SUSE CVE-2023-53440

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix sysfs interface lifetime The current nilfs2 sysfs support has issues with the timing of creation and deletion of sysfs entries, potentially leading to null pointer dereferences, use-after-free, and lockdep warnings...

SUSE CVE-2023-53442

In the Linux kernel, the following vulnerability has been resolved: ice: Block switchdev mode when ADQ is active and vice versa ADQ and switchdev are not supported simultaneously. Enabling both at the same time can result in nullptr dereference. To prevent this, check if ADQ is active when changi...

SUSE CVE-2023-53443

In the Linux kernel, the following vulnerability has been resolved: mfd: arizona: Use pmruntimeresumeandget to prevent refcnt leak In arizonaclk32kenable, we should use pmruntimeresumeandget as pmruntimegetsync will increase the refcnt even when it returns an error...

SUSE CVE-2023-53444

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix bulkmove corruption when adding a entry When the resource is the first in the bulkmove range, adding it again thus moving it to the tail will corrupt the list since the first pointer is not moved. This eventually lea...

SUSE CVE-2023-53445

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Fix a refcount bug in qrtrrecvmsg Syzbot reported a bug as following: refcountt: addition on 0; use-after-free. ... RIP: 0010:refcountwarnsaturate+0x17c/0x1f0 lib/refcount.c:25 ... Call Trace: refcountadd...

SUSE CVE-2023-53446

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free Struct pcielinkstate-downstream is a pointer to the pcidev of function 0. Previously we retained that pointer when removing function 0, and subsequent ASPM...

SUSE CVE-2023-53447

In the Linux kernel, the following vulnerability has been resolved: f2fs: don't reset unchangable mount option in f2fsremount syzbot reports a bug as below: general protection fault, probably for non-canonical address 0xdffffc0000000009: 0000 1 PREEMPT SMP KASAN RIP: 0010:lockacquire+0x69/0x2000...

SUSE CVE-2025-7445

Kubernetes secrets-store-sync-controller in versions before 0.0.2 discloses service account tokens in logs...

SUSE CVE-2025-8396

Insufficiently specific bounds checking on authorization header could lead to denial of service in the Temporal server on all platforms due to excessive memory allocation.This issue affects all platforms and versions of OSS Server prior to 1.26.3, 1.27.3, and 1.28.1 i.e., fixed in 1.26.3, 1.27.3,...

SUSE CVE-2025-9072

Mattermost versions 10.10.x = 10.10.1, 10.5.x = 10.5.9, 10.9.x = 10.9.4 fail to validate the redirectto parameter, allowing an attacker to craft a malicious link that, once a user authenticates with their SAML provider, could post the user's cookies to an attacker-controlled URL...

SUSE CVE-2025-9076

Mattermost versions 10.10.x = 10.10.1 fail to properly sanitize user data during shared channel membership synchronization, which allows malicious or compromised remote clusters to access sensitive user information via unsanitized user objects. This vulnerability affects Mattermost Server instanc...

SUSE CVE-2025-9078

Mattermost versions 10.8.x = 10.8.3, 10.5.x = 10.5.8, 9.11.x = 9.11.17, 10.10.x = 10.10.1, 10.9.x = 10.9.3 fail to properly validate cache keys for link metadata which allows authenticated users to access unauthorized posts and poison link previews via hash collision attacks on FNV-1 hashing...

SUSE CVE-2025-9084

Mattermost versions 10.5.x = 10.5.9 fail to properly validate redirect URLs which allows attackers to redirect users to malicious sites via crafted OAuth login URLs...

SUSE CVE-2025-10500

Use after free in Dawn in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2025-10501

Use after free in WebRTC in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2025-10502

Heap buffer overflow in ANGLE in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via malicious network traffic. Chromium security severity: High...

SUSE CVE-2025-10585

Type confusion in V8 in Google Chrome prior to 140.0.7339.185 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity: High...

SUSE CVE-2025-30187

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...

SUSE CVE-2025-39806

In the Linux kernel, the following vulnerability has been resolved: HID: multitouch: fix slab out-of-bounds access in mtreportfixup A malicious HID device can trigger a slab out-of-bounds during mtreportfixup by passing in report descriptor smaller than 607 bytes. mtreportfixup attempts to patch...

SUSE CVE-2025-58767

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

SUSE CVE-2022-50239

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix writes in read-only memory region This commit fixes a kernel oops because of a write in some read-only memory: 9.068287 Unable to handle kernel write to read-only memory at virtual address ffff800009240ad8...

SUSE CVE-2022-50243

In the Linux kernel, the following vulnerability has been resolved: sctp: handle the error returned from sctpauthasocinitactivekey When it returns an error from sctpauthasocinitactivekey, the activekey is actually not updated. The old shkey will be freeed while it's still used as active key in...

SUSE CVE-2022-50248

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix double free on tx path. We see kernel crashes and lockups and KASAN errors related to ax210 firmware crashes. One of the KASAN dumps pointed at the tx path, and it appears there is indeed a way to...

SUSE CVE-2022-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: make sure skb-len != 0 when redirecting to a tunneling device syzkaller managed to trigger another case where skb-len == 0 when we enter devqueuexmit: WARNING: CPU: 0 PID: 2470 at include/linux/skbuff.h:2576 skbassertlen...

SUSE CVE-2022-50255

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix reading strings from synthetic events The follow commands caused a crash: cd /sys/kernel/tracing echo 's:open char file' dynamicevents echo 'hist:keys=commonpid:file=filename:onchange$file.traceopen,$file'...

SUSE CVE-2022-50256

In the Linux kernel, the following vulnerability has been resolved: drm/meson: remove drm bridges at aggregate driver unbind time drm bridges added by mesonencoderhdmiinit and mesonencodercvbsinit were not manually removed at module unload time, which caused dangling references to freed memory to...

SUSE CVE-2022-50258

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmfcpreinitdcmds This patch fixes a stack-out-of-bounds read in brcmfmac that occurs when 'buf' that is not null-terminated is passed as an argument of strsep in...

SUSE CVE-2022-50260

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Make .remove and .shutdown HW shutdown consistent Drivers' .remove and .shutdown callbacks are executed on different code paths. The former is called when a device is removed from the bus, while the latter is called at...

SUSE CVE-2022-50303

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix double release compute pasid If kfdprocessdeviceinitvm returns failure after vm is converted to compute vm and vm-pasid set to compute pasid, KFD will not take pdd-drmfile reference. As a result, drm close file...

SUSE CVE-2022-50333

In the Linux kernel, the following vulnerability has been resolved: fs: jfs: fix shift-out-of-bounds in dbDiscardAG This should be applied to most URSAN bugs found recently by syzbot, by guarding the dbMount. As syzbot feeding rubbish into the bmap descriptor...

SUSE CVE-2022-50343

In the Linux kernel, the following vulnerability has been resolved: rapidio: fix possible name leaks when rioadddevice fails Patch series "rapidio: fix three possible memory leaks". This patchset fixes three name leaks in error handling. - patch 1 fixes two name leaks while rioadddevice fails. -...

SUSE CVE-2022-50351

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix xid leak in cifscreate If the cifs already shutdown, we should free the xid before return, otherwise, the xid will be leaked...

SUSE CVE-2022-50353

In the Linux kernel, the following vulnerability has been resolved: mmc: wmt-sdmmc: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, the memory that allocated in mmcallochost will be leaked and it will lead a kernel crash because of deleting not add...

SUSE CVE-2022-50354

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

SUSE CVE-2022-50355

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...

SUSE CVE-2022-50356

In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...

SUSE CVE-2022-50357

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...

SUSE CVE-2022-50358

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at initialization, host will read abnormal maxflowrings number from dongle, and it will cause kernel panic when doing iowrite to initiali...

SUSE CVE-2022-50359

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...

SUSE CVE-2022-50360

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: fix aux-bus EP lifetime Device-managed resources allocated post component bind must be tied to the lifetime of the aggregate DRM device or they will not necessarily be released when binding of the aggregate device is...

SUSE CVE-2022-50361

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregisternetdev in wilcnetdevifcinit Fault injection test reports this issue: kernel BUG at net/core/dev.c:10731! invalid opcode: 0000 1 PREEMPT SMP KASAN PTI Call Trace: wilcnetdevifcinit+0x19f/0x220...

SUSE CVE-2022-50362

In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Add multi-thread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 100 /sys/module/dmatest/parameters/threadsperchan ...

SUSE CVE-2022-50363

In the Linux kernel, the following vulnerability has been resolved: skmsg: pass gfp argument to allocskmsg syzbot found that allocskmsg could be called from a non sleepable context. skpsockverdictrecv uses rcureadlock protection. We need the callers to pass a gfpt argument to avoid issues. syzbot...

SUSE CVE-2022-50364

In the Linux kernel, the following vulnerability has been resolved: i2c: mux: reg: check return value after calling platformgetresource It will cause null-ptr-deref in resourcesize, if platformgetresource returns NULL, move calling resourcesize after devmioremapresource that will check 'res' to...

SUSE CVE-2022-50365

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...

SUSE CVE-2022-50366

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: fix UBSAN shift-out-of-bounds issue When value timeunit, the parameter of ilog2 will be zero and the return value is -1. u64-1 is too large for shift exponent and then will trigger shift-out-of-bounds: shift...

SUSE CVE-2022-50367

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

SUSE CVE-2022-50368

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dsi: fix memory corruption with too many bridges Add the missing sanity check on the bridge counter to avoid corrupting data beyond the fixed-sized bridge array in case there are ever more than eight bridges. Patchwork:...

SUSE CVE-2022-50370

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts Commit c7b79a752871 "mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs" caused a regression on certain Gigabyte motherboards for Intel Alder Lake-S where...

SUSE CVE-2022-50371

In the Linux kernel, the following vulnerability has been resolved: led: qcom-lpg: Fix sleeping in atomic lpgbrighnessset function can sleep, while led's brightnessset callback must be non-blocking. Change LPG driver to use brightnesssetblocking instead. BUG: sleeping function called from invalid...