Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68237

In the Linux kernel, the following vulnerability has been resolved: mtdchar: fix integer overflow in read/write ioctls The "req.start" and "req.len" variables are u64 values that come from the user at the start of the function. We mask away the high 32 bits of "req.len" so that's capped at U32MAX...

5.5CVSS6.8AI score0.00156EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68238

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: cadence: fix DMA device NULL pointer dereference The DMA device pointer dmadev was being dereferenced before ensuring that cdnsctrl-dmac is properly initialized. Move the assignment of dmadev after successfully...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68239

In the Linux kernel, the following vulnerability has been resolved: binfmtmisc: restore write access before closing files opened by openexec bmregisterwrite opens an executable file using openexec, which internally calls doopenexecat and denies write access on the file to avoid modification while...

5.5CVSS6.5AI score0.00164EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•6 views

SUSE CVE-2025-68240

In the Linux kernel, the following vulnerability has been resolved: nilfs2: avoid having an active sctimer before freeing sci Because kthreadstop did not stop sctask properly and returned -EINTR, the sctimer was not properly closed, ultimately causing the problem 1 reported by syzbot when freeing...

6.5AI score0.00155EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•11 views

SUSE CVE-2025-68241

In the Linux kernel, the following vulnerability has been resolved: ipv4: route: Prevent rtbindexception from rebinding stale fnhe The sit driver's packet transmission path calls: sittunnelxmit - updateorcreatefnhe, which lead to fnheremoveoldest being called to delete entries exceeding...

5.5CVSS6.2AI score0.00165EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68242

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix LTP test failures when timestamps are delegated The utimes01 and utime06 tests fail when delegated timestamps are enabled, specifically in subtests that modify the atime and mtime fields using the 'nobody' user ID. The...

5.5CVSS6.5AI score0.00155EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68243

In the Linux kernel, the following vulnerability has been resolved: NFS: Check the TLS certificate fields in nfsmatchclient If the TLS security policy is of type RPCXPRTSECTLSX509, then the certserial and privkeyserial fields need to match as well since they define the client's identity, as...

6.5AI score0.00096EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68244

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Avoid lock inversion when pinning to GGTT on CHV/BXT+VTD On completion of i915vmapinww, a synchronous variant of dmafenceworkcommit is called. When pinning a VMA to GGTT address space on a Cherry View family processor, ...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68245

In the Linux kernel, the following vulnerability has been resolved: net: netpoll: fix incorrect refcount handling causing incorrect cleanup commit efa95b01da18 "netpoll: fix use after free" incorrectly ignored the refcount and prematurely set dev-npinfo to NULL during netpoll cleanup, leading to...

5.5CVSS6.4AI score0.00168EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68246

In the Linux kernel, the following vulnerability has been resolved: ksmbd: close accepted socket when per-IP limit rejects connection When the per-IP connection limit is exceeded in ksmbdkthreadfn, the code sets ret = -EAGAIN and continues the accept loop without closing the just-accepted socket...

6.7AI score0.00156EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68247

In the Linux kernel, the following vulnerability has been resolved: posix-timers: Plug potential memory leak in dotimercreate When posix timer creation is set to allocate a given timer ID and the access to the user space value faults, the function terminates without freeing the already allocated...

6.4AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68248

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

6.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68249

In the Linux kernel, the following vulnerability has been resolved: most: usb: hdmprobe: Fix calling putdevice before device initialization The early error path in hdmprobe can jump to errfreemdev before &mdev-dev has been initialized with deviceinitialize. Calling putdevice&mdev-dev there trigge...

5.5CVSS6.4AI score0.00176EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68250

In the Linux kernel, the following vulnerability has been resolved: hungtask: fix warnings caused by unaligned lock pointers The blocker tracking mechanism assumes that lock pointers are at least 4-byte aligned to use their lower bits for type encoding. However, as reported by Eero Tamminen, some...

6.4AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68251

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid infinite loops due to corrupted subpage compact indexes Robert reported an infinite loop observed by two crafted images. The root cause is that clusterofs can be larger than lclustersize for !NONHEAD lclusters in...

6.5AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68252

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix dmabuf object leak in fastrpcmaplookup In fastrpcmaplookup, dmabufget is called to obtain a reference to the dmabuf for comparison purposes. However, this reference is never released when the function returns,...

5.5CVSS6.4AI score0.00171EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68253

In the Linux kernel, the following vulnerability has been resolved: mm: don't spin in addstackrecord when gfp flags don't allow syzbot was able to find the following path: addstackrecordtolist mm/pageowner.c:182 inline incstackrecordcount mm/pageowner.c:214 inline setpageowner+0x2c3/0x4a0...

6.5AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68254

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in OnBeacon ESR IE parsing The Extended Supported Rates ESR IE handling in OnBeacon accessed p + 1 + ielen and p + 2 + ielen without verifying that these offsets lie within the received...

5.5CVSS6.5AI score0.00176EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•6 views

SUSE CVE-2025-68255

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix stack buffer overflow in OnAssocReq IE parsing The Supported Rates IE length from an incoming Association Request frame was used directly as the memcpy length when copying into a fixed-size 16-byte stack...

6.3CVSS7AI score0.00198EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68256

In the Linux kernel, the following vulnerability has been resolved: staging: rtl8723bs: fix out-of-bounds read in rtwgetie parser The Information Element IE parser rtwgetie trusted the length byte of each IE without validating that the IE body len bytes after the 2-byte header fits inside the...

5.5CVSS6.7AI score0.00176EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68257

In the Linux kernel, the following vulnerability has been resolved: comedi: check device's attached status in compat ioctls Syzbot identified an issue 1 that crashes kernel, seemingly due to unexistent callback dev-getvalidroutes. By all means, this should not occur as said callback must always b...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68258

In the Linux kernel, the following vulnerability has been resolved: comedi: multiq3: sanitize config options in multiq3attach Syzbot identified an issue 1 in multiq3attach that induces a task timeout due to open or COMEDIDEVCONFIG ioctl operations, specifically, in the case of multiq3 driver. Thi...

5.5CVSS6.4AI score0.0018EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•10 views

SUSE CVE-2025-68259

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Don't skip unrelated instruction if INT3/INTO is replaced When re-injecting a soft interrupt from an INT3, INT0, or select INTn instruction, discard the exception and retry the instruction if the code stream is changed...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68260

In the Linux kernel, the following vulnerability has been resolved: rustbinder: fix race condition on deathlist Rust Binder contains the following unsafe operation: // SAFETY: A NodeDeath is never inserted into the death list // of any node other than its owner, so it is either in this // death...

5.5CVSS6.3AI score0.00185EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•5 views

SUSE CVE-2025-68261

In the Linux kernel, the following vulnerability has been resolved: ext4: add idatasem protection in ext4destroyinlinedatanolock Fix a race between inline data destruction and block mapping. The function ext4destroyinlinedatanolock changes the inode data layout by clearing EXT4INODEINLINEDATA and...

5.5CVSS6.5AI score0.0018EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68262

In the Linux kernel, the following vulnerability has been resolved: crypto: zstd - fix double-free in per-CPU stream cleanup The crypto/zstd module has a double-free bug that occurs when multiple tfms are allocated and freed. The issue happens because zstdstreams per-CPU contexts are freed in...

5.5CVSS6.6AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•3 views

SUSE CVE-2025-68263

In the Linux kernel, the following vulnerability has been resolved: ksmbd: ipc: fix use-after-free in ipcmsgsendrequest ipcmsgsendrequest waits for a generic netlink reply using an ipcmsgtableentry on the stack. The generic netlink handler handlegenericevent/handleresponse fills entry-response...

5.8CVSS6.4AI score0.00378EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68264

In the Linux kernel, the following vulnerability has been resolved: ext4: refresh inline data size before write operations The cached ei-iinlinesize can become stale between the initial size check and when ext4updateinlinedata/ext4createinlinedata use it. Although ext4getmaxinlinesize reads the...

6.3CVSS6.4AI score0.0018EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•22 views

SUSE CVE-2025-68265

In the Linux kernel, the following vulnerability has been resolved: nvme: fix admin requestqueue lifetime The namespaces can access the controller's admin requestqueue, and stale references on the namespaces may exist after tearing down the controller. Ensure the admin requestqueue is active by...

5.8CVSS6.5AI score0.00178EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/17 12:24 a.m.•4 views

SUSE CVE-2025-68266

In the Linux kernel, the following vulnerability has been resolved: bfs: Reconstruct file type when loading from disk syzbot is reporting that SIFMT bits of inode-imode can become bogus when the SIFMT bits of the 32bits "mode" field loaded from disk are corrupted or when the 32bits "attributes"...

6.5AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•2 views

SUSE CVE-2025-68281

In the Linux kernel, the following vulnerability has been resolved: ASoC: SDCA: bug fix while parsing mipi-sdca-control-cn-list "struct sdcacontrol" declares "values" field as integer array. But the memory allocated to it is of char array. This causes crash for sdcaparsefunction API. This patch...

6.5AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•8 views

SUSE CVE-2025-68309

In the Linux kernel, the following vulnerability has been resolved: PCI/AER: Fix NULL pointer access by aerinfo The kzallocGFPKERNEL may return NULL, so all accesses to aerinfo-xxx will result in kernel panic. Fix it...

6.4AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•3 views

SUSE CVE-2025-68310

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Avoid deadlock between PCI error recovery and mlx5 crdump Do not block PCI config accesses through pcicfgaccesslock when executing the s390 variant of PCI error recovery: Acquire just devicelock instead of pcidevlock as...

5.8CVSS6.5AI score0.0016EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•3 views

SUSE CVE-2025-68311

In the Linux kernel, the following vulnerability has been resolved: tty: serial: ip22zilog: Use platform device for probing After commit 84a9582fd203 "serial: core: Start managing serial controllers to enable runtime PM" serial drivers need to provide a device in struct uartport.dev otherwise an...

5.5CVSS6.5AI score0.00155EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•5 views

SUSE CVE-2025-68312

In the Linux kernel, the following vulnerability has been resolved: usbnet: Prevents free active kevent The root cause of this issue are: 1. When probing the usbnet device, executing usbnetlinkchangedev, 0, 0; put the kevent work in global workqueue. However, the kevent has not yet been scheduled...

5.5CVSS6.5AI score0.00165EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•2 views

SUSE CVE-2025-68313

In the Linux kernel, the following vulnerability has been resolved: x86/CPU/AMD: Add RDSEED fix for Zen5 There's an issue with RDSEED's 16-bit and 32-bit register output variants on Zen5 which return a random value of 0 "at a rate inconsistent with randomness while incorrectly signaling success...

6.1CVSS6.5AI score0.00155EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•5 views

SUSE CVE-2025-68314

In the Linux kernel, the following vulnerability has been resolved: drm/msm: make sure lastfence is always updated Update lastfence in the vm-bind path instead of kernel managed path. lastfence is used to wait for work to finish in vmbind contexts but not used for kernel managed contexts. This...

6.4AI score0.00145EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•4 views

SUSE CVE-2025-68315

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to detect potential corrupted nid in freenidlist As reported, on-disk footer.ino and footer.nid is the same and out-of-range, let's add sanity check on f2fsallocnid to detect any potential corruption in freenidlist...

6.6AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•5 views

SUSE CVE-2025-68316

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix invalid probe error return value After DME Link Startup, the error return value is set to the MIPI UniPro GenericErrorCode which can be 0 SUCCESS or 1 FAILURE. Upon failure during driver probe, the error code...

6.6AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•3 views

SUSE CVE-2025-68317

In the Linux kernel, the following vulnerability has been resolved: iouring/zctx: check chained notif contexts Send zc only links ubufinfo for requests coming from the same context. There are some ambiguous syz reports, so let's check the assumption on notification completion...

3.3CVSS6.5AI score0.00169EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•4 views

SUSE CVE-2025-68318

In the Linux kernel, the following vulnerability has been resolved: clk: thead: th1520-ap: set all AXI clocks to CLKISCRITICAL The AXI crossbar of TH1520 has no proper timeout handling, which means gating AXI clocks can easily lead to bus timeout and thus system hang. Set all AXI clock gates to...

6.6AI score0.00158EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•3 views

SUSE CVE-2025-68319

In the Linux kernel, the following vulnerability has been resolved: netconsole: Acquire sumutex before navigating configs hierarchy There is a race between operations that iterate over the userdata cgchildren list and concurrent add/remove of userdata items through configfs. The updateuserdata...

6.3AI score0.00148EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•5 views

SUSE CVE-2025-68320

In the Linux kernel, the following vulnerability has been resolved: lan966x: Fix sleeping in atomic context The following warning was seen when we try to connect using ssh to the device. BUG: sleeping function called from invalid context at kernel/locking/mutex.c:575 inatomic: 1, irqsdisabled: 0,...

5.5CVSS6.5AI score0.00171EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•3 views

SUSE CVE-2025-68321

In the Linux kernel, the following vulnerability has been resolved: pagepool: always add GFPNOWARN for ATOMIC allocations Driver authors often forget to add GFPNOWARN for page allocation from the datapath. This is annoying to users as OOMs are a fact of life, and we pretty much expect network Rx ...

6.5AI score0.00176EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/17 12:23 a.m.•4 views

SUSE CVE-2025-68322

In the Linux kernel, the following vulnerability has been resolved: parisc: Avoid crash due to unaligned access in unwinder Guenter Roeck reported this kernel crash on his emulated B160L machine: Starting network: udhcpc: started, v1.36.1 Backtrace: unwindonce+0x1c/0x5c...

6.3AI score0.00169EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/16 12:29 a.m.•6 views

SUSE CVE-2025-12084

When building nested elements using xml.dom.minidom methods such as appendChild that have a dependency on clearidcache the algorithm is quadratic. Availability can be impacted when building excessively nested documents...

4.3CVSS7AI score0.00708EPSS
Exploits0References36
SUSE CVE
SUSE CVE
•added 2025/12/16 12:29 a.m.•3 views

SUSE CVE-2025-13870

Mattermost versions 10.11.x = 10.11.4, 10.5.x = 10.5.12 fail to validate the user permission when accessing the files and subscribing to the block in Boards, which allows an authenticated user to access other board files and was able to subscribe to the block from other boards that the user does...

4.3CVSS6.8AI score0.00193EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:24 a.m.•4 views

SUSE CVE-2025-40218

In the Linux kernel, the following vulnerability has been resolved: mm/damon/vaddr: do not repeat pteoffsetmaplock until success DAMON's virtual address space operation set implementation vaddr calls pteoffsetmaplock inside the page table walk callback function. This is for reading and writing pa...

5.5CVSS6.3AI score0.00162EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•4 views

SUSE CVE-2025-64443

MCP Gateway allows easy and secure running and deployment of MCP servers. In versions 0.27.0 and earlier, when MCP Gateway runs in sse or streaming transport mode, it is vulnerable to DNS rebinding. An attacker who can get a victim to visit a malicious website or be served a malicious advertiseme...

9.6CVSS6.9AI score0.00388EPSS
Exploits0References2
SUSE CVE
SUSE CVE
•added 2025/12/16 12:23 a.m.•5 views

SUSE CVE-2025-64750

SingularityCE and SingularityPRO are open source container platforms. Prior to SingularityCE 4.3.5 and SingularityPRO 4.1.11 and 4.3.5, if a user relies on LSM restrictions to prevent malicious operations then, under certain circumstances, an attacker can redirect the LSM label write operation so...

4.5CVSS6.7AI score0.00137EPSS
Exploits0References2
Total number of security vulnerabilities59855