Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53744

In the Linux kernel, the following vulnerability has been resolved: soc: ti: pm33xx: Fix refcount leak in am33xxpmprobe wkupm3ipcget takes refcount, which should be freed by wkupm3ipcput. Add missing refcount release in the error paths...

5.5CVSS6.5AI score0.00179EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53745

In the Linux kernel, the following vulnerability has been resolved: um: vector: Fix memory leak in vectorconfig If the return value of the umlparsevectorifspec function is NULL, we should call kfreeparams to prevent memory leak...

6.5AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•5 views

SUSE CVE-2023-53746

In the Linux kernel, the following vulnerability has been resolved: s390/vfio-ap: fix memory leak in vfioap device driver The device release callback function invoked to release the matrix device uses the devgetdrvdatadevice dev function to retrieve the pointer to the vfiomatrixdev object in orde...

5.5CVSS6.3AI score0.00167EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•10 views

SUSE CVE-2023-53747

In the Linux kernel, the following vulnerability has been resolved: vcscreen: reload load of struct vcdata pointer in vcswrite to avoid UAF After a call to consoleunlock in vcswrite the vcdata struct can be freed by vcportdestruct. Because of that, the struct vcdata pointer must be reloaded in th...

4.1CVSS6.1AI score0.00171EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•5 views

SUSE CVE-2023-53748

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Fix potential array out-of-bounds in decoder queuesetup variable nplanes is provided by user via system call argument. The possible value of qdata-fmt-numplanes is 1-3, while the value of nplanes can be...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•8 views

SUSE CVE-2023-53749

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

6.1AI score0.00024EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•3 views

SUSE CVE-2023-53750

In the Linux kernel, the following vulnerability has been resolved: pinctrl: freescale: Fix a memory out of bounds when numconfigs is 1 The config passed in by pad wakeup is 1, when numconfigs is 1, Configuration 1 should not be fetched, which will be detected by KASAN as a memory out of bounds...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•6 views

SUSE CVE-2023-53751

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential use-after-free bugs in TCPServerInfo::hostname TCPServerInfo::hostname may be updated once or many times during reconnect, so protect its access outside reconnect path as well and then prevent any potential...

5.5CVSS6.6AI score0.00162EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53752

In the Linux kernel, the following vulnerability has been resolved: net: deal with integer overflows in kmallocreserve Blamed commit changed: ptr = kmallocsize; if ptr size = ksizeptr; size = kmallocsizeroundupsize; ptr = kmallocsize; This allowed various crash as reported by syzbot 1 and Kyle...

5.5CVSS6.4AI score0.00162EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•2 views

SUSE CVE-2023-53753

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix mapping to non-allocated address Why There is an issue mapping non-allocated location of memory. It would allocate gpio registers from an array out of bounds. How Patch correct numbers of bounds for using...

5.5CVSS6.5AI score0.00161EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53754

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix ioremap issues in lpfcsli4pcimemsetup When iftype equals zero and pciresourcestartpdev, PCI64BITBAR4 returns false, drblregsmemmapp is not remapped. This passes a NULL pointer to iounmap, which can trigger a WARN ...

5.5CVSS6.5AI score0.00167EPSS
Exploits0References8
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53755

In the Linux kernel, the following vulnerability has been resolved: dmaengine: ptdma: check for null desc before calling ptcmdcallback Resolves a panic that can occur on AMD systems, typically during host shutdown, after the PTDMA driver had been exercised. The issue was the ptissuepending functi...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53756

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Fix crash due to uninitialized currentvmcs KVM enables 'Enlightened VMCS' and 'Enlightened MSR Bitmap' when running as a nested hypervisor on top of Hyper-V. When MSR bitmap is updated, evmcstouchmsrbitmap function uses...

5.1CVSS6.4AI score0.00166EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•6 views

SUSE CVE-2023-53757

In the Linux kernel, the following vulnerability has been resolved: irqchip/irq-mvebu-gicp: Fix refcount leak in mvebugicpprobe ofirqfindparent returns a node pointer with refcount incremented, We should use ofnodeput on it when not needed anymore. Add missing ofnodeput to avoid refcount leak...

6.4AI score0.00171EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•7 views

SUSE CVE-2023-53758

In the Linux kernel, the following vulnerability has been resolved: spi: atmel-quadspi: Free resources even if runtime resume failed in .remove An early error exit in atmelqspiremove doesn't prevent the device unbind. So this results in an spi controller with an unbound parent and unmapped regist...

6.5AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53759

In the Linux kernel, the following vulnerability has been resolved: HID: hidraw: fix data race on device refcount The hidrawopen function increments the hidraw device reference counter. The counter has no dedicated synchronization mechanism, resulting in a potential data race when concurrently...

4.1CVSS6.4AI score0.00162EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•5 views

SUSE CVE-2023-53760

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: mcq: Fix &hwq-cqlock deadlock issue When ufshcderrhandler is executed, CQ event interrupt can enter waiting for the same lock. This can happen in ufshcdhandlemcqcqevents and also in ufsmtkmcqintr. The following...

5.5CVSS6.4AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•15 views

SUSE CVE-2023-53761

In the Linux kernel, the following vulnerability has been resolved: USB: usbtmc: Fix direction for 0-length ioctl control messages The syzbot fuzzer found a problem in the usbtmc driver: When a user submits an ioctl for a 0-length control transfer, the driver does not check that the direction is...

7CVSS6.4AI score0.00167EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53762

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Fix UAF in hcidisconnectallsync Use-after-free can occur in hcidisconnectallsync if a connection is deleted by concurrent processing of a controller event. To prevent this the code now tries to iterate over th...

5.5CVSS6.6AI score0.00161EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•4 views

SUSE CVE-2023-53763

In the Linux kernel, the following vulnerability has been resolved: Revert "f2fs: fix to do sanity check on extent cache correctly" syzbot reports a f2fs bug as below: UBSAN: array-index-out-of-bounds in fs/f2fs/f2fs.h:3275:19 index 1409 is out of range for type 'le32923' aka 'unsigned int923' Ca...

6.5AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:29 a.m.•7 views

SUSE CVE-2023-53764

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Handle lock during peerid find ath12kpeerfindbyid requires that the caller hold the ab-baselock. Currently the WBM error path does not hold the lock and calling that function, leads to the following lockdepassertin...

5.5CVSS6.3AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:28 a.m.•6 views

SUSE CVE-2023-53765

In the Linux kernel, the following vulnerability has been resolved: dm cache: free background tracker's queued work in btrackerdestroy Otherwise the kernel can BUG with: 2245.426978 ============================================================================= 2245.435155 BUG btwork Tainted: G B W...

5.5CVSS6.4AI score0.00161EPSS
Exploits0References4
SUSE CVE
SUSE CVE
•added 2025/12/09 12:28 a.m.•5 views

SUSE CVE-2023-53766

In the Linux kernel, the following vulnerability has been resolved: FS: JFS: Check for read-only mounted filesystem in txBegin This patch adds a check for read-only mounted filesystem in txBegin before starting a transaction potentially saving from NULL pointer deref...

7CVSS6.5AI score0.00171EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/09 12:28 a.m.•7 views

SUSE CVE-2023-53767

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix memory leak in ath12kqmidrivereventwork Currently the buffer pointed by event is not freed in case ATH12KFLAGUNREGISTERING bit is set, this causes memory leak. Add a goto skip instead of return, to ensure event...

5.5CVSS6.4AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:28 a.m.•3 views

SUSE CVE-2023-53768

In the Linux kernel, the following vulnerability has been resolved: regmap-irq: Fix out-of-bounds access when allocating config buffers When allocating the 2D array for handling IRQ type registers in regmapaddirqchipfwnode, the intent is to allocate a matrix with numconfigbases rows and...

5.5CVSS6.5AI score0.00164EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:28 a.m.•3 views

SUSE CVE-2023-53769

In the Linux kernel, the following vulnerability has been resolved: virt/coco/sev-guest: Double-buffer messages The encryption algorithms read and write directly to shared unencrypted memory, which may leak information as well as permit the host to tamper with the message integrity. Instead, copy...

5.5CVSS6.2AI score0.00108EPSS
Exploits0References5
SUSE CVE
SUSE CVE
•added 2025/12/09 12:26 a.m.•5 views

SUSE CVE-2025-13654

A stack buffer overflow vulnerability exists in the bufferget function of duc, a disk management tool, where a condition can evaluate to true due to underflow, allowing an out-of-bounds read...

7.5CVSS8.1AI score0.00851EPSS
Exploits1References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40290

In the Linux kernel, the following vulnerability has been resolved: xsk: avoid data corruption on cq descriptor number Since commit 30f241fcf52a "xsk: Fix immature cq descriptor production", the descriptor number is stored in skb control block and xskcqsubmitaddrlocked relies on it to put the ume...

6AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•8 views

SUSE CVE-2025-40291

In the Linux kernel, the following vulnerability has been resolved: iouring: fix regbuf vector size truncation There is a report of ioestimatebvecsize truncating the calculated number of segments that leads to corruption issues. Check it doesn't overflow "int"s used later. Rough but simple, can b...

6.4AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40292

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix received length check in big packets Since commit 4959aebba8c0 "virtio-net: use mtu size as buffer length for big packets", when guest gso is off, the allocated size for big packets is not MAXSKBFRAGS PAGESIZE...

6CVSS6.3AI score0.00174EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40293

In the Linux kernel, the following vulnerability has been resolved: iommufd: Don't overflow during division for dirty tracking If pgshift is 63 then BITSPERTYPEbitmap-bitmap pgsize will overflow to 0 and this triggers divide by 0. In this case the index should just be 0, so reorganize things to...

4.4CVSS6.5AI score0.00174EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•3 views

SUSE CVE-2025-40294

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: Fix OOB access in parseadvmonitorpattern In the parseadvmonitorpattern function, the value of the 'length' variable is currently limited to HCIMAXEXTADLENGTH251. The size of the 'value' array in the mgmtadvpatter...

4.4CVSS6.2AI score0.00174EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•6 views

SUSE CVE-2025-40295

In the Linux kernel, the following vulnerability has been resolved: fscrypt: fix left shift underflow when inode-iblkbits PAGESHIFT When simulating an nvme device on qemu with both logicalblocksize and physicalblocksize set to 8 KiB, an error trace appears during partition table reading at boot...

6.2AI score0.00179EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40296

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Fix double free of GPIO device during unregister regulatorunregister already frees the associated GPIO device. On ThinkPad X9 Lunar Lake, this causes a double free issue that leads to random failures when...

6.4AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40297

In the Linux kernel, the following vulnerability has been resolved: net: bridge: fix use-after-free due to MST port state bypass syzbot reported1 a use-after-free when deleting an expired fdb. It is due to a race condition between learning still happening and a port being deleted, after all its...

7CVSS6.2AI score0.00183EPSS
Exploits0References131
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•3 views

SUSE CVE-2025-40298

In the Linux kernel, the following vulnerability has been resolved: gve: Implement settime64 with -EOPNOTSUPP ptpclocksettime assumes every ptpclock has implemented settime64. Stub it with -EOPNOTSUPP to prevent a NULL dereference...

6.4AI score0.00161EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•3 views

SUSE CVE-2025-40299

In the Linux kernel, the following vulnerability has been resolved: gve: Implement gettimex64 with -EOPNOTSUPP gve implemented a ptpclock for sole use of doauxwork at this time. ptpclockgettime and ptpsysoffset assume every ptpclock has implemented either gettimex64 or gettime64. Stub gettimex64...

6.3AI score0.00162EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40301

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcievent: validate skb length for unknown CC opcode In hcicmdcompleteevt, if the command complete event has an unknown opcode, we assume the first byte of the remaining skb-data contains the return status. However,...

4.4CVSS6.4AI score0.00162EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•7 views

SUSE CVE-2025-40302

In the Linux kernel, the following vulnerability has been resolved: media: videobuf2: forbid removebufs when legacy fileio is active vb2ioctlremovebufs call manipulates queue internal buffer list, potentially overwriting some pointers used by the legacy fileio access mode. Forbid that ioctl when...

6.3CVSS6.5AI score0.00161EPSS
Exploits0References10
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40303

In the Linux kernel, the following vulnerability has been resolved: btrfs: ensure no dirty metadata is written back for an fs with errors BUG During development of a minor feature make sure all btrfsbio::endio is called in task context, I noticed a crash in generic/388, where metadata writes...

5.3CVSS6.3AI score0.00162EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40304

In the Linux kernel, the following vulnerability has been resolved: fbdev: Add bounds checking in bitputcs to fix vmalloc-out-of-bounds Add bounds checking to prevent writes past framebuffer boundaries when rendering text near screen edges. Return early if the Y position is off-screen and clip...

5.5CVSS6.4AI score0.00171EPSS
Exploits0References26
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40305

In the Linux kernel, the following vulnerability has been resolved: 9p/transfd: p9fdrequest: kick rx thread if EPOLLIN p9readwork doesn't set Rworksched and doesn't do scheduleworkm-rq if listempty&m-reqlist. However, if the pipe is full, we need to read more data and this used to work prior to...

6.2AI score0.0015EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40306

In the Linux kernel, the following vulnerability has been resolved: orangefs: fix xattr related buffer overflow... Willy Tarreau forwarded me a message from Disclosure with the following warning: The helper xattrkey uses the pointer variable in the loop condition rather than dereferencing it. As...

5.5CVSS6.2AI score0.00189EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•9 views

SUSE CVE-2025-40307

In the Linux kernel, the following vulnerability has been resolved: exfat: validate cluster allocation bits of the allocation bitmap syzbot created an exfat image with cluster bits not set for the allocation bitmap. exfat-fs reads and uses the allocation bitmap without checking this. The problem ...

5.5CVSS6.2AI score0.00164EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40308

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: bcsp: receive data only if registered Currently, bcsprecv can be called even when the BCSP protocol has not been registered. This leads to a NULL pointer dereference, as shown in the following stack trace: KASAN:...

5.5CVSS6.2AI score0.00171EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•3 views

SUSE CVE-2025-40309

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on scoconnfree BUG: KASAN: slab-use-after-free in scoconnfree net/bluetooth/sco.c:87 inline BUG: KASAN: slab-use-after-free in krefput include/linux/kref.h:65 inline BUG: KASAN: slab-use-after-free in...

7CVSS6.2AI score0.0015EPSS
Exploits0References80
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•3 views

SUSE CVE-2025-40310

In the Linux kernel, the following vulnerability has been resolved: amd/amdkfd: resolve a race in amdgpuamdkfddevicefinisw There is race in amdgpuamdkfddevicefinisw and interrupt. if amdgpuamdkfddevicefinisw run in b/w kfdcleanupnodes and kfreekfd, and KGD interrupt generated. kernel panic log:...

5.5CVSS6AI score0.00162EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•8 views

SUSE CVE-2025-40311

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: support mapping cb with vmalloc-backed coherent memory When IOMMU is enabled, dmaalloccoherent with GFPUSER may return addresses from the vmalloc range. If such an address is mapped without VMMIXEDMAP,...

3.3CVSS6.2AI score0.00162EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•4 views

SUSE CVE-2025-40312

In the Linux kernel, the following vulnerability has been resolved: jfs: Verify inode mode when loading from disk The inode mode loaded from corrupted disk can be invalid. Do like what commit 0a9e74051313 "isofs: Verify inode mode when loading from disk" does...

5.5CVSS6.3AI score0.00171EPSS
Exploits0References17
SUSE CVE
SUSE CVE
•added 2025/12/09 12:24 a.m.•5 views

SUSE CVE-2025-40313

In the Linux kernel, the following vulnerability has been resolved: ntfs3: pretend $Extend records as regular files Since commit af153bb63a33 "vfs: catch invalid modes in mayopen" requires any inode be one of SIFDIR/SIFLNK/SIFREG/SIFCHR/SIFBLK/ SIFIFO/SIFSOCK type, use SIFREG for $Extend records...

6.3AI score0.00167EPSS
Exploits0References3
Total number of security vulnerabilities59855