59855 matches found
SUSE CVE-2025-66863
An issue was discovered in function ddiscriminator in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...
SUSE CVE-2025-66864
An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...
SUSE CVE-2025-66865
An issue was discovered in function dprintcompinner in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...
SUSE CVE-2025-66866
An issue was discovered in function dabitags in file cp-demangle.c in BinUtils 2.26 allows attackers to cause a denial of service via crafted PE file...
SUSE CVE-2025-68431
libheif is an HEIF and AVIF file format decoder and encoder. Prior to version 1.21.0, a crafted HEIF that exercises the overlay image item path triggers a heap buffer over-read in HeifPixelImage::overlay. The function computes a negative row length likely from an unclipped overlay rectangle or...
SUSE CVE-2025-69194
A security issue was discovered in GNU Wget2 when handling Metalink documents. The application fails to properly validate file paths provided in Metalink elements. An attacker can abuse this behavior to write files to unintended locations on the system. This can lead to data loss or potentially...
SUSE CVE-2025-69195
A flaw was found in GNU Wget2. This vulnerability, a stack-based buffer overflow, occurs in the filename sanitization logic when processing attacker-controlled URL paths, particularly when filename restriction options are active. A remote attacker can exploit this by providing a specially crafted...
SUSE CVE-2025-69217
coturn is a free open source implementation of TURN and STUN Server. Versions 4.6.2r5 through 4.7.0-r4 have a bad random number generator for nonces and port randomization after refactoring. Additionally, random numbers aren't generated with openssl's RANDbytes but libc's random if it's not runni...
SUSE CVE-2018-25153
This CVE ID has been rejected or withdrawn by its CVE Numbering Authority as the reported issue does not constitute a security vulnerability and represents a minor, non-exploitable memory leak...
SUSE CVE-2018-25154
GNU Barcode 0.99 contains a buffer overflow vulnerability in its code 93 encoding process that allows attackers to trigger memory corruption. Attackers can exploit boundary errors during input file processing to potentially execute arbitrary code on the affected system...
SUSE CVE-2025-15095
A security vulnerability has been detected in postmanlabs httpbin up to 0.6.1. This affects an unknown function of the file httpbin-master/httpbin/core.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed publicly and may be used...
SUSE CVE-2025-68920
C-Kermit aka ckermit through 10.0 Beta.12 aka 416-beta12 before 244644d allows a remote Kermit system to overwrite files on the local system, or retrieve arbitrary files from the local system...
SUSE CVE-2025-68937
Forgejo before 13.0.2 allows attackers to write to unintended files, and possibly obtain server shell access, because of mishandling of out-of-repository symlink destinations for template repositories. This is also fixed for 11 LTS in 11.0.7 and later...
SUSE CVE-2025-68972
In GnuPG through 2.4.8, if a signed message has \f at the end of a plaintext line, an adversary can construct a modified message that places additional text after the signed material, such that signature verification of the modified message succeeds although an "invalid armor" message is printed...
SUSE CVE-2025-68973
In GnuPG before 2.4.9, armorfilter in g10/armor.c has two increments of an index variable where one is intended, leading to an out-of-bounds write for crafted input. For ExtendedLTS, 2.2.51 and later are fixed versions...
SUSE CVE-2025-14177
In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, the getimagesize function may leak uninitialized heap memory into the APPn segments e.g., APP1 when reading images in multi-chunk mode such as via php://filter. This occurs due to a...
SUSE CVE-2025-14178
In PHP versions:8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1, a heap buffer overflow occurs in arraymerge when the total element count of packed arrays exceeds 32-bit limits or HTMAXSIZE, due to an integer overflow in the precomputation of...
SUSE CVE-2025-14180
In PHP versions 8.1. before 8.1.34, 8.2. before 8.2.30, 8.3. before 8.3.29, 8.4. before 8.4.16, 8.5. before 8.5.1 when using the PDO PostgreSQL driver with PDO::ATTREMULATEPREPARES enabled, an invalid character sequence such as \x99 in a prepared statement parameter may cause the quoting function...
SUSE CVE-2022-50697
In the Linux kernel, the following vulnerability has been resolved: mrp: introduce active flags to prevent UAF when applicant uninit The caller of deltimersync must prevent restarting of the timer, If we have no this synchronization, there is a small probability that the cancellation will not be...
SUSE CVE-2022-50698
In the Linux kernel, the following vulnerability has been resolved: ASoC: da7219: Fix an error handling path in da7219registerdaiclks If clkhwregister fails, the corresponding clk should not be unregistered. To handle errors from loops, clean up partial iterations before doing the goto. So add a...
SUSE CVE-2022-50699
In the Linux kernel, the following vulnerability has been resolved: selinux: enable use of both GFPKERNEL and GFPATOMIC in convertcontext The following warning was triggered on a hardware environment: SELinux: Converting 162 SID table entries... BUG: sleeping function called from invalid context ...
SUSE CVE-2022-50700
In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: Delay the unmapping of the buffer On WCN3990, we are seeing a rare scenario where copy engine hardware is sending a copy complete interrupt to the host driver while still processing the buffer that the driver has...
SUSE CVE-2022-50701
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921s: fix slab-out-of-bounds access in sdio host SDIO may need addtional 511 bytes to align bus operation. If the tailroom of this skb is not big enough, we would access invalid memory region. For low level...
SUSE CVE-2022-50702
In the Linux kernel, the following vulnerability has been resolved: vdpasim: fix possible memory leak in vdpasimnetinit and vdpasimblkinit Inject fault while probing module, if deviceregister fails in vdpasimnetinit or vdpasimblkinit, but the refcount of kobject is not decreased to 0, the name...
SUSE CVE-2022-50703
In the Linux kernel, the following vulnerability has been resolved: soc: qcom: smsm: Fix refcount leak bugs in qcomsmsmprobe There are two refcount leak bugs in qcomsmsmprobe: 1 The 'localnode' is escaped out from foreachchildofnode as the break of iteration, we should call ofnodeput for it in...
SUSE CVE-2022-50704
In the Linux kernel, the following vulnerability has been resolved: USB: gadget: Fix use-after-free during usb config switch In the process of switching USB config from rndis to other config, if the hardware does not support the -pullup callback, or the hardware encounters a low probability fault...
SUSE CVE-2022-50705
In the Linux kernel, the following vulnerability has been resolved: iouring/rw: defer fsnotify calls to task context We can't call these off the kiocb completion as that might be off soft/hard irq context. Defer the calls to when we process the taskwork for this request. That avoids valid...
SUSE CVE-2022-50706
In the Linux kernel, the following vulnerability has been resolved: net/ieee802154: don't warn zero-sized rawsendmsg syzbot is hitting skbassertlen warning at devqueuexmit 1, for PFIEEE802154 socket's zero-sized rawsendmsg request is hitting devqueuexmit with skb-len == 0. Since PFIEEE802154...
SUSE CVE-2022-50707
In the Linux kernel, the following vulnerability has been resolved: virtio-crypto: fix memory leak in virtiocryptoalgskcipherclosesession 'vcctrlreq' is alloced in virtiocryptoalgskcipherclosesession, and should be freed in the invalid ctrlstatus-status error handling case. Otherwise there is a...
SUSE CVE-2022-50708
In the Linux kernel, the following vulnerability has been resolved: HSI: ssiprotocol: fix potential resource leak in ssippnopen ssippnopen claims the HSI client's port with hsiclaimport. When hsiregisterportevent gets some error and returns a negetive value, the HSI client's port should be releas...
SUSE CVE-2022-50709
In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg syzbot is reporting uninit value at ath9khtcrxmsg 1, for ioctlUSBRAWIOCTLEPWRITE can call ath9khifusbrxstream with pktlen = 0 but ath9khifusbrxstream uses devallocskbpktlen +...
SUSE CVE-2022-50710
In the Linux kernel, the following vulnerability has been resolved: ice: set txtstamps when creating new Tx rings via ethtool When the user changes the number of queues via ethtool, the driver allocates new rings. This allocation did not initialize txtstamps. This results in the txtstamps field...
SUSE CVE-2022-50711
In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtkethsoc: fix possible memory leak in mtkprobe If mtkwedaddhw has been called, mtkwedexit needs be called in error path or removing module to free the memory allocated in mtkwedaddhw...
SUSE CVE-2022-50712
In the Linux kernel, the following vulnerability has been resolved: devlink: hold region lock when flushing snapshots Netdevsim triggers a splat on reload, when it destroys regions with snapshots pending: WARNING: CPU: 1 PID: 787 at net/core/devlink.c:6291 devlinkregionsnapshotdel+0x12e/0x140 CPU...
SUSE CVE-2022-50713
In the Linux kernel, the following vulnerability has been resolved: clk: visconti: Fix memory leak in viscontiregisterpll @pll-ratetable has allocated memory by kmemdup, if clkhwregister fails, it should be freed, otherwise it will cause memory leak issue, this patch fixes it...
SUSE CVE-2022-50714
In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix rmmod crash in driver reload test In insmod/rmmod stress test, the following crash dump shows up immediately. The problem is caused by missing mt76dev in mt7921pciremove. We should make sure the drvdata i...
SUSE CVE-2022-50715
In the Linux kernel, the following vulnerability has been resolved: md/raid1: stop mdxraid1 thread when raid1 array run failed fail run raid1 array when we assemble array with the inactive disk only, but the mdxraid1 thread were not stop, Even if the associated resources have been released. it wi...
SUSE CVE-2022-50716
In the Linux kernel, the following vulnerability has been resolved: wifi: ar5523: Fix use-after-free on ar5523cmd timed out syzkaller reported use-after-free with the stack trace like below 1: 38.960489 C3 ================================================================== 38.963216 C3 BUG: KASAN:...
SUSE CVE-2022-50717
In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: add bounds check on Transfer Tag ttag is used as an index to get cmd in nvmettcphandleh2cdatapdu, add a bounds check to avoid out-of-bounds access...
SUSE CVE-2022-50718
In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix pci device refcount leak As comment of pcigetdomainbusandslot says, it returns a pci device with refcount increment, when finish using it, the caller must decrement the reference count by calling pcidevput. So...
SUSE CVE-2022-50719
In the Linux kernel, the following vulnerability has been resolved: ALSA: line6: fix stack overflow in line6miditransmit Correctly calculate available space including the size of the chunk buffer. This fixes a buffer overflow when multiple MIDI sysex messages are sent to a PODxt device...
SUSE CVE-2022-50720
In the Linux kernel, the following vulnerability has been resolved: x86/apic: Don't disable x2APIC if locked The APIC supports two modes, legacy APIC or xAPIC, and Extended APIC or x2APIC. X2APIC mode is mostly compatible with legacy APIC, but it disables the memory-mapped APIC interface in favor...
SUSE CVE-2022-50721
In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom-adm: fix wrong calling convention for prepslavesg The calling convention for preslavesg is to return NULL on error and provide an error log to the system. Qcom-adm instead provide error pointer when an error occur...
SUSE CVE-2022-50722
In the Linux kernel, the following vulnerability has been resolved: media: ipu3-imgu: Fix NULL pointer dereference in active selection access What the IMGU driver did was that it first acquired the pointers to active and try V4L2 subdev state, and only then figured out which one to use. The probl...
SUSE CVE-2022-50723
In the Linux kernel, the following vulnerability has been resolved: bnxten: fix memory leak in bnxtnvmtest Free the kzalloc'ed buffer before returning in the success path...
SUSE CVE-2022-50724
In the Linux kernel, the following vulnerability has been resolved: regulator: core: fix resource leak in regulatorregister I got some resource leak reports while doing fault injection test: OF: ERROR: memory leak, expected refcount 1 instead of 100, ofnodeget/ofnodeput unbalanced - destroy cset...
SUSE CVE-2022-50725
In the Linux kernel, the following vulnerability has been resolved: media: vidtv: Fix use-after-free in vidtvbridgedvbinit KASAN reports a use-after-free: BUG: KASAN: use-after-free in dvbdmxdevrelease+0x4d5/0x5d0 dvbcore Call Trace: ... dvbdmxdevrelease+0x4d5/0x5d0 dvbcore...
SUSE CVE-2022-50726
In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Fix possible use-after-free in async command interface mlx5cmdcleanupasyncctx should return only after all its callback handlers were completed. Before this patch, the below race between mlx5cmdcleanupasyncctx and...
SUSE CVE-2022-50727
In the Linux kernel, the following vulnerability has been resolved: scsi: efct: Fix possible memleak in efctdeviceinit In efctdeviceinit, when efctscsiregfctransport fails, efctscsitgtdriverexit is not called to release memory for efctscsitgtdriverinit and causes memleak: unreferenced object...
SUSE CVE-2022-50728
In the Linux kernel, the following vulnerability has been resolved: s390/lcs: Fix return type of lcsstartxmit With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call target is valid ...