Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix racy bitfield write in btrfsclearspaceinfofull From the memory-barriers.txt document regarding memory barrier ordering guarantees: These guarantees do not apply to bitfields, because compilers often generate code to...

5.5CVSS6.6AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•3 views

SUSE CVE-2025-68359

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix double free of qgroup record after failure to add delayed ref head In the previous code it was possible to incur into a double kfree scenario when calling adddelayedrefhead. This could happen if the record was reported...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68360

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: wed: use proper wed reference in mt76 wed driver callabacks MT7996 driver can use both wed and wedhif2 devices to offload traffic from/to the wireless NIC. In the current codebase we assume to always use the primary w...

5.5CVSS6.4AI score0.00174EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68361

In the Linux kernel, the following vulnerability has been resolved: erofs: limit the level of fs stacking for file-backed mounts Otherwise, it could cause potential kernel stack overflow e.g., EROFS mounting itself...

5.5CVSS6.7AI score0.00194EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68362

In the Linux kernel, the following vulnerability has been resolved: wifi: rtl818x: rtl8187: Fix potential buffer underflow in rtl8187rxcb The rtl8187rxcb calculates the rx descriptor header address by subtracting its size from the skb tail pointer. However, it does not validate if the received...

5.5CVSS6.6AI score0.00177EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68363

In the Linux kernel, the following vulnerability has been resolved: bpf: Check skb-transportheader is set in bpfskbcheckmtu The bpfskbcheckmtu helper needs to use skb-transportheader when the BPFMTUCHKSEGS flag is used: bpfskbcheckmtuskb, ifindex, &mtulen, 0, BPFMTUCHKSEGS The transportheader is...

5.5CVSS6.3AI score0.00173EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68364

In the Linux kernel, the following vulnerability has been resolved: ocfs2: relax BUG to ocfs2error in ocfs2moveextent In 'ocfs2moveextent', relax 'BUG' to 'ocfs2error' just to avoid crashing the whole kernel due to a filesystem corruption...

5.5CVSS6.4AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68365

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Initialize allocated memory before use KMSAN reports: Multiple uninitialized values detected: - KMSAN: uninit-value in ntfsreadhdr 3 - KMSAN: uninit-value in bcmp 3 Memory is allocated by getname, which is a wrapper for...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68366

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config unlock in nbdgenlconnect There is one use-after-free warning when running NBDCMDCONNECT and NBDCLEARSOCK: nbdgenlconnect nbdallocandinitconfig // configrefs=1 nbdstartdevice // configrefs=2 set NBDRTHASCONFIGREF...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•3 views

SUSE CVE-2025-68367

In the Linux kernel, the following vulnerability has been resolved: macintosh/machid: fix race condition in machidtoggleemumouse The following warning appears when running syzkaller, and this issue also exists in the mainline code. ------------ cut here ------------ listadd double add:...

5.5CVSS6.3AI score0.00165EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68368

In the Linux kernel, the following vulnerability has been resolved: md: init bioset in mddevinit IO operations may be needed before mdrun, such as updating metadata after writing sysfs. Without bioset, this triggers a NULL pointer dereference as below: BUG: kernel NULL pointer dereference, addres...

5.5CVSS6.4AI score0.00145EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68369

In the Linux kernel, the following vulnerability has been resolved: ntfs3: init run lock for extend inode After setting the inode mode of $Extend to a regular file, executing the truncate system call will enter the dotruncate routine, causing the runlock uninitialized error reported by syzbot...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•3 views

SUSE CVE-2025-68370

In the Linux kernel, the following vulnerability has been resolved: coresight: tmc: add the handle of the event to the path The handle is essential for retrieving the AUXEVENT of each CPU and is required in perf mode. It has been added to the coresightpath so that dependent devices can access it...

5.5CVSS6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•7 views

SUSE CVE-2025-68371

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix device resources accessed after device removal Correct possible race conditions during device removal. Previously, a scheduled work item to reset a LUN could still execute after the device was removed, leading...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68372

In the Linux kernel, the following vulnerability has been resolved: nbd: defer config put in recvwork There is one uaf issue in recvwork when running NBDCLEARSOCK and NBDCMDRECONFIGURE: nbdgenlconnect // confref=2 connect and recvwork A nbdopen // confref=3 recvwork A done // confref=2 NBDCLEARSO...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68373

In the Linux kernel, the following vulnerability has been resolved: md: avoid repeated calls to delgendisk There is a uaf problem which is found by case 23rdev-lifetime: Oops: general protection fault, probably for non-canonical address 0xdead000000000122 RIP: 0010:bdiunregister+0x4b/0x170 Call...

5.5CVSS6.4AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•3 views

SUSE CVE-2025-68374

In the Linux kernel, the following vulnerability has been resolved: md: fix rcu protection in mdwakeupthread We attempted to use RCU to protect the pointer 'thread', but directly passed the value when calling mdwakeupthread. This means that the RCU pointer has been acquired before rcureadlock,...

5.5CVSS6.4AI score0.00164EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•6 views

SUSE CVE-2025-68375

In the Linux kernel, the following vulnerability has been resolved: perf/x86: Fix NULL event access and potential PEBS record loss When intelpmudrainpebsicl is called to drain PEBS records, the perfeventoverflow could be called to process the last PEBS record. While perfeventoverflow could trigge...

5.5CVSS6.4AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•3 views

SUSE CVE-2025-68376

In the Linux kernel, the following vulnerability has been resolved: coresight: ETR: Fix ETR buffer use-after-free issue When ETR is enabled as CSMODESYSFS, if the buffer size is changed and enabled again, currently sysfsbuf will point to the newly allocated memorybufnew and free the old...

5.5CVSS6.7AI score0.00155EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68377

In the Linux kernel, the following vulnerability has been resolved: ns: initialize nslistnode for initial namespaces Make sure that the list is always initialized for initial namespaces...

5.5CVSS6.6AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•4 views

SUSE CVE-2025-68378

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check in bpfgetstackid Syzkaller reported a KASAN slab-out-of-bounds write in bpfgetstackid when copying stack trace data. The issue occurs when the perf trace contains more stack entries than the stack...

5.5CVSS6.9AI score0.00157EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•5 views

SUSE CVE-2025-68379

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix null deref on srq-rq.queue after resize failure A NULL pointer dereference can occur in rxesrqchkattr when ibvmodifysrq is invoked twice in succession under certain error conditions. The first call may fail in...

5.5CVSS6.5AI score0.00157EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/25 12:24 a.m.•7 views

SUSE CVE-2025-68380

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix peer HE MCS assignment In ath11kwmisendpeerassoccmd, peer's transmit MCS is sent to firmware as receive MCS while peer's receive MCS sent as transmit MCS, which goes against firmwire's definition. While connecti...

5.5CVSS6.5AI score0.00168EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68617

FluidSynth is a software synthesizer based on the SoundFont 2 specifications. From versions 2.5.0 to before 2.5.2, a race condition during unloading of a DLS file can trigger a heap-based use-after-free. A concurrently running thread may be pending to unload a DLS file, leading to use of freed...

7CVSS6.8AI score0.00179EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68724

In the Linux kernel, the following vulnerability has been resolved: crypto: asymmetrickeys - prevent overflow in asymmetrickeygenerateid Use checkaddoverflow to guard against potential integer overflows when adding the binary blob lengths and the size of an asymmetrickeyid structure and return...

5.5CVSS7AI score0.00154EPSS
Exploits0References25
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•2 views

SUSE CVE-2025-68725

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not let BPF test infra emit invalid GSO types to stack Yinhao et al. reported that their fuzzer tool was able to trigger a skbwarnbadoffload from netifskbfeatures - gsofeaturescheck. When a BPF program - triggered via BPF...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•12 views

SUSE CVE-2025-68726

In the Linux kernel, the following vulnerability has been resolved: crypto: aead - Fix reqsize handling Commit afddce13ce81d "crypto: api - Add reqsize to cryptoalg" introduced crareqsize field in cryptoalg struct to replace type specific reqsize fields. It looks like this was introduced...

5.5CVSS6.6AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68727

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Fix uninit buffer allocated by getname Fix uninit errors caused after buffer allocation given to 'de'; by initializing the buffer with zeroes. The fix was found by using KMSAN...

5.5CVSS6.7AI score0.00161EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68728

In the Linux kernel, the following vulnerability has been resolved: ntfs3: fix uninit memory after failed miread in miformatnew Fix a KMSAN un-init bug found by syzkaller. ntfsgetbh expects a buffer from sbgetblk, that buffer may not be uptodate. We do not bring the buffer uptodate before setting...

5.5CVSS6.6AI score0.00161EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68729

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix MSDU buffer types handling in RX error path Currently, packets received on the REO exception ring from unassociated peers are of MSDU buffer type, while the driver expects link descriptor type packets. These...

5.7CVSS6.7AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68730

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix page fault in ivpubounbindallbosfromcontext Don't add BO to the vdev-bolist in ivpugemcreateobject. When failure happens inside drmgemshmemcreate, the BO is not fully created and ivpugembofree callback will not be...

5.5CVSS6.5AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68731

In the Linux kernel, the following vulnerability has been resolved: accel/amdxdna: Fix an integer overflow in aie2queryctxstatusarray The unpublished smatch static checker reported a warning. drivers/accel/amdxdna/aie2pci.c:904 aie2queryctxstatusarray warn: potential user controlled sizeof overfl...

3.3CVSS6.7AI score0.00152EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68732

In the Linux kernel, the following vulnerability has been resolved: gpu: host1x: Fix race in syncpt alloc/free Fix race condition between host1xsyncptalloc and host1xsyncptput by using krefputmutex instead of krefput + manual mutex locking. This ensures no thread can acquire the syncptmutex after...

7CVSS6.4AI score0.00161EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68733

In the Linux kernel, the following vulnerability has been resolved: smack: fix bug: unprivileged task can create labels If an unprivileged task is allowed to relabel itself /smack/relabel-self is not empty, it can freely create new labels by writing their names into own /proc/PID/attr/smack/curre...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References16
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68734

In the Linux kernel, the following vulnerability has been resolved: isdn: mISDN: hfcsusb: fix memory leak in hfcsusbprobe In hfcsusbprobe, the memory allocated for ctrlurb gets leaked when setupinstance fails with an error code. Fix that by freeing the urb before freeing the hw structure. Also...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68735

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Prevent potential UAF in group creation This commit prevents the possibility of a use after free issue in the GROUPCREATE ioctl function, which arose as pointer to the group is accessed in that ioctl function after...

7CVSS6.5AI score0.00181EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•6 views

SUSE CVE-2025-68736

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix handling of disconnected directories Disconnected files or directories can appear when they are visible and opened from a bind mount, but have been renamed or moved from the source of the bind mount in a way that...

5.7CVSS6.2AI score0.00171EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•8 views

SUSE CVE-2025-68737

In the Linux kernel, the following vulnerability has been resolved: arm64/pageattr: Propagate return value from changememorycommon The rodata=on security measure requires that any code path which does vmalloc - setmemoryro/setmemoryrox must protect the linear map alias too. Therefore, if such a...

4.1CVSS6.6AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68738

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: fix null pointer deref in mt7996conftx If a link does not have an assigned channel yet, mt7996viflink returns NULL. We still need to store the updated queue settings in that case, and apply them later. Move th...

5.5CVSS6.4AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68739

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: hisi: Fix potential UAF in OPP handling Ensure all required data is acquired before calling devpmoppputopp to maintain correct resource acquisition and release order...

6.7CVSS6.6AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68740

In the Linux kernel, the following vulnerability has been resolved: ima: Handle error code returned by imafilterrulematch In imamatchrules, if imafilterrulematch returns -ENOENT due to the rule being NULL, the function incorrectly skips the 'if !rc' check and sets 'result = true'. The LSM rule is...

5.5CVSS6.7AI score0.00189EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68741

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix improper freeing of purex item In qla2xxxprocesspurlsiocb, an item is allocated via qla27xxcopymultiplepkt, which internally calls qla24xxallocpurexitem. The qla24xxallocpurexitem function may return a...

6CVSS6.5AI score0.00171EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68742

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix invalid prog-stats access when updateeffectiveprogs fails Syzkaller triggers an invalid memory access issue following fault injection in updateeffectiveprogs. The issue can be described as follows: cgroupbpfdetach...

4.1CVSS6.8AI score0.00189EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•3 views

SUSE CVE-2025-68743

In the Linux kernel, the following vulnerability has been resolved: mshv: Fix create memory region overlap check The current check is incorrect; it only checks if the beginning or end of a region is within an existing region. This doesn't account for userspace specifying a region that begins befo...

6.7CVSS6.5AI score0.00155EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68744

In the Linux kernel, the following vulnerability has been resolved: bpf: Free special fields when update lru,percpuhash maps As lru,percpuhash maps support BPFKPTRREF,PERCPU, missing calls to 'bpfobjfreefields' in 'pcpucopyvalue' could cause the memory referenced by BPFKPTRREF,PERCPU fields to be...

4.4CVSS6.5AI score0.00171EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68745

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Clear cmds after chip reset Commit aefed3e5548f "scsi: qla2xxx: target: Fix offline port handling and host reset handling" caused two problems: 1. Commands sent to FW, after chip reset got stuck and never freed as ...

4.7CVSS6.5AI score0.00158EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•2 views

SUSE CVE-2025-68746

In the Linux kernel, the following vulnerability has been resolved: spi: tegra210-quad: Fix timeout handling When the CPU that the QSPI interrupt handler runs on typically CPU 0 is excessively busy, it can lead to rare cases of the IRQ thread not running before the transfer timeout is reached...

4.7CVSS6.4AI score0.00176EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68747

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF on kernel BO VA nodes If the MMU is down, panthorvmunmaprange might return an error. We expect the page table to be updated still, and if the MMU is blocked, the rest of the GPU should be blocked too, so no...

7.8CVSS6.6AI score0.00171EPSS
Exploits0References11
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•4 views

SUSE CVE-2025-68748

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix UAF race between device unplug and FW event processing The function panthorfwunplug will free the FW memory sections. The problem is that there could still be pending FW events which are yet not handled at this...

6.4CVSS6.4AI score0.00171EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/25 12:23 a.m.•5 views

SUSE CVE-2025-68749

In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Fix race condition when unbinding BOs Fix 'Memory manager not clean during takedown' warning that occurs when ivpugembofree removes the BO from the BOs list before it gets unmapped. Then fileprivunbind triggers a...

4.7CVSS6.4AI score0.00086EPSS
Exploits0References10
Total number of security vulnerabilities59855