Lucene search
K
SusecveRecent

59855 matches found

SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•9 views

SUSE CVE-2025-40044

In the Linux kernel, the following vulnerability has been resolved: fs: udf: fix OOB read in lengthAllocDescs handling When parsing Allocation Extent Descriptor, lengthAllocDescs comes from on-disk data and must be validated against the block size. Crafted or corrupted images may set...

6.3CVSS6.4AI score0.00207EPSS
Exploits0References28
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•6 views

SUSE CVE-2025-40045

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: set the comp soundwire port correctly For some reason we endup with setting soundwire port for HPHLCOMP and HPHRCOMP as zero, this can potentially result in a memory corruption due to accessing and setting ...

6.1CVSS6.6AI score0.00194EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•4 views

SUSE CVE-2025-40046

In the Linux kernel, the following vulnerability has been resolved: iouring/zcrx: fix overshooting recv limit It's reported that sometimes a zcrx request can receive more than was requested. It's caused by iozcrxrecvskb adjusting desc-count for all received buffers including frag lists, but then...

5.5CVSS6.5AI score0.00182EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•8 views

SUSE CVE-2025-40047

In the Linux kernel, the following vulnerability has been resolved: iouring/waitid: always prune wait queue entry in iowaitidwait For a successful return, always remove our entry from the wait queue entry list. Previously this was skipped if a cancelation was in progress, but this can race with...

4.7CVSS6.4AI score0.00194EPSS
Exploits0References13
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•5 views

SUSE CVE-2025-40049

In the Linux kernel, the following vulnerability has been resolved: Squashfs: fix uninit-value in squashfsgetparent Syzkaller reports a "KMSAN: uninit-value in squashfsgetparent" bug. This is caused by openbyhandleat being called with a file handle containing an invalid parent inode number. In...

6.1CVSS6.4AI score0.00207EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•5 views

SUSE CVE-2025-40050

In the Linux kernel, the following vulnerability has been resolved: bpf: Skip scalar adjustment for BPFNEG if dst is a pointer In checkaluop, the verifier currently calls checkregarg and adjustscalarminmaxvals unconditionally for BPFNEG operations. However, if the destination register holds a...

5.5CVSS6.5AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•3 views

SUSE CVE-2025-40052

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix crypto buffers in non-linear memory The crypto API, through the scatterlist API, expects input buffers to be in linear memory. We handle this with the cifssgsetbuf helper that converts vmalloc'd memory to their...

5.5CVSS6.5AI score0.00197EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•4 views

SUSE CVE-2025-40053

In the Linux kernel, the following vulnerability has been resolved: net: dlink: handle copythresh allocation failure The driver did not handle failure of netdevallocskbipalign. If the allocation failed, dereferencing skb-protocol could lead to a NULL pointer dereference. This patch tries to...

5.5CVSS6.5AI score0.00202EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•3 views

SUSE CVE-2025-40055

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix double free in userclusterconnect userclusterdisconnect frees "conn-ccprivate" which is "lc" but then the error handling frees "lc" a second time. Set "lc" to NULL on this path to avoid a double free...

5.5CVSS6.7AI score0.00207EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•3 views

SUSE CVE-2025-40056

In the Linux kernel, the following vulnerability has been resolved: vhost: vringh: Fix copytoiter return value check The return value of copytoiter can't be negative, check whether the copied length is equal to the requested length instead of checking for negative values...

6.1CVSS6.5AI score0.00197EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•2 views

SUSE CVE-2025-40057

In the Linux kernel, the following vulnerability has been resolved: ptp: Add a upper bound on maxvclocks syzbot reported WARNING in maxvclocksstore. This occurs when the argument max is too large for kcalloc to handle. Extend the guard to guard against values that are too large for kcalloc...

3.3CVSS6.5AI score0.00194EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•3 views

SUSE CVE-2025-40058

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Disallow dirty tracking if incoherent page walk Dirty page tracking relies on the IOMMU atomically updating the dirty bit in the paging-structure entry. For this operation to succeed, the paging- structure memory must...

5.5CVSS6.5AI score0.00194EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•6 views

SUSE CVE-2025-40059

In the Linux kernel, the following vulnerability has been resolved: coresight: Fix incorrect handling for return value of devmkzalloc The return value of devmkzalloc could be an null pointer, use "!desc.pdata" to fix incorrect handling return value of devmkzalloc...

5.5CVSS6.5AI score0.00194EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•8 views

SUSE CVE-2025-40060

In the Linux kernel, the following vulnerability has been resolved: coresight: trbe: Return NULL pointer for allocation failures When the TRBE driver fails to allocate a buffer, it currently returns the error code "-ENOMEM". However, the caller etmsetupaux only checks for a NULL pointer, so it...

5.5CVSS6.6AI score0.00202EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•4 views

SUSE CVE-2025-40061

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix race in dotask when draining When dotask exhausts its iteration budget !ret, it sets the state to TASKSTATEIDLE to reschedule, without a secondary check on the current task-state. This can overwrite the...

5.5CVSS6.3AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:25 a.m.•4 views

SUSE CVE-2025-40062

In the Linux kernel, the following vulnerability has been resolved: crypto: hisilicon/qm - set NULL to qm-debug.qmdiffregs When the initialization of qm-debug.accdiffreg fails, the probe process does not exit. However, after qm-debug.qmdiffregs is freed, it is not set to NULL. This can lead to a...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40063

In the Linux kernel, the following vulnerability has been resolved: crypto: comp - Use same definition of context alloc and free ops In commit 42d9f6c77479 "crypto: acomp - Move scomp stream allocation code into acomp", the cryptoacompstreams struct was made to rely on having the allocctx and...

5.5CVSS6.5AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40064

In the Linux kernel, the following vulnerability has been resolved: smc: Fix use-after-free in pnetfindbasendev. syzbot reported use-after-free of netdevice in pnetfindbasendev, which was called during connect. 0 smcpnetfindismresource fetches skdstgetsk-dev and passes down to pnetfindbasendev,...

5.5CVSS6.2AI score0.0017EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40065

In the Linux kernel, the following vulnerability has been resolved: RISC-V: KVM: Write hgatp register with valid mode bits According to the RISC-V Privileged Architecture Spec, when MODE=Bare is selected,software must write zero to the remaining fields of hgatp. We have detected the valid mode...

5.5CVSS6.6AI score0.00168EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•4 views

SUSE CVE-2025-40066

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Check phy before init mstalink in mt7996macstaaddlinks In order to avoid a possible NULL pointer dereference in mt7996macstainitlink routine, move the phy pointer check before running mt7996macstainitlink in...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•12 views

SUSE CVE-2025-40068

In the Linux kernel, the following vulnerability has been resolved: fs: ntfs3: Fix integer overflow in rununpack The MFT record relative to the file being opened contains its runlist, an array containing information about the file's location on the physical disk. Analysis of all Call Stack paths...

5.5CVSS6.6AI score0.00202EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40069

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix obj leak in VMBIND error path If we fail a handle-lookup part way thru, we need to drop the already obtained obj references. Patchwork: https://patchwork.freedesktop.org/patch/669784/...

5.5CVSS6.5AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40070

In the Linux kernel, the following vulnerability has been resolved: pps: fix warning in ppsregistercdev when register device fail Similar to previous commit 2a934fdb01db "media: v4l2-dev: fix error handling in videoregisterdevice", the release hook should be set before deviceregister. Otherwise,...

5.5CVSS6.6AI score0.00193EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•4 views

SUSE CVE-2025-40071

In the Linux kernel, the following vulnerability has been resolved: tty: ngsm: Don't block input queue by waiting MSC Currently gsmqueue processes incoming frames and when opening a DLC channel it calls gsmdlciopen which calls gsmmodemupdate. If basic mode is used it calls gsmmodemupdviamsc and i...

5.5CVSS6.6AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•4 views

SUSE CVE-2025-40072

In the Linux kernel, the following vulnerability has been resolved: fanotify: Validate the return value of mntnsfromdentry before dereferencing The function dofanotifymark does not validate if mntnsfromdentry returns NULL before dereferencing mntns-userns. This causes a NULL pointer dereference i...

5.5CVSS6.3AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40073

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Do not validate SSPP when it is not ready Current code will validate current plane and previous plane to confirm they can share a SSPP with multi-rect mode. The SSPP is already allocated for previous plane, while current...

5.5CVSS6.6AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•5 views

SUSE CVE-2025-40074

In the Linux kernel, the following vulnerability has been resolved: ipv4: start using dstdevrcu Change icmpv4xrlimallow, ipdefrag to prevent possible UAF. Change ipmrpreparexmit, ipmrqueuefwdxmit, ipmroutput, ipv4neighlookup to use lockdep enabled dstdevrcu...

5.5CVSS6.5AI score0.0017EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-40075

In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu Replace three dstdev with a lockdep enabled helper...

5.5CVSS6.5AI score0.00181EPSS
Exploits0References21
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-40076

In the Linux kernel, the following vulnerability has been resolved: PCI: rcar-host: Pass proper IRQ domain to generichandledomainirq Starting with commit dd26c1a23fd5 "PCI: rcar-host: Switch to msicreateparentirqdomain", the MSI parent IRQ domain is NULL because the object of type struct...

5.5CVSS6.4AI score0.0017EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•6 views

SUSE CVE-2025-40077

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid overflow while left shift operation Should cast type of folio-index from pgofft to lofft to avoid overflow while left shift operation...

5.5CVSS6.8AI score0.00183EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•11 views

SUSE CVE-2025-40078

In the Linux kernel, the following vulnerability has been resolved: bpf: Explicitly check accesses to bpfsockaddr Syzkaller found a kernel warning on the following sockaddr program: 0: r0 = 0 1: r2 = u32 r1 +60 2: exit which triggers: verifier bug: error during ctx access conversion 0 This is...

5.5CVSS6.4AI score0.00197EPSS
Exploits0References20
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-40079

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Sign extend struct ops return values properly The nsbpfqdisc selftest triggers a kernel panic: Unable to handle kernel paging request at virtual address ffffffffa38dbf58 Current testprogs pgtable: 4K pagesize, 57-bit...

5.5CVSS6.4AI score0.00181EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•8 views

SUSE CVE-2025-40080

In the Linux kernel, the following vulnerability has been resolved: nbd: restrict sockets to TCP and UDP Recently, syzbot started to abuse NBD with all kinds of sockets. Commit cf1b2326b734 "nbd: verify socket is supported during setup" made sure the socket supported a shutdown method. Explicitel...

5.5CVSS6.5AI score0.00183EPSS
Exploits0References19
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-40081

In the Linux kernel, the following vulnerability has been resolved: perf: armspe: Prevent overflow in PERFIDX2OFF Cast nrpages to unsigned long to avoid overflow when handling large AUX buffer sizes = 2 GiB...

5.5CVSS7AI score0.00193EPSS
Exploits0References22
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-40082

In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplusuni2asc BUG: KASAN: slab-out-of-bounds in hfsplusuni2asc+0xa71/0xb90 fs/hfsplus/unicode.c:186 Read of size 2 at addr ffff8880289ef218 by task syz.6.248/14290 CPU: 0 UID: 0 PID: 14290...

5.5CVSS6.5AI score0.00182EPSS
Exploits0References18
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•4 views

SUSE CVE-2025-53880

A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote attacker on an adjacent network to write or delete files on the filesystem with the privileges of the unprivileged wwwrun user. Although the endpoint is unauthenticated, access is restricted to a list o...

8.8CVSS7AI score0.00264EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/10/29 12:24 a.m.•3 views

SUSE CVE-2025-53883

A Improper Neutralization of Script-Related HTML Tags in a Web Page Basic XSS vulnerability allows attackers to run arbitrary javascript via a reflected XSS issue in the search fields.This issue affects Container suse/manager/5.0/x8664/server:latest: from ? before 5.0.28-150600.3.36.8; SUSE Manag...

9.3CVSS6.1AI score0.00268EPSS
Exploits0References6
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•8 views

SUSE CVE-2025-55752

Relative Path Traversal vulnerability in Apache Tomcat. The fix for bug 60013 introduced a regression where the rewritten URL was normalized before it was decoded. This introduced the possibility that, for rewrite rules that rewrite query parameters to the URL, an attacker could manipulate the...

7.5CVSS8AI score0.66535EPSS
Exploits4References16
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•5 views

SUSE CVE-2025-61105

FRRouting/frr from v4.0 through v10.4.1 was discovered to contain a NULL pointer dereference via the showvtylinkinfo function at ospfext.c. This vulnerability allows attackers to cause a Denial of Service DoS via a crafted OSPF packet...

5.9CVSS7.1AI score0.00457EPSS
Exploits1References8
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•7 views

SUSE CVE-2025-61795

Improper Resource Shutdown or Release vulnerability in Apache Tomcat. If an error occurred including exceeding limits during the processing of a multipart upload, temporary copies of the uploaded parts written to disc were not cleaned up immediately but left for the garbage collection process to...

5.3CVSS6.9AI score0.01139EPSS
Exploits0References12
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•3 views

SUSE CVE-2025-62229

A flaw was found in the X.Org X server and Xwayland when processing X11 Present extension notifications. Improper error handling during notification creation can leave dangling pointers that lead to a use-after-free condition. This can cause memory corruption or a crash, potentially allowing an...

7.5CVSS7.7AI score0.00481EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•4 views

SUSE CVE-2025-62230

A flaw was discovered in the X.Org X server's X Keyboard Xkb extension when handling client resource cleanup. The software frees certain data structures without properly detaching related resources, leading to a use-after-free condition. This can cause memory corruption or a crash when affected...

8.1CVSS6.6AI score0.00267EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•3 views

SUSE CVE-2025-62231

A flaw was identified in the X.Org X server's X Keyboard Xkb extension where improper bounds checking in the XkbSetCompatMap function can cause an unsigned short overflow. If an attacker sends specially crafted input data, the value calculation may overflow, leading to memory corruption or a cras...

8.8CVSS6.5AI score0.00281EPSS
Exploits0References24
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•4 views

SUSE CVE-2025-62594

ImageMagick is a software suite to create, edit, compose, or convert bitmap images. ImageMagick versions prior to 7.1.2-8 are vulnerable to denial-of-service due to unsigned integer underflow and division-by-zero in the CLAHEImage function. When tile width or height is zero, unsigned underflow...

5.3CVSS6.8AI score0.00334EPSS
Exploits1References7
SUSE CVE
SUSE CVE
•added 2025/10/29 12:23 a.m.•3 views

SUSE CVE-2025-62725

Docker Compose trusts the path information embedded in remote OCI compose artifacts. When a layer includes the annotations com.docker.compose.extends or com.docker.compose.envfile, Compose joins the attacker-supplied value from com.docker.compose.file/com.docker.compose.envfile with its local cac...

8.3CVSS8.8AI score0.13848EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/10/28 12:55 a.m.•4 views

SUSE CVE-2022-50557

In the Linux kernel, the following vulnerability has been resolved: pinctrl: thunderbay: fix possible memory leak in thunderbaybuildfunctions The thunderbayaddfunctions will free memory of thunderbayfuncs when everything is ok, but thunderbayfuncs will not be freed when thunderbayaddfunctions...

6.4AI score0.00193EPSS
Exploits0References3
SUSE CVE
SUSE CVE
•added 2025/10/28 12:55 a.m.•4 views

SUSE CVE-2022-50559

In the Linux kernel, the following vulnerability has been resolved: clk: imx: scu: fix memleak on platformdeviceadd fails No error handling is performed when platformdeviceadd fails. Add error processing before return, and modified the return value...

5.5CVSS6.6AI score0.00195EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/10/28 12:55 a.m.•3 views

SUSE CVE-2022-50560

In the Linux kernel, the following vulnerability has been resolved: drm/meson: explicitly remove aggregate driver at module unload time Because componentmasterdel wasn't being called when unloading the mesondrm module, the aggregate device would linger forever in the global aggregatedevices list...

5.5CVSS6.5AI score0.00195EPSS
Exploits0References7
SUSE CVE
SUSE CVE
•added 2025/10/28 12:55 a.m.•2 views

SUSE CVE-2022-50574

In the Linux kernel, the following vulnerability has been resolved: drm/omap: dss: Fix refcount leak bugs In dssinitports and dssuninitports, we should call ofnodeput for the reference returned by ofgraphgetportbyid in fail path or when it is not used anymore...

5.5CVSS6.5AI score0.002EPSS
Exploits0References9
SUSE CVE
SUSE CVE
•added 2025/10/28 12:48 a.m.•6 views

SUSE CVE-2023-53705

In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix out-of-bounds access in ipv6findtlv optlen is fetched without checking whether there is more than one byte to parse. It can lead to out-of-bounds access. Found by InfoTeCS on behalf of Linux Verification Center...

6.5CVSS6.4AI score0.00207EPSS
Exploits0References12
Total number of security vulnerabilities59855