Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54130

In the Linux kernel, the following vulnerability has been resolved: hfs/hfsplus: avoid WARNON for sanity check, use proper error handling Commit 55d1cbbbb29e "hfs/hfsplus: use WARNON for sanity check" fixed a build warning by turning a comment into a WARNON, but it turns out that syzbot then...

5.5CVSS6.4AI score0.00184EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54131

In the Linux kernel, the following vulnerability has been resolved: wifi: rt2x00: Fix memory leak when handling surveys When removing a rt2x00 device, its associated channel surveys are not freed, causing a memory leak observable with kmemleak: unreferenced object 0xffff9620f0881a00 size 512: com...

4.7CVSS6.5AI score0.00175EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54132

In the Linux kernel, the following vulnerability has been resolved: erofs: stop parsing non-compact HEAD index if clusterofs is invalid Syzbot generated a crafted image 1 with a non-compact HEAD index of clusterofs 33024 while valid numbers should be 0 lclustersize-1, which causes the following...

5.5CVSS6.2AI score0.0018EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54133

In the Linux kernel, the following vulnerability has been resolved: nfp: clean mc addresses in application firmware when closing port When moving devices from one namespace to another, mc addresses are cleaned in software while not removed from application firmware. Thus the mc addresses are...

4.7CVSS6.5AI score0.00162EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54134

In the Linux kernel, the following vulnerability has been resolved: autofs: fix memory leak of waitqueues in autofscatatonicmode Syzkaller reports a memory leak: BUG: memory leak unreferenced object 0xffff88810b279e00 size 96: comm "syz-executor399", pid 3631, jiffies 4294964921 age 23.870s hex...

4.7CVSS6.6AI score0.00199EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54135

In the Linux kernel, the following vulnerability has been resolved: mapletree: fix potential out-of-bounds access in maswrendpiv Check the write offset end bounds before using it as the offset into the pivot array. This avoids a possible out-of-bounds access on the pivot array if the write extend...

6.6CVSS6.4AI score0.00175EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54136

In the Linux kernel, the following vulnerability has been resolved: serial: sprd: Fix DMA buffer leak issue Release DMA buffer when probe returns failure to avoid memory leak...

4.7CVSS6.7AI score0.00173EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54137

In the Linux kernel, the following vulnerability has been resolved: vfio/type1: fix capmigration information leak Fix an information leak where an uninitialized hole in struct vfioiommutype1infocapmigration on the stack is exposed to userspace. The definition of struct...

6.3CVSS6.4AI score0.0018EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54138

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on irq uninstall In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

5.5CVSS6.7AI score0.00175EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54139

In the Linux kernel, the following vulnerability has been resolved: tracing/userevents: Ensure write index cannot be negative The write index indicates which event the data is for and accesses a per-file array. The index is passed by user processes during write calls as the first 4 bytes. Ensure...

6.6AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.11 views

SUSE CVE-2023-54140

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix WARNING in markbufferdirty due to discarded buffer reuse A syzbot stress test using a corrupted disk image reported that markbufferdirty called from nilfsmarkinodedirty or nilfspalloccommitallocentry may output a kern...

3.3CVSS6.4AI score0.00195EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.3 views

SUSE CVE-2023-54141

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: Add missing hwops-getringselector for IPQ5018 During sending data after clients connected, hwops-getringselector will be called. But for IPQ5018, this member isn't set, and the following NULL pointer exception will ...

5.5CVSS6.4AI score0.00173EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.3 views

SUSE CVE-2023-54142

In the Linux kernel, the following vulnerability has been resolved: gtp: Fix use-after-free in gtpencapdestroy. syzkaller reported use-after-free in gtpencapdestroy. 0 It shows the same process freed sk and touched it illegally. Commit e198987e7dd7 "gtp: fix suspicious RCU usage" added locksock a...

7CVSS6.5AI score0.00195EPSS
Exploits0References30
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.6 views

SUSE CVE-2023-54143

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: fix resource leaks in vdecmsgqueueinit If we encounter any error in the vdecmsgqueueinit then we need to set "msgqueue-wdmaaddr.size = 0;". Normally, this is done inside the vdecmsgqueuedeinit function...

4.7CVSS6.5AI score0.00168EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54144

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kernel warning during topology setup This patch fixes the following kernel warning seen during driver load by correctly initializing the p2plink attr before creating the sysfs file: +0.002865 ------------ cut here...

3.3CVSS6.5AI score0.00166EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54145

In the Linux kernel, the following vulnerability has been resolved: bpf: drop unnecessary user-triggerable WARNONCE in verifierl log It's trivial for user to trigger "verifier log line truncated" warning, as verifier has a fixed-sized buffer of 1024 bytes as of now, and there are at least two...

6.7AI score0.00166EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.11 views

SUSE CVE-2023-54146

In the Linux kernel, the following vulnerability has been resolved: x86/kexec: Fix double-free of elf header buffer After b3e34a47f989 "x86/kexec: fix memory leak of elf header buffer", freeing image-elfheaders in the error path of crashloadsegments is not needed because kimagefilepostloadcleanup...

6.3CVSS6.4AI score0.00168EPSS
Exploits0References8
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54147

In the Linux kernel, the following vulnerability has been resolved: media: platform: mtk-mdp3: Add missing check and free for idaalloc Add the check for the return value of the idaalloc in order to avoid NULL pointer dereference. Moreover, free allocated "ctx-id" if mdpm2mopen fails later in orde...

6.5AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.6 views

SUSE CVE-2023-54148

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Move representor neigh cleanup to profile cleanuptx For IP tunnel encapsulation in ECMP Equal-Cost Multipath mode, as the flow is duplicated to the peer eswitch, the related neighbour information on the peer uplink...

6.5CVSS6.4AI score0.00166EPSS
Exploits0References19
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54149

In the Linux kernel, the following vulnerability has been resolved: net: dsa: avoid suspicious RCU usage for synced VLAN-aware MAC addresses When using the felix driver the only one which supports UC filtering and MC filtering as a DSA master for a random other DSA switch, one can see the followi...

5.8CVSS6.5AI score0.00166EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54150

In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix an out of bounds error in BIOS parser The array is hardcoded to 8 in atomfirmware.h, but firmware provides a bigger one sometimes. Deferencing the larger array causes an out of bounds error. commit 4fc1ba4aa589...

6.1CVSS6.5AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54151

In the Linux kernel, the following vulnerability has been resolved: f2fs: Fix system crash due to lack of free space in LFS When f2fs tries to checkpoint during foreground gc in LFS mode, system crash occurs due to lack of free space if the amount of dirty node and dentry pages generated by data...

6.7AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.6 views

SUSE CVE-2023-54152

In the Linux kernel, the following vulnerability has been resolved: can: j1939: prevent deadlock by moving j1939skerrqueue This commit addresses a deadlock situation that can occur in certain scenarios, such as when running data TP/ETP transfer and subscribing to the error queue while receiving a...

4.7CVSS6.5AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.8 views

SUSE CVE-2023-54153

In the Linux kernel, the following vulnerability has been resolved: ext4: turn quotas off if mount failed after enabling quotas Yi found during a review of the patch "ext4: don't BUG on inconsistent journal feature" that when ext4markrecoverycomplete returns an error value, the error handling pat...

5.5CVSS6.4AI score0.00168EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.7 views

SUSE CVE-2023-54154

In the Linux kernel, the following vulnerability has been resolved: scsi: target: core: Fix targetcmdcounter leak The targetcmdcounter struct allocated via targetalloccmdcounter is never freed, resulting in leaks across various transport types, e.g.: unreferenced object 0xffff88801f920120 size 96...

4.7CVSS6.6AI score0.00166EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54155

In the Linux kernel, the following vulnerability has been resolved: net: core: remove unnecessary framesz check in bpfxdpadjusttail Syzkaller reported the following issue: ======================================= Too BIG xdp-framesz = 131072 WARNING: CPU: 0 PID: 5020 at net/core/filter.c:4121...

5.5CVSS6.3AI score0.00168EPSS
Exploits0References17
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54156

In the Linux kernel, the following vulnerability has been resolved: sfc: fix crash when reading stats while NIC is resetting efxnetstats .ndogetstats64 can be called during an ethtool selftest, during which time nicdata-mcstats is NULL as the NIC has been fini'd. In this case do not attempt to...

5.5CVSS6.4AI score0.00215EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54157

In the Linux kernel, the following vulnerability has been resolved: binder: fix UAF of alloc-vma in race with munmap cmllamas: clean forward port from commit 015ac18be7de "binder: fix UAF of alloc-vma in race with munmap" in 5.10 stable. It is needed in mainline after the revert of commit...

6.5AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.4 views

SUSE CVE-2023-54158

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't free qgroup space unless specified Boris noticed in his simple quotas testing that he was getting a leak with Sweet Tea's change to subvol create that stopped doing a transaction commit. This was just a side effect o...

6.5AI score0.00206EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.5 views

SUSE CVE-2023-54159

In the Linux kernel, the following vulnerability has been resolved: usb: mtu3: fix kernel panic at qmu transfer done irq handler When handle qmu transfer irq, it will unlock @mtu-lock before give back request, if another thread handle disconnect event at the same time, and try to disable ep, it m...

4.7CVSS6.4AI score0.00173EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.8 views

SUSE CVE-2023-54160

In the Linux kernel, the following vulnerability has been resolved: firmware: armsdei: Fix sleep from invalid context BUG Running a preempt-rt v6.2-rc3-rt1 based kernel on an Ampere Altra triggers: BUG: sleeping function called from invalid context at kernel/locking/spinlockrt.c:46 inatomic: 0,...

5.5CVSS6.6AI score0.00173EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:54 a.m.6 views

SUSE CVE-2023-54161

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.1AI score0.00018EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:50 a.m.2 views

SUSE CVE-2024-51745

Wasmtime is a fast and secure runtime for WebAssembly. Wasmtime's filesystem sandbox implementation on Windows blocks access to special device filenames such as "COM1", "COM2", "LPT0", "LPT1", and so on, however it did not block access to the special device filenames which use superscript digits,...

10CVSS6.8AI score0.00812EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:46 a.m.7 views

SUSE CVE-2025-12816

An interpretation-conflict CWE-436 vulnerability in node-forge versions 1.3.1 and earlier enables unauthenticated attackers to craft ASN.1 structures to desynchronize schema validations, yielding a semantic divergence that may bypass downstream cryptographic verifications and security decisions...

8.6CVSS7AI score0.00689EPSS
Exploits1References9
SUSE CVE
SUSE CVE
added 2025/12/25 12:27 a.m.11 views

SUSE CVE-2025-67725

Tornado is a Python web framework and asynchronous networking library. In versions 6.5.2 and below, a single maliciously crafted HTTP request can block the server's event loop for an extended period, caused by the HTTPHeaders.add method. The function accumulates values using string concatenation...

7.5CVSS6.5AI score0.00403EPSS
Exploits0References44
SUSE CVE
SUSE CVE
added 2025/12/25 12:27 a.m.7 views

SUSE CVE-2025-67726

Tornado is a Python web framework and asynchronous networking library. Versions 6.5.2 and below use an inefficient algorithm when parsing parameters for HTTP header values, potentially causing a DoS. The parseparam function in httputil.py is used to parse specific HTTP header values, such as thos...

7.5CVSS6.5AI score0.00378EPSS
Exploits0References43
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.3 views

SUSE CVE-2025-68344

In the Linux kernel, the following vulnerability has been resolved: ALSA: wavefront: Fix integer overflow in sample size validation The wavefrontsendsample function has an integer overflow issue when validating sample size. The header-size field is u32 but gets cast to int for comparison with...

6.6CVSS6.9AI score0.00177EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.5 views

SUSE CVE-2025-68345

In the Linux kernel, the following vulnerability has been resolved: ALSA: hda: cs35l41: Fix NULL pointer dereference in cs35l41hdareadacpi The acpigetfirstphysicalnode function can return NULL, in which case the getdevice function also returns NULL, but this value is then dereferenced without...

5.5CVSS6.4AI score0.00206EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.5 views

SUSE CVE-2025-68346

In the Linux kernel, the following vulnerability has been resolved: ALSA: dice: fix buffer overflow in detectstreamformats The function detectstreamformats reads the streamcount value directly from a FireWire device without validating it. This can lead to out-of-bounds writes when a malicious...

5.5CVSS6.9AI score0.00196EPSS
Exploits0References21
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.3 views

SUSE CVE-2025-68347

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-motu: fix buffer overflow in hwdep read for DSP events The DSP event handling code in hwdepread could write more bytes to the user buffer than requested, when a user provides a buffer smaller than the event header...

6.1CVSS7AI score0.00195EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.2 views

SUSE CVE-2025-68348

In the Linux kernel, the following vulnerability has been resolved: block: fix memory leak in blkdevissuezeropages Move the fatal signal check before bioalloc to prevent a memory leak when BLKDEVZEROKILLABLE is set and a fatal signal is pending. Previously, the bio was allocated before checking f...

5.5CVSS6.7AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.5 views

SUSE CVE-2025-68349

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Clear NFSINOLAYOUTCOMMIT in pnfsmarklayoutstateidinvalid Fixes a crash when layout is null during this call stack: writeinode - nfs4writeinode - pnfslayoutcommitinode pnfssetlayoutcommit relies on the lseg refcount to...

5.5CVSS6.5AI score0.00177EPSS
Exploits0References26
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.4 views

SUSE CVE-2025-68350

In the Linux kernel, the following vulnerability has been resolved: exfat: fix divide-by-zero in exfatallocatebitmap The variable maxracount can be 0 in exfatallocatebitmap, which causes a divide-by-zero error in the subsequent modulo operation i % maxracount, leading to a system crash. When...

5.5CVSS6.5AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.3 views

SUSE CVE-2025-68351

In the Linux kernel, the following vulnerability has been resolved: exfat: fix refcount leak in exfatfind Fix refcount leaks in exfatfind related to exfatgetdentryset. Function exfatgetdentryset would increase the reference counter of es-bh on success. Therefore, exfatputdentryset must be called...

5.5CVSS6.5AI score0.00153EPSS
Exploits0References20
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.3 views

SUSE CVE-2025-68352

In the Linux kernel, the following vulnerability has been resolved: spi: ch341: fix out-of-bounds memory access in ch341transferone Discovered by Atuin - Automated Vulnerability Discovery Engine. The 'len' variable is calculated as 'min32, trans-len + 1', which includes the 1-byte command header...

5.5CVSS6.8AI score0.00168EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.6 views

SUSE CVE-2025-68353

In the Linux kernel, the following vulnerability has been resolved: net: vxlan: prevent NULL deref in vxlanxmitone Neither sock4 nor sock6 pointers are guaranteed to be non-NULL in vxlanxmitone, e.g. if the iface is brought down. This can lead to the following NULL dereference: BUG: kernel NULL...

5.5CVSS6.6AI score0.00156EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.5 views

SUSE CVE-2025-68354

In the Linux kernel, the following vulnerability has been resolved: regulator: core: Protect regulatorsupplyaliaslist with regulatorlistmutex regulatorsupplyaliaslist was accessed without any locking in regulatorsupplyalias, regulatorregistersupplyalias, and regulatorunregistersupplyalias...

5.5CVSS6.6AI score0.00177EPSS
Exploits0References22
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.5 views

SUSE CVE-2025-68355

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix exclusive map memory leak When exclproghash is 0 and exclproghashsize is non-zero, the map also needs to be freed. Otherwise, the map memory will not be reclaimed, just like the memory leak problem reported by syzbot 1...

5.5CVSS6.5AI score0.00163EPSS
Exploits0References3
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.6 views

SUSE CVE-2025-68356

In the Linux kernel, the following vulnerability has been resolved: gfs2: Prevent recursive memory reclaim Function newinode returns a new inode with inode-imapping-gfpmask set to GFPHIGHUSERMOVABLE. This value includes the GFPFS flag, so allocations in that address space can recurse into...

5.5CVSS6.7AI score0.00176EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2025/12/25 12:24 a.m.4 views

SUSE CVE-2025-68357

In the Linux kernel, the following vulnerability has been resolved: iomap: allocate sdiodonewq for async reads as well Since commit 222f2c7c6d14 "iomap: always run error completions in user context", read error completions are deferred to sdiodonewq. This means the workqueue also needs to be...

5.5CVSS6.4AI score0.00209EPSS
Exploits0References3
Total number of security vulnerabilities59855