsetcancelfn+0x9c/0xa8...

3.3CVSS6.3AI score0.00248EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2024/04/12 2:21 a.m.•9 views

SUSE CVE-2021-47181

In the Linux kernel, the following vulnerability has been resolved: usb: musb: tusb6010: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

5.5CVSS7.8AI score0.00226EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/12 2:21 a.m.•9 views

SUSE CVE-2021-47184

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix NULL ptr dereference on VSI filter sync Remove the reason of null pointer dereference in sync VSI filters. Added new I40EVSIRELEASING flag to signalize deleting and releasing of VSI resources to sync this thread with sy...

5.5CVSS7.5AI score0.00238EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2024/04/11 2:31 a.m.•9 views

SUSE CVE-2024-26741

In the Linux kernel, the following vulnerability has been resolved: dccp/tcp: Unhash sk from ehash for tb2 alloc failure after checkestalblished. syzkaller reported a warning 0 in inetcskdestroysock with no repro. WARNONinetsksk-inetnum && !inetcsksk-icskbindhash; However, the syzkaller's log...

5.5CVSS6.6AI score0.0027EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2024/04/10 2:16 a.m.•9 views

SUSE CVE-2024-26722

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645jackdetectwork There is a path in rt5645jackdetectwork, where rt5645-jdmutex is left locked forever. That may lead to deadlock when rt5645jackdetectwork is called for the second time. Found by...

5.5CVSS6.3AI score0.00182EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/04/05 2:23 a.m.•9 views

SUSE CVE-2023-45288

An attacker may cause an HTTP/2 endpoint to read arbitrary amounts of header data by sending an excessive number of CONTINUATION frames. Maintaining HPACK state requires parsing and processing all HEADERS and CONTINUATION frames on a connection. When a request's headers exceed MaxHeaderBytes, no...

5.3CVSS8.8AI score0.91969EPSS
Exploits1References66
SUSE CVE
SUSE CVE
•added 2024/04/04 2:17 a.m.•9 views

SUSE CVE-2024-26660

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Implement bounds check for stream encoder creation in DCN301 'streamencregs' array is an array of dcn10streamencregisters structures. The array is initialized with four elements, corresponding to the four calls t...

5.5CVSS6.7AI score0.00248EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/03/28 4:15 a.m.•9 views

SUSE CVE-2023-52621

In the Linux kernel, the following vulnerability has been resolved: bpf: Check rcureadlocktraceheld before calling bpf map helpers These three bpfmaplookup,update,deleteelem helpers are also available for sleepable bpf program, so add the corresponding lock assertion for sleepable bpf program,...

5.5CVSS6.3AI score0.00238EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2024/03/28 4:14 a.m.•9 views

SUSE CVE-2024-2883

Use after free in ANGLE in Google Chrome prior to 123.0.6312.86 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: Critical...

8.8CVSS9.2AI score0.0334EPSS
Exploits1References5
SUSE CVE
SUSE CVE
•added 2024/03/27 4:26 a.m.•9 views

SUSE CVE-2021-47149

In the Linux kernel, the following vulnerability has been resolved: net: fujitsu: fix potential null-ptr-deref In fmvj18xgethwinfo, if ioremap fails there will be NULL pointer deref. To fix this, check the return value of ioremap and return -1 to the caller in case of failure...

5.5CVSS6.3AI score0.00226EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2024/03/27 4:26 a.m.•9 views

SUSE CVE-2021-47150

In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fecenetinit If the memory allocated for cbdbase is failed, it should free the memory allocated for the queues, otherwise it causes memory leak. And if the memory allocated for the queues...

5.5CVSS7.7AI score0.00225EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2024/03/19 3:50 a.m.•9 views

SUSE CVE-2021-47113

In the Linux kernel, the following vulnerability has been resolved: btrfs: abort in renameexchange if we fail to insert the second ref Error injection stress uncovered a problem where we'd leave a dangling inode ref if we failed during a renameexchange. This happens because we insert the inode re...

5.5CVSS6.3AI score0.00268EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2024/03/19 3:50 a.m.•9 views

SUSE CVE-2021-47114

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption by fallocate When fallocate punches holes out of inode size, if original isize is in the middle of last cluster, then the part from isize to the end of the cluster will be zeroed with buffer write, at...

5.5CVSS8AI score0.00226EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/03/06 4:52 a.m.•9 views

SUSE CVE-2021-47105

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: return xsk buffers back to pool when cleaning the ring Currently we only NULL the xdpbuff pointer in the internal SW ring but we never give it back to the xsk buffer pool. This means that buffers can be leaked out of th...

3.3CVSS6.6AI score0.00292EPSS
Exploits1References12
SUSE CVE
SUSE CVE
•added 2024/03/06 4:34 a.m.•9 views

SUSE CVE-2023-52503

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix use-after-free vulnerability in amdteeclosesession There is a potential race condition in amdteeclosesession that may cause use-after-free in amdteeopensession. For instance, if a session has refcount == 1, and o...

4.5CVSS6.3AI score0.00258EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/03/05 4:49 a.m.•9 views

SUSE CVE-2021-47074

In the Linux kernel, the following vulnerability has been resolved: nvme-loop: fix memory leak in nvmeloopcreatectrl When creating loop ctrl in nvmeloopcreatectrl, if nvmeinitctrl fails, the loop ctrl should be freed before jumping to the "out" label...

3.3CVSS6.2AI score0.00235EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2024/03/05 4:31 a.m.•9 views

SUSE CVE-2023-52501

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not attempt to read past "commit" When iterating over the ring buffer while the ring buffer is active, the writer can corrupt the reader. There's barriers to help detect this and handle it, but that code missed th...

5.5CVSS6.5AI score0.0023EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2024/03/05 4:31 a.m.•9 views

SUSE CVE-2023-52580

In the Linux kernel, the following vulnerability has been resolved: net/core: Fix ETHP1588 flow dissector When a PTP ethernet raw frame with a size of more than 256 bytes followed by a 0xff pattern is sent to skbflowdissect, nhoff value calculation is wrong. For example: hdr-messagelength takes t...

5.5CVSS6AI score0.00225EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2024/03/01 4:8 a.m.•9 views

SUSE CVE-2021-46948

In the Linux kernel, the following vulnerability has been resolved: sfc: farch: fix TX queue lookup in TX event handling We're starting from a TXQ label, not a TXQ type, so efxchannelgettxqueue is inappropriate and could return NULL, leading to panics...

5.5CVSS6.4AI score0.00222EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2024/03/01 4:7 a.m.•9 views

SUSE CVE-2021-46988

In the Linux kernel, the following vulnerability has been resolved: userfaultfd: release page in error path to avoid BUGON Consider the following sequence of events: 1. Userspace issues a UFFD ioctl, which ends up calling into shmemmfillatomicpte. We successfully account the blocks, we...

5.5CVSS6.4AI score0.0024EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2024/03/01 4:7 a.m.•9 views

SUSE CVE-2021-47004

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid touching checkpointed data in getvictim In CP disabling mode, there are two issues when using LFS or SSR | ATSSR mode to select victim: 1. LFS is set to find source section during GC, the victim should have no...

7.1CVSS6.5AI score0.00236EPSS
Exploits0References3
Total number of security vulnerabilities5000