SUSE CVE-2024-44995

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow is as below: pf reset start | v ...... setup tc | | v v DOWN: napidisable napidisableskip |...

SUSE CVE-2024-46797

In the Linux kernel, the following vulnerability has been resolved: powerpc/qspinlock: Fix deadlock in MCS queue If an interrupt occurs in queuedspinlockslowpath after we increment qnodesp-count and before node-lock is initialized, another CPU might see stale lock values in gettailqnode. If the...

SUSE CVE-2024-47706

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq-bic with merge chain 1 initial state, three tasks: Process 1 Process 2 Process 3 BIC1 BIC2 BIC3 | ^ | ^ | ^ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 2 bfqq1 merged to bfqq...

SUSE CVE-2024-47724

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: use work queue to process beacon tx event Commit 3a415daa3e8b "wifi: ath11k: add P2P IE in beacon template" from Feb 28, 2024 linux-next, leads to the following Smatch static checker warning:...

SUSE CVE-2024-50217

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free of block device file in btrfsfreeextradevids Mounting btrfs from two images which have the same one fsid and two different devuuids in certain executing order may trigger an UAF for variable...

SUSE CVE-2024-53120

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: CT: Fix null-ptr-deref in add rule err flow In error flow of mlx5tcctentryaddrule, in case ctruleadd callback returns error, zonerule-attr is used uninitiated. Fix it to use attr which has the needed pointer value...

SUSE CVE-2024-56599

In the Linux kernel, the following vulnerability has been resolved: wifi: ath10k: avoid NULL pointer error during sdio remove When running 'rmmod ath10k', ath10ksdioremove will free sdio workqueue by destroyworkqueue. But if CONFIGINITONFREEDEFAULTON is set to yes, kernel panic will happen: Call...

SUSE CVE-2025-7345

A flaw exists in gdk-pixbuf within the gdkpixbufjpegimageloadincrement function io-jpeg.c and in glib's gbase64encodestep glib/gbase64.c. When processing maliciously crafted JPEG images, a heap buffer overflow can occur during Base64 encoding, allowing out-of-bounds reads from heap memory,...

SUSE CVE-2025-22050

In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...

SUSE CVE-2025-37749

In the Linux kernel, the following vulnerability has been resolved: net: ppp: Add bound checking for skb data on pppsynctxmung Ensure we have enough data in linear buffer from skb before accessing initial bytes. This prevents potential out-of-bounds accesses when processing short packets. When...

SUSE CVE-2025-38373

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix potential deadlock in MR deregistration The issue arises when kzalloc is invoked while holding umemmutex or any other lock acquired under umemmutex. This is problematic because kzalloc can trigger fsreclaimaqcuire,...

SUSE CVE-2025-39852

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Fix socket memory leak in TCP-AO failure handling for IPv6 When tcpaocopyallmatching fails in tcpv6synrecvsock it just exits the function. This ends up causing a memory-leak: unreferenced object 0xffff0000281a8200 size...

SUSE CVE-2025-39854

In the Linux kernel, the following vulnerability has been resolved: ice: fix NULL access of tx-inuse in icelltsintr Recent versions of the E810 firmware have support for an extra interrupt to handle report of the "low latency" Tx timestamps coming from the specialized low latency firmware...

SUSE CVE-2025-39857

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix one NULL pointer dereference in smcibissgneedsync BUG: kernel NULL pointer dereference, address: 00000000000002ec PGD 0 P4D 0 Oops: Oops: 0000 1 SMP PTI CPU: 28 UID: 0 PID: 343 Comm: kworker/28:1 Kdump: loaded Tainte...

SUSE CVE-2025-39865

In the Linux kernel, the following vulnerability has been resolved: tee: fix NULL pointer dereference in teeshmput teeshmput have NULL pointer dereference: opteedisableshmcache -- shm = regpairtoptr...;//shm maybe return NULL teeshmfreeshm; -- teeshmputshm;//crash Add check in teeshmput to fix it...

SUSE CVE-2025-59431

MapServer is a system for developing web-based GIS applications. Prior to 8.4.1, the XML Filter Query directive PropertyName is vulnerably to Boolean-based SQL injection. It seems like expression checking is bypassed by introducing double quote characters in the PropertyName. Allowing to manipula...

SUSE CVE-2023-53222

In the Linux kernel, the following vulnerability has been resolved: jfs: jfsdmap: Validate dbl2nbperpage while mounting In jfsdmap.c at line 381, BLKTODMAP is used to get a logical block number inside dbFree. dbl2nbperpage, which is the log2 number of blocks per page, is passed as an argument to...

SUSE CVE-2023-53224

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call...

SUSE CVE-2022-50234

In the Linux kernel, the following vulnerability has been resolved: iouring/afunix: defer registered files gc to iouring release Instead of putting iouring's registered files in unixgc we want it to be done by iouring itself. The trick here is to consider iouring registered files for cycle...

SUSE CVE-2023-53210

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix null-ptr-deref for r5lflushstripetoraid r5lflushstripetoraid will check if the list 'flushingios' is empty, and then submit 'flushbio', however, r5llogflushendio is clearing the list first and then clear the...

SUSE CVE-2023-53226

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix OOB and integer underflow when rx packets Make sure mwifiexprocessmgmtpacket, mwifiexprocessstarxpacket and mwifiexprocessuaprxpacket, mwifiexuapqueuebridgedpkt and mwifiexprocessrxpacket not out-of-bounds acce...

SUSE CVE-2023-53235

In the Linux kernel, the following vulnerability has been resolved: drm/tests: helpers: Avoid a driver uaf when using drmkunithelperallocdrmdevice the driver may be dereferenced by device-managed resources up until the device is freed, which is typically later than the kunit-managed resource code...

SUSE CVE-2025-21588

unknown...

SUSE CVE-2022-50384

In the Linux kernel, the following vulnerability has been resolved: staging: vmeuser: Fix possible UAF in tsi148dmalistadd Smatch report warning as follows: drivers/staging/vmeuser/vmetsi148.c:1757 tsi148dmalistadd warn: '&entry-list' not removed from list In tsi148dmalistadd, the error path "got...

SUSE CVE-2022-50395

In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrityinitkeyring. However, if keyring allocation failed, it is not freed, causing memory leaks...

SUSE CVE-2022-50403

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

SUSE CVE-2022-50404

In the Linux kernel, the following vulnerability has been resolved: fbdev: fbcon: release buffer when fbcondosetfont failed syzbot is reporting memory leak at fbcondosetfont 1, for commit a5a923038d70 "fbdev: fbcon: Properly revert changes when vcresize failed" missed that the buffer might be new...

SUSE CVE-2022-50406

In the Linux kernel, the following vulnerability has been resolved: iomap: iomap: fix memory corruption when recording errors during writeback Every now and then I see this crash on arm64: Unable to handle kernel NULL pointer dereference at virtual address 00000000000000f8 Buffer I/O error on dev...

SUSE CVE-2023-53183

This CVE ID has been rejected or withdrawn by its CVE Numbering Authority...

SUSE CVE-2023-53217

In the Linux kernel, the following vulnerability has been resolved: nubus: Partially revert proccreatesingledata conversion The conversion to proccreatesingledata introduced a regression whereby reading a file in /proc/bus/nubus results in a seg fault: grep -r . /proc/bus/nubus/e/ Data read fault...

SUSE CVE-2023-53223

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: Add missing check for allocorderedworkqueue Add check for the return value of allocorderedworkqueue as it may return NULL pointer and cause NULL pointer dereference. Patchwork:...

SUSE CVE-2023-53237

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix amdgpuirqput call trace in gmcv110hwfini The gmc.eccirq is enabled by firmware per IFWI setting, and the host driver is not privileged to enable/disable the interrupt. So, it is meaningless to use the amdgpuirqput...

SUSE CVE-2023-53303

In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap api: Fix possible memory leak for vcapduprule Inject fault When select CONFIGVCAPKUNITTEST, the below memory leak occurs. If kzalloc for duprule succeeds, but the following kmemdup fails, the duprule, ckf and...

SUSE CVE-2023-53369

In the Linux kernel, the following vulnerability has been resolved: net: dcb: choose correct policy to parse DCBATTRBCN The dcbnlbcnsetcfg uses erroneous policy to parse tbDCBATTRBCN, which is introduced in commit 859ee3c43812 "DCB: Add support for DCB BCN". Please see the comment in below code...

SUSE CVE-2023-53370

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix memory leak in mes self test The fences associated with mes queue have to be freed up during amdgpuringfini...

SUSE CVE-2023-53372

In the Linux kernel, the following vulnerability has been resolved: sctp: fix a potential overflow in sctpifwdtsnskip Currently, when traversing ifwdtsn skips with sctpwalkifwdtsn, it only checks the pos against the end of the chunk. However, the data left for the last pos may be sizeofstruct...

SUSE CVE-2023-53374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hciconn: fail SCO/ISO via hciconnfailed if ACL gone early Not calling hcidisconnectcfm before deleting conn referred to by a socket generally results to use-after-free. When cleaning up SCO connections when the parent...

SUSE CVE-2023-53375

In the Linux kernel, the following vulnerability has been resolved: tracing: Free error logs of tracing instances When a tracing instance is removed, the error messages that hold errors that occurred in the instance needs to be freed. The following reports a memory leak: cd /sys/kernel/tracing...

SUSE CVE-2023-53380

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref of mreplace in raid10syncrequest There are two check of 'mreplace' in raid10syncrequest. In the first check, 'needreplace' will be set and 'mreplace' will be used later if no-Faulty 'mreplace' exists...

SUSE CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

SUSE CVE-2023-53394

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: xsk: Fix crash on regular rq reactivation When the regular rq is reactivated after the XSK socket is closed it could be reading stale cqes which eventually corrupts the rq. This leads to no more traffic being received ...

SUSE CVE-2023-53396

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix memory leak in dorename If renaming a file in an encrypted directory, function fscryptsetupfilename allocates memory for a file name. This name is never used, and before returning to the caller the memory for it is not...

SUSE CVE-2023-53426

In the Linux kernel, the following vulnerability has been resolved: xsk: Fix xskdiag use-after-free error during socket cleanup Fix a use-after-free error that is possible if the xskdiag interface is used after the socket has been unbound from the device. This can happen either due to the socket...

SUSE CVE-2023-53430

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: dma: fix memory leak running mt76dmatxcleanup Fix device unregister memory leak and alway cleanup all configured rx queues in mt76dmatxcleanup routine...

SUSE CVE-2023-53435

In the Linux kernel, the following vulnerability has been resolved: cassini: Fix a memory leak in the error handling path of casinitone cassaturnfirmwareinit allocates some memory using vmalloc. This memory is freed in the .remove function but not it the error handling path of the probe. Add the...

SUSE CVE-2023-53441

In the Linux kernel, the following vulnerability has been resolved: bpf: cpumap: Fix memory leak in cpumapupdateelem Syzkaller reported a memory leak as follows: BUG: memory leak unreferenced object 0xff110001198ef748 size 192: comm "syz-executor.3", pid 17672, jiffies 4298118891 age 9.906s hex...

SUSE CVE-2025-4444

A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Impacted is an unknown function of the component Onion Service Descriptor Handler. Performing manipulation results in resource consumption. The attack may be initiated remotely. The attack's complexity is rated as high. The...

SUSE CVE-2025-21574

unknown...

SUSE CVE-2025-21575

unknown...

SUSE CVE-2025-21577

unknown...