Sat Jul 20 2024 01:39:54 UTC
 Success is the ability to go from one failure to another with no loss of enthusiasm - Winston Churchill
Hide Search Description
This result was limited to 500 bugs. See all search results for this query.
ID Product Comp Assignee Status Resolution Summary Changed
1228143 SUSE Security Incidents Incidents mvetter NEW --- VUL-0: CVE-2024-1013: unixODBC,unixODBC_23: out of bounds stack write due to pointer-to-integer types conversion 13:40:49
1228142 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40724: assimp: heap-based buffer overflow in the PLY importer class 11:15:02
1228139 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-0562: kernel: use-after-free after removing device in wb_inode_writeback_end in mm/page-writeback.c 10:15:01
1228123 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-41184: keepalived: integer overflow in vrrp_ipsets_handler 19:22:54
1228120 SUSE Security Incidents Incidents gnome-bugs NEW --- VUL-0: CVE-2024-6655: gtk2,gtk3,gtk4: library injection from current working directory 11:09:30
1228114 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41011: kernel: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages Thu 14:15
1228110 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41008: kernel: drm/amdgpu: change vm->task_info handling Thu 13:15
1228105 SUSE Security Incidents Incidents python-maintainers NEW --- VUL-0: CVE-2024-6345: python-setuptools: code execution via download functions in the package_index module in pypa/setuptools Thu 11:54
1228098 SUSE Security Incidents Incidents david.anes NEW --- VUL-0: CVE-2024-40898: apache2: SSRF with mod_rewrite in server/vhost context on Windows Thu 09:15
1228097 SUSE Security Incidents Incidents david.anes NEW --- VUL-0: CVE-2024-40725: apache2: source code disclosure of local content Thu 09:15
1228072 SUSE Security Incidents Incidents mrueckert NEW --- VUL-0: CVE-2024-39908: ruby3.2, rubygem-rexml: ReDoS when parsing an XML that has many specific characters Wed 14:17
1228071 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48850: kernel: net-sysfs: add check for netdevice being present to speed_show Wed 14:15
1228070 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48845: kernel: MIPS: smp: fill in sibling and core maps earlier 16:03:29
1228068 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48844: kernel: Bluetooth: hci_core: Fix leaking sent_cmd skb Wed 13:29
1228067 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48852: kernel: drm/vc4: hdmi: Unregister codec device on unbind Wed 14:15
1228066 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48843: kernel: drm/vrr: Set VRR capable prop only if it is attached to connector Wed 13:24
1228065 SUSE Security Incidents Incidents denis.kirjanov NEW --- VUL-0: CVE-2022-48865: kernel: tipc: fix kernel panic when enabling bearer Thu 16:32
1228064 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48842: kernel: ice: Fix race condition during interface enslave Wed 13:19
1228063 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48863: kernel: mISDN: fix memory leak in dsp_pipeline_build() 08:12:58
1228062 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48834: kernel: usb: usbtmc: Fix bug in pipe direction for control transfers Wed 13:10
1228061 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48849: kernel: drm/amdgpu: bypass tiling flag check in virtual display case (v2) Wed 13:15
1228059 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48833: kernel: btrfs: skip reserved bytes warning on unmount after log cleanup failure Wed 13:03
1228055 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48829: kernel: NFSD: Fix NFSv3 SETATTR/CREATE's handling of large file sizes Wed 12:17
1228054 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48828: kernel: NFSD: Fix ia_size underflow Wed 12:08
1228052 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21147: java-*-openjdk,java-*-ibm: OpenJDK: RangeCheckElimination array index overflow Thu 08:00
1228051 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21145: java-*-openjdk,java-*-ibm: OpenJDK: Out-of-bounds access in 2D image handling Thu 08:00
1228050 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21144: java-*-openjdk,java-*-ibm: OpenJDK: Pack200 increase loading time due to improper header validation Thu 08:00
1228048 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21140: java-*-openjdk,java-*-ibm: OpenJDK: Range Check Elimination (RCE) pre-loop limit overflow Thu 08:00
1228047 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21138: java-*-openjdk,java-*-ibm: OpenJDK: Excessive symbol length can lead to infinite loop Thu 08:00
1228046 SUSE Security Incidents Incidents fstrba NEW --- VUL-0: CVE-2024-21131: java-*-openjdk,java-*-ibm: OpenJDK: potential UTF8 size overflow Thu 08:00
1228045 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48823: kernel: scsi: qedf: fix refcount issue when LOGO is received during TMF Wed 12:15
1228040 SUSE Security Incidents Incidents oneukum NEW --- VUL-0: CVE-2022-48822: kernel: usb: f_fs: fix use-after-free for epfile 07:58:18
1228037 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48827: kernel: NFSD: Fix the behavior of READ near OFFSET_MAX Wed 10:15
1228035 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48797: kernel: mm: don't try to NUMA-migrate COW pages that have other uses Wed 09:50
1228028 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48796: kernel: iommu: Fix potential use-after-free during probe Wed 09:02
1228027 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48795: kernel: parisc: Fix data TLB miss in sba_unmap_sg Wed 09:00
1228025 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48794: kernel: net: ieee802154: at86rf230: Stop leaking skb's Wed 08:57
1228021 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41010: kernel: bpf: Fix too early release of tcx_entry Wed 09:15
1228020 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41009: kernel: bpf: Fix overrunning reservations in ringbuf Wed 09:15
1228019 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48793: kernel: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Wed 09:15
1228015 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48853: kernel: swiotlb: fix info leak with DMA_FROM_DEVICE 10:32:47
1228014 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48866: kernel: HID: hid-thrustmaster: fix OOB read in thrustmaster_interrupts Wed 09:15
1228013 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48792: kernel: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task 07:56:28
1228011 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48864: kernel: vdpa/mlx5: add validation for VIRTIO_NET_CTRL_MQ_VQ_PAIRS_SET command Wed 09:52
1228010 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48862: kernel: vhost: fix hung thread due to erroneous iotlb entries Wed 09:21
1228009 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48861: kernel: vdpa: fix use-after-free on vp_vdpa_remove Wed 09:54
1228008 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48860: kernel: ethernet: Fix error handling in xemaclite_of_probe 11:49:29
1228007 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48859: kernel: net: marvell: prestera: Add missing of_node_put() in prestera_switch_set_base_mac_addr Wed 12:41
1228006 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48858: kernel: net/mlx5: Fix a race on command flush flow Wed 13:29
1228005 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48857: kernel: NFC: port100: fix use-after-free in port100_send_complete Wed 15:23
1228004 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48856: kernel: gianfar: ethtool: Fix refcount leak in gfar_get_ts_info Thu 16:11
1228003 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2022-48855: kernel: sctp: fix kernel-infoleak for SCTP sockets 16:10:31
1228002 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48791: kernel: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Thu 14:57
1228000 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48789: kernel: nvme-tcp: fix possible use-after-free in transport error_recovery work Wed 07:53
1227997 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48851: kernel: staging: gdm724x: fix use after free in gdm_lte_rx() 14:26:32
1227996 SUSE Security Incidents Incidents denis.kirjanov NEW --- VUL-0: CVE-2022-48786: kernel: vsock: remove vsock from connected table when connect is interrupted by a signal 14:21:35
1227995 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48780: kernel: net/smc: Avoid overwriting the copies of clcsock callback functions Thu 16:05
1227992 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48846: kernel: block: release rq qos structures for queue without disk Thu 16:03
1227989 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48836: kernel: Input: aiptek - properly check endpoint type 08:21:54
1227988 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48838: kernel: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver Wed 08:15
1227987 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48837: kernel: usb: gadget: rndis: prevent integer overflow in rndis_set_response() Thu 14:06
1227985 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48839: kernel: net/packet: fix slab-out-of-bounds access in packet_recvmsg() Thu 14:04
1227984 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48832: kernel: audit: don't deref the syscall args when checking the openat2 open_how::flags Thu 14:03
1227976 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48821: kernel: misc: fastrpc: avoid double fput() on failed usercopy Thu 14:11
1227975 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48826: kernel: drm/vc4: fix deadlock on DSI device attach error Tue 19:35
1227968 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48804: kernel: vt_ioctl: fix array_index_nospec in vt_setactivate Tue 18:15
1227958 SUSE Security Incidents Incidents denis.kirjanov NEW --- VUL-0: CVE-2022-48808: kernel: net: dsa: fix panic when DSA master device unbinds on shutdown Thu 10:21
1227957 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40988: kernel: drm/radeon: fix UBSAN warning in kv_dpm.c Tue 15:15
1227953 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2022-48799: kernel: perf: fix list corruption in perf_cgroup_switch() Wed 17:54
1227952 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48788: kernel: nvme-rdma: fix possible use-after-free in transport error_recovery work Tue 15:15
1227950 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40977: kernel: wifi: mt76: mt7921s: fix potential hung tasks during chip recovery Tue 14:15
1227949 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48783: kernel: net: dsa: lantiq_gswip: fix use after free in gswip_remove() Thu 15:56
1227948 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48806: kernel: eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX Tue 14:15
1227947 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2022-48809: kernel: net: fix a memleak when uncloning an skb dst and its metadata Wed 17:51
1227946 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48781: kernel: crypto: af_alg - get rid of alg_memory_allocated Thu 15:53
1227945 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48798: kernel: s390/cio: verify the driver availability for path_event call Thu 10:08
1227944 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48814: kernel: net: dsa: seville: register the mdiobus under devres Thu 15:51
1227943 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48782: kernel: mctp: fix use after free Thu 15:49
1227942 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48802: kernel: fs/proc: task_mmu.c: don't read mapcount for migration entry Tue 14:15
1227941 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48790: kernel: nvme: fix a possible use-after-free in controller reset during load Tue 14:15
1227938 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48784: kernel: cfg80211: fix race in netlink owner interface destruction Tue 14:15
1227937 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40980: kernel: drop_monitor: replace spin_lock by raw_spin_lock Tue 13:31
1227936 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2022-48810: kernel: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path Thu 09:59
1227935 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48778: kernel: mtd: rawnand: gpmi: don't leak PM reference in error path Tue 14:15
1227934 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48819: kernel: tcp: take care of mixed splice()/sendmsg(MSG_ZEROCOPY) case Thu 15:46
1227933 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48815: kernel: net: dsa: bcm_sf2: don't use devres for mdiobus Thu 15:44
1227932 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2022-48787: kernel: iwlwifi: fix use-after-free Thu 15:41
1227929 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40978: kernel: scsi: qedi: Fix crash while reading debugfs attribute Tue 13:28
1227928 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2022-48811: kernel: ibmvnic: don't release napi in __ibmvnic_open() 19:22:19
1227927 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48785: kernel: ipv6: mcast: use rcu-safe version of ipv6_get_lladdr() Tue 14:15
1227926 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40975: kernel: platform/x86: x86-android-tablets: Unregister devices in reverse order Tue 13:23
1227925 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48776: kernel: mtd: parsers: qcom: Fix missing free for pparts in cleanup Tue 14:15
1227924 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48775: kernel: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj Thu 16:25
1227923 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48774: kernel: dmaengine: ptdma: Fix the error handling path in pt_core_init() Tue 13:15
1227921 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2022-48773: kernel: xprtrdma: fix pointer derefs in error cases of rpcrdma_ep_create Tue 12:53
1227920 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2021-47624: kernel: net/sunrpc: fix reference count leaks in rpc_sysfs_xprt_state_change Tue 12:49
1227919 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2021-47623: kernel: powerpc/fixmap: Fix VM debug warning on unmap Tue 12:59
1227917 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2021-47622: kernel: scsi: ufs: Fix a deadlock in the error handler Tue 12:25
1227914 SUSE Security Incidents Incidents mvetter NEW --- VUL-0: CVE-2024-6716: tiff: libtiff: out-of-memory issue in TIFFReadEncodedStrip() may lead to denial of service Tue 12:35
1227913 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40999: kernel: net: ena: add validation for completion descriptors consistency Tue 11:15
1227910 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40972: kernel: ext4: do not create EA inode under buffer lock Tue 09:58
1227909 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40971: kernel: f2fs: remove clear SB_INLINECRYPT flag in default_options Tue 09:56
1227899 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40970: kernel: Avoid hw_desc array overrun in dw-axi-dmac Tue 09:09
1227895 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40969: kernel: f2fs: don't set RO when shutting down f2fs 16:50:06
1227894 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40968: kernel: MIPS: Octeon: Add PCIe link status check 16:20:56
1227893 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40976: kernel: drm/lima: mask irqs in timeout path before hard reset 16:22:47
1227892 SUSE Security Incidents Incidents miroslav.franc NEW --- VUL-0: CVE-2024-40974: kernel: powerpc/pseries: Enforce hcall result buffer validity and size 17:01:32
1227891 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40967: kernel: serial: imx: Introduce timeout when waiting on transmitter empty Tue 08:32
1227890 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40973: kernel: media: mtk-vcodec: potential null pointer deference in SCP Tue 09:15
1227886 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40966: kernel: tty: add the option to have a tty reject a new ldisc Tue 08:19
1227885 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40965: kernel: i2c: lpi2c: Avoid calling clk_get_rate during transfer Tue 07:50
1227884 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40959: kernel: xfrm6: check ip6_dst_idev() return value in xfrm6_get_saddr() Wed 17:44
1227883 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40944: kernel: x86/kexec: Fix bug with call depth tracking Tue 08:15
1227870 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41002: kernel: crypto: hisilicon/sec - fix memory leak for sec resource release Mon 20:15
1227869 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41001: kernel: io_uring/sqpoll: work around a potential audit memory leak Mon 20:15
1227867 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41000: kernel: block/ioctl: prefer different overflow check Mon 19:15
1227866 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40998: kernel: ext4: fix uninitialized ratelimit_state->lock access in __ext4_fill_super() Mon 19:15
1227865 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40982: kernel: ssb: fix potential NULL pointer dereference in ssb_device_uevent() Mon 18:15
1227864 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40981: kernel: batman-adv: bypass empty buckets in batadv_purge_orig_ref() Mon 18:15
1227863 SUSE Security Incidents Incidents denis.kirjanov NEW --- VUL-0: CVE-2024-41007: kernel: tcp: avoid too many retransmit packets Wed 17:40
1227862 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2024-41006: kernel: netrom: fix a memory leak in nr_heartbeat_expiry() Wed 17:37
1227858 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-41005: kernel: netpoll: fix race condition in netpoll_owner_active Mon 17:15
1227855 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40979: kernel: wifi: ath12k: fix kernel crash during resume Tue 08:25
1227853 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40997: kernel: cpufreq: amd-pstate: fix memory leak on CPU EPP exit Tue 08:49
1227849 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-40943: kernel: ocfs2: fix races between hole punching and AIO+DIO Thu 08:09
1227848 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40918: kernel: parisc: Try to fix random segmentation faults in package builds 16:18:26
1227847 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40917: kernel: memblock: make memblock_set_node() also warn about use of MAX_NUMNODES Mon 15:15
1227846 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40916: kernel: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found Mon 15:15
1227842 SUSE Security Incidents Incidents osalvador NEW --- VUL-0: CVE-2024-40914: kernel: mm/huge_memory: don't unpoison huge_zero_folio Wed 17:23
1227840 SUSE Security Incidents Incidents miroslav.franc NEW --- VUL-0: CVE-2024-40938: kernel: landlock: fix d_parent walk Wed 17:20
1227836 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2024-40937: kernel: gve: clear napi->skb before dev_kfree_skb_any() Wed 17:06
1227832 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40910: kernel: ax25: Fix refcount imbalance on inbound connections Wed 16:52
1227830 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40995: kernel: net/sched: act_api: fix possible infinite loop in tcf_idr_check_alloc() Wed 16:27
1227829 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40994: kernel: ptp: fix integer overflow in max_vclocks_store Mon 14:15
1227828 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40932: kernel: drm/exynos/vidi: fix memory leak in .get_modes() Mon 14:15
1227826 SUSE Security Incidents Incidents kernel-bugs REOP --- VUL-0: CVE-2024-40992: kernel: RDMA/rxe: Fix responder length checking for UD request packets Wed 08:15
1227824 SUSE Security Incidents Incidents nicolas.morey NEW --- VUL-0: CVE-2024-40990: kernel: RDMA/mlx5: Add check for srq max_sge attribute Wed 16:12
1227823 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40989: kernel: KVM: arm64: Disassociate vcpus from redistributor region on teardown Mon 14:15
1227822 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2024-40986: kernel: dmaengine: xilinx: xdma: Fix data synchronisation in xdma_channel_isr() Thu 16:19
1227821 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2024-40985: kernel: net/tcp_ao: Don't leak ao_info on error-path Thu 15:25
1227820 SUSE Security Incidents Incidents trenn NEW --- VUL-0: CVE-2024-40984: kernel: ACPICA: Revert "ACPICA: avoid Info: mapping multiple BARs. Your kernel is fine." Wed 14:54
1227819 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40983: kernel: tipc: force a dst refcount before doing decryption Mon 14:15
1227818 SUSE Security Incidents Incidents kernel-bugs REOP --- VUL-0: CVE-2024-40964: kernel: ALSA: hda: cs35l41: Possible null pointer dereference in cs35l41_hda_unbind() Wed 08:15
1227817 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40963: kernel: mips: bmips: BCM6358: make sure CBR is correctly set 16:14:22
1227816 SUSE Security Incidents Incidents oneukum NEW --- VUL-0: CVE-2024-40927: kernel: xhci: handle TD clearing for multiple streams case Wed 14:50
1227814 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2024-40961: kernel: ipv6: prevent possible NULL deref in fib6_nh_init() Wed 14:44
1227813 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2024-40960: kernel: ipv6: prevent possible NULL dereference in rt6_probe() Wed 14:42
1227812 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40958: kernel: netns: Make get_net_ns() handle zero refcount net Wed 14:40
1227811 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40957: kernel: seg6: fix parameter passing when calling NF_HOOK() in End.DX4 and End.DX6 behaviors Mon 14:15
1227810 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40956: kernel: dmaengine: idxd: Fix possible Use-After-Free in irq_process_work_list Mon 14:15
1227808 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40954: kernel: net: do not leave a dangling sk pointer, when socket creation fails Mon 14:15
1227806 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40953: kernel: KVM: Fix a data race on last_boosted_vcpu in kvm_vcpu_on_spin() Fri 06:51
1227805 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2024-40952: kernel: ocfs2: fix NULL pointer dereference in ocfs2_journal_dirty() Thu 14:20
1227804 SUSE Security Incidents Incidents security-team REOP --- VUL-0: CVE-2024-40951: kernel: ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() Thu 14:17
1227803 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40947: kernel: ima: Avoid blocking in RCU read-side critical section Mon 13:15
1227802 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40945: kernel: iommu: Return right value in iommu_sva_bind_device() Wed 14:34
1227801 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40948: kernel: mm/page_table_check: fix crash on ZONE_DEVICE Wed 15:33
1227800 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2024-40940: kernel: net/mlx5: Fix tainted pointer delete is case of flow rules creation fail Wed 14:56
1227799 SUSE Security Incidents Incidents denis.kirjanov NEW --- VUL-0: CVE-2024-40939: kernel: net: wwan: iosm: Fix tainted pointer delete is case of region creation fail Wed 14:26
1227798 SUSE Security Incidents Incidents shung-hsi.yu NEW --- VUL-0: CVE-2024-40909: kernel: bpf: Fix a potential use-after-free in bpf_link_free() Wed 14:24
1227797 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40935: kernel: cachefiles: flush all requests after setting CACHEFILES_DEAD Mon 13:15
1227796 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-40934: kernel: HID: logitech-dj: Fix memory leak in logi_dj_recv_switch_to_dj_mode() Mon 13:15
1227792 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40911: kernel: wifi: cfg80211: Lock wiphy in cfg80211_get_station Tue 13:55
1227790 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40912: kernel: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() Wed 15:24
1227789 SUSE Security Incidents Incidents jack NEW --- VUL-0: CVE-2024-40925: kernel: block: fix request.queuelist usage in flush Tue 13:29
1227788 SUSE Security Incidents Incidents mhocko NEW --- VUL-0: CVE-2024-40928: kernel: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() 12:32:39
1227786 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40923: kernel: vmxnet3: disable rx data ring on dma allocation failure 12:27:33
1227784 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-40921: kernel: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Tue 14:17
1227783 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40908: kernel: bpf: Set run context for rawtp test_run callback Wed 14:07
1227781 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-40920: kernel: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state Tue 12:34
1227780 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40931: kernel: mptcp: ensure snd_una is properly initialized on connect 12:10:45
1227779 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40919: kernel: bnxt_en: adjust logging of firmware messages in case of released token in __hwrm_send() 12:01:23
1227774 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40929: kernel: wifi: iwlwifi: mvm: check n_ssids before accessing the ssids Wed 15:24
1227772 SUSE Security Incidents Incidents mhocko NEW --- VUL-0: CVE-2024-40904: kernel: USB: class: cdc-wdm: Fix CPU lockup caused by excessive log messages 11:41:17
1227771 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40941: kernel: wifi: iwlwifi: mvm: don't read past the mfuart notifcation 11:50:57
1227770 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40942: kernel: wifi: mac80211: mesh: Fix leak of mesh_preq_queue objects Wed 15:24
1227769 SUSE Security Incidents Incidents yu.daike NEW --- VUL-0: CVE-2024-39917: xrdp: attackers can make an infinite number of login attempts despite configuration parameter MaxLoginRetry Mon 09:15
1227766 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40903: kernel: usb: typec: tcpm: fix use-after-free case in tcpm_register_source_caps Tue 12:19
1227764 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40902: kernel: jfs: xattr: fix buffer overflow for invalid xattr Tue 12:11
1227763 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-40906: kernel: net/mlx5: Always stop health timer during driver removal Wed 15:00
1227762 SUSE Security Incidents Incidents lduncan CONF --- VUL-0: CVE-2024-40901: kernel: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory Tue 17:20
1227761 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-40905: kernel: ipv6: fix possible race in __fib6_drop_pcpu_from() Tue 11:05
1227757 SUSE Security Incidents Incidents cve-kpm NEW --- VUL-0: CVE-2024-39504: kernel: netfilter: nft_inner: validate mandatory meta and payload Tue 09:53
1227755 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39502: kernel: ionic: fix use after netif_napi_del() Wed 14:59
1227754 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39501: kernel: drivers: core: synchronize really_probe() and dev_uevent() Tue 09:55
1227750 SUSE Security Incidents Incidents nfbrown NEW --- VUL-0: CVE-2023-52885: kernel: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() 07:55:43
1227733 SUSE Security Incidents Incidents dsterba IN_P --- VUL-0: CVE-2024-39509: kernel: HID: core: remove unnecessary WARN_ON() in implement() Fri 00:30
1227732 SUSE Security Incidents Incidents gabriel.bertazi NEW --- VUL-0: CVE-2024-39508: kernel: io_uring/io-wq: use set_bit() and test_bit() at worker->flags Mon 16:49
1227730 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2024-39507: kernel: net: hns3: fix kernel crash problem in concurrent scenario Wed 16:45
1227729 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2024-39506: kernel: liquidio: adjust a NULL pointer handling path in lio_vf_rep_copy_packet Mon 16:37
1227725 SUSE Security Incidents Incidents dsterba IN_P --- VUL-0: CVE-2024-39499: kernel: vmci: prevent speculation leaks by sanitizing event in event_deliver() Fri 00:38
1227723 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39498: kernel: drm/mst: fix NULL pointer dereference at drm_dp_add_payload_part2 Tue 13:08
1227722 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39497: kernel: drm/shmem-helper: fix BUG_ON() on mmap(PROT_WRITE, MAP_PRIVATE) Wed 06:48
1227719 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-39496: kernel: btrfs: zoned: fix use-after-free due to race with dev replace 2024-07-12
1227716 SUSE Security Incidents Incidents ddiss NEW --- VUL-0: CVE-2024-39494: kernel: ima: fix use-after-free on a dentry's dname.name Tue 09:12
1227693 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38526: netpbm: Polyfill Supplay Chain Attack 2024-07-12
1227690 SUSE Security Incidents Incidents peter.simons NEW --- VUL-0: CVE-2024-38526: ghc-pandoc: Polyfill Supply Chain Attack 2024-07-12
1227687 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38526: TRACKERBUG: Polyfill Supply Chain Attack 2024-07-12
1227627 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39491: kernel: ALSA: hda: cs35l56: Fix lifetime of cs_dsp instance 2024-07-10
1227626 SUSE Security Incidents Incidents vasant.karasulli NEW --- VUL-0: CVE-2024-39490: kernel: ipv6: sr: fix missing sk_buff release in seg6_input_core 2024-07-12
1227623 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-39489: kernel: ipv6: sr: fix memleak in seg6_hmac_init_algo 2024-07-10
1227620 SUSE Security Incidents Incidents duwe IN_P --- VUL-0: CVE-2024-39493: kernel: crypto: qat - fix ADF_DEV_RESET_SYNC memory leak Tue 09:53
1227619 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39492: kernel: mailbox: mtk-cmdq: fix pm_runtime_get_sync() warning in mbox shutdown 2024-07-10
1227618 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39488: kernel: arm64: asm-bug: add .align 2 to the end of __BUG_ENTRY 2024-07-10
1227610 SUSE Security Incidents Incidents william.brown NEW --- VUL-0: CVE-2024-6237: 389-ds: unauthenticated user can trigger a DoS by sending a specific extended search request 2024-07-11
1227608 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39312: Botan: Improper certificate validation Wed 08:53
1227607 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-34702: Botan: Assymetric resource consumption Wed 13:33
1227595 SUSE Security Incidents Incidents nico.krapp IN_P --- VUL-0: CVE-2024-39614: python-Django: potential denial-of-service through django.utils.translation.get_supported_language_variant() Wed 18:15
1227594 SUSE Security Incidents Incidents nico.krapp IN_P --- VUL-0: CVE-2024-39330: python-Django: potential directory traversal in django.core.files.storage.Storage.save() Wed 18:15
1227593 SUSE Security Incidents Incidents nico.krapp IN_P --- VUL-0: CVE-2024-39329: python-Django: username enumeration through timing difference for users with unusable passwords Wed 18:15
1227590 SUSE Security Incidents Incidents nico.krapp IN_P --- VUL-0: CVE-2024-38875: python-Django: potential denial-of-service through django.utils.html.urlize() Wed 18:15
1227583 SUSE Security Incidents Incidents python-maintainers NEW --- VUL-0: CVE-2021-32798: python-notebook: The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to ... 2024-07-09
1227573 SUSE Security Incidents Incidents dsterba IN_P --- VUL-0: CVE-2024-39487: kernel: bonding: fix out-of-bounds read in bond_option_arp_ip_targets_set() Thu 23:48
1227566 SUSE Security Incidents Incidents songchuan.kang NEW --- VUL-0: CVE-2024-6501: NetworkManager: Denial of Service 2024-07-09
1227562 SUSE Security Incidents Incidents amajer NEW --- VUL-0: CVE-2024-22018: nodejs: fs.lstat bypasses permission model Wed 08:30
1227561 SUSE Security Incidents Incidents amajer NEW --- VUL-0: CVE-2024-36137: nodejs: fs.fchown/fchmod bypasses permission model Wed 08:30
1227554 SUSE Security Incidents Incidents amajer NEW --- VUL-0: CVE-2024-22020: nodejs: bypass network import restriction via data URL Wed 08:30
1227549 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48713: kernel: perf/x86/intel/pt: Fix crash with stop filters in single-range mode 2024-07-09
1227547 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-5569: python-zipp: A Denial of Service (DoS) vulnerability exists in the jaraco/zipp library, affecting all versions prior to 3.19.1. The vulnerability is triggered when processing a specially crafted zip file that leads to an infinit ... 2024-07-11
1227546 SUSE Security Incidents Incidents mt NEW --- VUL-0: CVE-2024-28882: openvpn: multiple exit notifications from authenticated clients will extend the validity of a closing session 2024-07-09
1227541 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6563: arm-trusted-firmware: Buffer Copy without Checking Size of Input Fri 07:14
1227540 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6564: arm-trusted-firmware: Buffer overflow in "rcar_dev_init" due to using untrusted data as a loop counter Fri 07:21
1227525 SUSE Security Incidents Incidents meissner NEW --- VUL-0: ca-certificates-mozilla: 2.68 release 2024-07-09
1227494 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39483: kernel: KVM: SVM: WARN on vNMI + NMI window iff NMIs are outright masked 2024-07-08
1227493 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39484: kernel: mmc: davinci: Don't strip remove function when driver is builtin 2024-07-08
1227492 SUSE Security Incidents Incidents mgorman NEW --- VUL-0: CVE-2024-39486: kernel: drm/drm_file: Fix pid refcounting race 2024-07-09
1227447 SUSE Security Incidents Incidents colyli IN_P --- VUL-0: CVE-2024-39482: kernel: bcache: fix variable length array abuse in btree_iter 2024-07-09
1227445 SUSE Security Incidents Incidents jlee NEW --- VUL-0: CVE-2024-39480: kernel: kdb: Fix buffer overflow during tab-complete 2024-07-08
1227437 SUSE Security Incidents Incidents colyli NEW --- VUL-0: CVE-2024-39476: kernel: md/raid5: fix deadlock that raid5d() wait for itself to clear MD_SB_CHANGE_PENDING 2024-07-08
1227434 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39474: kernel: mm/vmalloc: fix vmalloc which may return null if called with __GFP_NOFAIL 2024-07-05
1227432 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39472: kernel: xfs: fix log recovery buffer allocation for the legacy h_size fixup Thu 14:01
1227426 SUSE Security Incidents Incidents alarrosa NEW --- VUL-0: CVE-2024-39936: libqt4,libqt5-qtbase,qt3,qt6-base: delay any HTTP2 communication until encrypted() can be responded to 2024-07-06
1227425 SUSE Security Incidents Incidents coldpool NEW --- VUL-0: CVE-2023-39329: openjpeg,openjpeg2: Resource exhaustion will occur in the opj_t1_decode_cblks function in the tcd.c Mon 04:35
1227424 SUSE Security Incidents Incidents coldpool NEW --- VUL-0: CVE-2023-39328: openjpeg,openjpeg2: denail of service via crafted image file Mon 04:35
1227423 SUSE Security Incidents Incidents wullinger NEW --- VUL-0: CVE-2024-39929: exim: Incorrect parsing of multiline rfc2231 header filename Mon 17:05
1227422 SUSE Security Incidents Incidents kernel-bugs NEW --- VUL-0: CVE-2024-39920: kernel: TCP: SnailLoad timing side channel in TCP 2024-07-08
1227413 SUSE Security Incidents Incidents jsmeix NEW --- VUL-0: CVE-2023-39327: ghostscript: openjpeg: malicious files can cause a large loop that continuously prints warning messages on the terminal 2024-07-05
1227412 SUSE Security Incidents Incidents hpj NEW --- VUL-0: CVE-2023-39327: openjpeg2: openjpeg: malicious files can cause a large loop that continuously prints warning messages on the terminal 2024-07-04
1227411 SUSE Security Incidents Incidents coldpool NEW --- VUL-0: CVE-2023-39327: openjpeg: openjpeg: malicious files can cause a large loop that continuously prints warning messages on the terminal Mon 04:34
1227410 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2023-39327: TRACKERBUG: openjpeg: malicious files can cause a large loop that continuously prints warning messages on the terminal 2024-07-04
1227399 SUSE Security Incidents Incidents tomcat-maintainers NEW --- VUL-0: CVE-2024-34750: tomcat,tomcat10,tomcat6: Improper Handling of Exceptional Conditions Wed 11:34
1227397 SUSE Security Incidents Incidents dfaggioli NEW --- VUL-0: CVE-2024-6505: qemu: qemu-kvm: virtio-net: queue index out-of-bounds access in software RSS 2024-07-08
1227383 SUSE Security Incidents Incidents security-team NEW --- VUL-0: kernel: slab-out-of-bounds in hex_dump_to_buffer 2024-07-05
1227382 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29506: ghostscript: stack-based buffer overflow in the pdfi_apply_filter() Tue 08:10
1227381 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29507: ghostscript: stack-based buffer overflow via the CIDFSubstPath and CIDFSubstFont parameters Tue 08:10
1227380 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29508: ghostscript: heap pointer leak in pdf_base_font_alloc() Wed 20:30
1227379 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29509: ghostscript: heap buffer overflow via the PDFPassword parameter Tue 08:12
1227377 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29511: ghostscript: arbitrary file read/write through Tesseract configuration Tue 08:13
1227359 SUSE Security Incidents Incidents antonio.teixeira NEW --- VUL-0: CVE-2023-52169: 7zip,p7zip: out-of-bounds read in NTFS handler allows bytes read beyond the intended buffer size to be presented as a part of a filename listed in the file system image Mon 20:36
1227358 SUSE Security Incidents Incidents antonio.teixeira NEW --- VUL-0: CVE-2023-52168: 7zip,p7zip: heap-based buffer overflow in the NTFS handler allows two bytes to be overwritten at multiple offsets Mon 20:36
1227355 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-31143: xen: double unlock in x86 guest IRQ handling (XSA-458) Tue 16:30
1227353 SUSE Security Incidents Incidents david.anes NEW --- VUL-0: CVE-2024-39884: apache2: source code disclosure with handlers configured via AddType Thu 08:40
1227322 SUSE Security Incidents Incidents dfaggioli NEW --- VUL-0: CVE-2024-4467: qemu: 'qemu-img info' leads to host file read/write 2024-07-08
1227318 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39894: openssh: timing attacks against echo-off password entry Wed 16:30
1227314 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-24791 go1.21,go1.22: net/http: denial of service due to improper 100-continue handling 2024-07-05
1227310 SUSE Security Incidents Incidents dcermak NEW --- VUL-0: CVE-2024-39316: rubygem-rack: ReDoS in HTTP header parsing routine 2024-07-02
1227296 SUSE Security Incidents Incidents qzhao NEW --- VUL-0: CVE-2024-32230: ffmpeg,ffmpeg-4: buffer overflow due to negative-size-param bug at libavcodec/mpegvideo_enc.c in load_input_picture 2024-07-03
1227295 SUSE Security Incidents Incidents qzhao NEW --- VUL-0: CVE-2024-32229: ffmpeg,ffmpeg-4: heap-buffer-overflow at libavfilter/vf_tiltandshift.c in copy_column. 2024-07-03
1227278 SUSE Security Incidents Incidents david.anes NEW --- VUL-0: CVE-2024-38474: apache2: Substitution encoding issue in mod_rewrite Wed 12:41
1227277 SUSE Security Incidents Incidents qzhao NEW --- VUL-0: CVE-2024-32228: ffmpeg,ffmpeg-4: buffer overflow at libavcodec/hevcdec.c in hevc_frame_end. 2024-07-03
1227276 SUSE Security Incidents Incidents david.anes NEW --- VUL-0: CVE-2024-38473: apache2: Encoding problem in mod_proxy Wed 12:41
1227272 SUSE Security Incidents Incidents david.anes IN_P --- VUL-0: CVE-2024-36387: apache2: DoS by null pointer in websocket over HTTP/2 Wed 05:16
1227271 SUSE Security Incidents Incidents david.anes IN_P --- VUL-0: CVE-2024-39573: apache2,apache2-tls13: httpd: potential SSRF in mod_rewrite Wed 12:41
1227270 SUSE Security Incidents Incidents david.anes IN_P --- VUL-0: CVE-2024-38477: apache2,apache2-tls13: httpd: null pointer dereference in mod_proxy Wed 12:41
1227269 SUSE Security Incidents Incidents david.anes IN_P --- VUL-0: CVE-2024-38476: apache2,apache2-tls13: Apache HTTP Server may use exploitable/malicious backend application output to run local handlers via internal redirect Thu 16:43
1227268 SUSE Security Incidents Incidents david.anes IN_P --- VUL-0: CVE-2024-38475: apache2,apache2-tls13: httpd: Improper escaping of output in mod_rewrite Wed 12:41
1227252 SUSE Security Incidents Incidents alarrosa NEW --- VUL-0: CVE-2024-38999: pgadmin4: prototype pollution via function s.contexts._.configure 2024-07-01
1227251 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38999: TRACKERBUG: prototype pollution via function s.contexts._.configure 2024-07-01
1227248 SUSE Security Incidents Incidents alarrosa NEW --- VUL-0: CVE-2024-38998: pgadmin4: requirejs: prototype pollution via function config 2024-07-01
1227247 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38998: TRACKERBUG: requirejs: prototype pollution via function config 2024-07-01
1227239 SUSE Security Incidents Incidents mozilla-bugs NEW --- VUL-0: CVE-2024-34703: MozillaThunderbird: Botan: denial of service due to overly large elliptic curve parameters 2024-07-12
1227238 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-34703: TRACKERBUG: Botan: denial of service due to overly large elliptic curve parameters Wed 13:34
1227234 SUSE Security Incidents Incidents oneukum NEW --- VUL-0: kernel: USB/IP VHCI Driver Race Condition Privilege Escalation Vulnerability Tue 15:15
1227233 SUSE Security Incidents Incidents python-maintainers NEW --- VUL-0: CVE-2024-5642: python,python3,python36,python39: invalid value sent to underlying OpenSSL API may cause a buffer overread when NPN is used 2024-07-01
1227203 SUSE Security Incidents Incidents adrian.schroeter NEW --- VUL-0: CVE-2024-22033: obs-service-download_url: argument injection Mon 13:05
1227187 SUSE Security Incidents Incidents samba NEW --- VUL-0: CVE-2024-37371: krb5: invalid memory read when processing message tokens with invalid length fields 2024-07-10
1227186 SUSE Security Incidents Incidents samba NEW --- VUL-0: CVE-2024-37370: krb5: confidential GSS krb5 wrap tokens with invalid plaintext Extra Count fields are errouneously accepted during unwrap 2024-07-10
1227178 SUSE Security Incidents Incidents valentin.lefebvre NEW --- VUL-0: CVE-2024-39134: zziplib: stack buffer overflow via the __zzip_fetch_disk_trailer() function 2024-06-28
1227175 SUSE Security Incidents Incidents valentin.lefebvre REOP --- VUL-0: CVE-2024-39133: zziplib: heap buffer overflow in the __zzip_parse_root_directory() function Wed 08:15
1227138 SUSE Security Incidents Incidents pmonrealgonzalez NEW --- VUL-0: CVE-2024-5535: openssl: SSL_select_next_proto buffer overread 2024-07-03
1227103 SUSE Security Incidents Incidents ematsumiya NEW --- VUL-0: CVE-2024-39468: kernel: smb: client: fix deadlock in smb2_find_smb_tcon() 2024-07-10
1227101 SUSE Security Incidents Incidents fdmanana NEW --- VUL-0: CVE-2024-37354: kernel: btrfs: fix crash on racing fsync and size-extending write into prealloc Thu 16:36
1227098 SUSE Security Incidents Incidents antonio.teixeira NEW --- VUL-0: CVE-2024-34580: xml-security-c: implementation of the XML Signature Syntax and Processing (XMLDsig) specification without protection against an SSRF payload in a KeyInfo element 2024-06-27
1227096 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39471: kernel: drm/amdgpu: add error handle to avoid out-of-bounds 2024-07-10
1227090 SUSE Security Incidents Incidents rgoldwyn NEW --- VUL-0: CVE-2024-39463: kernel: 9p: add missing locking around taking dentry fid list 2024-07-08
1227086 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-37894: squid,squid3: squid: Out-of-bounds write error may lead to Denial of Service 2024-07-02
1227082 SUSE Security Incidents Incidents osalvador NEW --- VUL-0: CVE-2024-39298: kernel: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages 2024-06-28
1227080 SUSE Security Incidents Incidents alarrosa NEW --- VUL-0: CVE-2024-6238: pgadmin4: pgadmin: Insecure permissions for the installation directory 2024-06-27
1227077 SUSE Security Incidents Incidents jayvdb NEW --- VUL-0: CVE-2024-21520: python-djangorestframework: improper input sanitization before splitting and joining with <br> tags in break_long_headers template filter 2024-06-26
1227069 SUSE Security Incidents Incidents jgross NEW --- VUL-0: CVE-2021-4440: kernel: x86/xen: drop USERGS_SYSRET64 paravirt call 2024-06-28
1227066 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-37078: kernel: nilfs2: fix potential kernel bug due to lack of writeback flag waiting 2024-07-10
1227062 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: weave-gitops: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227061 SUSE Security Incidents Incidents antonio.teixeira NEW --- VUL-0: CVE-2024-6104: velociraptor: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227060 SUSE Security Incidents Incidents jkowalczyk NEW --- VUL-0: CVE-2024-6104: trufflehog: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227059 SUSE Security Incidents Incidents alexandre.vicenzi NEW --- VUL-0: CVE-2024-6104: traefik: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-07-12
1227058 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: terragrunt: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227057 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: sops: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227056 SUSE Security Incidents Incidents containers-bugowner NEW --- VUL-0: CVE-2024-6104: skopeo: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227055 SUSE Security Incidents Incidents ceph-bugs NEW --- VUL-0: CVE-2024-6104: rook: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227054 SUSE Security Incidents Incidents bugzilla_opensuse NEW --- VUL-0: CVE-2024-6104: rke2: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227053 SUSE Security Incidents Incidents meissner NEW --- VUL-0: CVE-2024-6104: rekor: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227052 SUSE Security Incidents Incidents containers-bugowner NEW --- VUL-0: CVE-2024-6104: podman: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-07-03
1227051 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: opentofu: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227050 SUSE Security Incidents Incidents jkowalczyk NEW --- VUL-0: CVE-2024-6104: neonmodem: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227049 SUSE Security Incidents Incidents mrostecki NEW --- VUL-0: CVE-2024-6104: minikube: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227048 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: melange: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227047 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: lego: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227046 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: kyverno: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227045 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: kubescape: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227044 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: kube-linter: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227043 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: kubefirst: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227042 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: kubearmor-client: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227041 SUSE Security Incidents Incidents matwey.kornilov NEW --- VUL-0: CVE-2024-6104: influxdb2: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227039 SUSE Security Incidents Incidents monitoring-devel IN_P --- VUL-0: CVE-2024-6104: grafana: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-28
1227038 SUSE Security Incidents Incidents monitoring-devel IN_P --- VUL-0: CVE-2024-6104: golang-github-prometheus-prometheus: hashicorp/go-retryablehttp: url might write sensitive information to log file Tue 07:37
1227037 SUSE Security Incidents Incidents orville NEW --- VUL-0: CVE-2024-6104: glab: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227036 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: gitsign: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227035 SUSE Security Incidents Incidents pdostal NEW --- VUL-0: CVE-2024-6104: gh: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227033 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: flux2-cli: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227032 SUSE Security Incidents Incidents jkowalczyk NEW --- VUL-0: CVE-2024-6104: cri-o: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227031 SUSE Security Incidents Incidents meissner NEW --- VUL-0: CVE-2024-6104: cosign: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227030 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: chart-testing: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227029 SUSE Security Incidents Incidents stefan.haas NEW --- VUL-0: CVE-2024-6104: ceph-csi: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227028 SUSE Security Incidents Incidents danish.prakash NEW --- VUL-0: CVE-2024-6104: buildkit: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227027 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: argocd-cli: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227026 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: apko: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227025 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6104: alloy: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227024 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6104: TRACKERBUG: hashicorp/go-retryablehttp: url might write sensitive information to log file 2024-06-26
1227022 SUSE Security Incidents Incidents dmueller NEW --- VUL-0: CVE-2024-6257: trivy: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227021 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: terragrunt: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227020 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: talosctl: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227019 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: opentofu: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227018 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: okteto: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227017 SUSE Security Incidents Incidents mrostecki NEW --- VUL-0: CVE-2024-6257: minikube: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227016 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: kubescape: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227015 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: k9s: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227013 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-6257: grype: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227012 SUSE Security Incidents Incidents opensuse_buildservice IN_P --- VUL-0: CVE-2024-6257: conftest: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-07-12
1227011 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6257: TRACKERBUG: hashicorp/go-getter: Arbitrary command execution through local git config file 2024-06-26
1227010 SUSE Security Incidents Incidents dmueller NEW --- VUL-0: CVE-2024-3817: trivy: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227009 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: terragrunt: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227008 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: openSUSE:Factory/talosctl: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227007 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: opentofu: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227006 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: okteto: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227005 SUSE Security Incidents Incidents mrostecki NEW --- VUL-0: CVE-2024-3817: minikube: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227004 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: kubescape: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227003 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: k9s: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1227001 SUSE Security Incidents Incidents opensuse_buildservice NEW --- VUL-0: CVE-2024-3817: grype: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1226999 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-3817: TRACKERBUG: hashicorp/go-getter: argument injection when fetching remote default git branches 2024-06-26
1226996 SUSE Security Incidents Incidents miroslav.franc IN_P --- VUL-0: CVE-2024-38661: kernel: s390/ap: Fix crash in AP internal function modify_bitmap() Thu 16:36
1226994 SUSE Security Incidents Incidents brahmajit.das NEW --- VUL-0: CVE-2024-39301: kernel: net/9p: fix uninit-value in p9_client_rpc() Thu 16:36
1226993 SUSE Security Incidents Incidents jack NEW --- VUL-0: CVE-2024-39276: kernel: ext4: fix mb_cache_entry's e_refcnt leak in ext4_xattr_block_cache_find() 2024-06-27
1226992 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-39469: kernel: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors 2024-07-10
1226990 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39371: kernel: io_uring: check for non-NULL file pointer in io_file_can_poll() 2024-07-08
1226989 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39296: kernel: bonding: fix oops during rmmod 2024-07-08
1226976 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48772: kernel: media: lgdt3306a: add a check against null-pointer-def Thu 16:36
1226975 SUSE Security Incidents Incidents martin.schreiner IN_P --- VUL-0: CVE-2024-5261: libreoffice: TLS certificates are not properly verified when utilizing LibreOfficeKit 2024-07-01
1226968 SUSE Security Incidents Incidents antonio.teixeira NEW --- VUL-0: CVE-2024-38355: velociraptor: socket.io: unhandled 'error' event 2024-06-25
1226967 SUSE Security Incidents Incidents alarrosa NEW --- VUL-0: CVE-2024-38355: pgadmin4: socket.io: unhandled 'error' event 2024-06-25
1226966 SUSE Security Incidents Incidents amajer NEW --- VUL-0: CVE-2024-38355: nodejs8,nodejs10,nodejs12: socket.io: unhandled 'error' event 2024-06-25
1226965 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38355: TRACKERBUG: socket.io: unhandled 'error' event 2024-06-25
1226957 SUSE Security Incidents Incidents werner NEW --- VUL-0: CVE-2024-39331: emacs: evaluation of arbitrary unsafe Elisp code in Org mode 20:30:01
1226950 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-37021: kernel: fpga: manager: add owner module and take its refcount Thu 16:36
1226949 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-36479: kernel: fpga: bridge: add owner module and take its refcount Thu 16:36
1226948 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-35247: kernel: fpga: region: add owner module and take its refcount Thu 16:36
1226946 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-33869: ghostscript: path traversal and command execution due to path reduction 2024-07-04
1226945 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-29510: ghostscript,ghostscript-library: format string injection leads to shell command execution (SAFER bypass) 2024-07-04
1226944 SUSE Security Incidents Incidents jsmeix IN_P --- VUL-0: CVE-2024-33870: ghostscript: path traversal to arbitrary files if the current directory is in the permitted paths 2024-07-04
1226941 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38664: kernel: drm: zynqmp_dpsub: Always register bridge 2024-07-08
1226939 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38663: kernel: blk-cgroup: fix list corruption from resetting io stat 2024-07-08
1226938 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38384: kernel: blk-cgroup: fix list corruption from reorder of WRITE ->lqueued 2024-07-08
1226934 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-39291: kernel: drm/amdgpu: Fix buffer size in gfx_v9_4_3_init_ cp_compute_microcode() and rlc_microcode() 2024-07-08
1226927 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6287: arm-trusted-firmware: incorrect calculation when checking whether a new image invades/overlaps with a previously loaded image Mon 08:34
1226926 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6285: arm-trusted-firmware: integer underflow during image range check calculations Mon 08:35
1226922 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-33847: kernel: f2fs: compress: don't allow unaligned truncation on released compress inode 2024-06-25
1226916 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-6239: poppler,poppler-qt: crash when using pdfinfo with -dests parameter on malformed input files 2024-07-08
1226911 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38628: kernel: usb: gadget: u_audio: Fix race condition use of controls after free during gadget unbind. 2024-07-08
1226908 SUSE Security Incidents Incidents jdelvare IN_P --- VUL-0: CVE-2024-38630: kernel: watchdog: cpu5wdt.c: fix use-after-free bug caused by cpu5wdt_trigger Tue 13:44
1226901 SUSE Security Incidents Incidents sndirsch IN_P --- VUL-0: CVE-2023-47169: libmfx: improper buffer restrictions 2024-07-02
1226900 SUSE Security Incidents Incidents sndirsch IN_P --- VUL-0: CVE-2023-47282: libmfx: out-of-bounds write 2024-07-02
1226899 SUSE Security Incidents Incidents sndirsch IN_P --- VUL-0: CVE-2023-22656: libmfx: out-of-bounds read 2024-07-02
1226898 SUSE Security Incidents Incidents sndirsch IN_P --- VUL-0: CVE-2023-45221: libmfx: improper buffer restrictions 2024-07-02
1226897 SUSE Security Incidents Incidents sndirsch IN_P --- VUL-0: CVE-2023-48368: libmfx: improper input validation Thu 14:10
1226895 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38621: kernel: media: stk1160: fix bounds checking in stk1160_copy_video() Thu 16:36
1226886 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38780: kernel: dma-buf/sw-sync: don't enable IRQ from sync_print_obj() Thu 16:36
1226885 SUSE Security Incidents Incidents shung-hsi.yu NEW --- VUL-0: CVE-2024-38662: kernel: bpf: allow delete from sockmap/sockhash only if update is allowed 2024-06-25
1226883 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38659: kernel: enic: validate length of nl attributes in enic_set_vf_port Thu 16:36
1226882 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38637: kernel: greybus: lights: check return of get_channel_from_mode 2024-06-25
1226876 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38601: kernel: ring-buffer: fix a race between readers and resize checks Thu 16:36
1226875 SUSE Security Incidents Incidents jgross NEW --- VUL-0: CVE-2024-37353: kernel: virtio: delete vq in vp_find_vqs_msix() when request_irq() fails 2024-07-08
1226874 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-36489: kernel: tls: fix missing memory barrier in tls_init 2024-06-25
1226873 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38607: kernel: macintosh/via-macii: Fix "BUG: sleeping function called from invalid context" 2024-06-25
1226869 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38620: kernel: Bluetooth: HCI: Remove HCI_AMP support 2024-06-25
1226868 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38634: kernel: serial: max3100: Lock port->lock when calling uart_handle_cts_change() 2024-07-10
1226867 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38633: kernel: serial: max3100: Update uart_driver_registered on driver removal 2024-07-10
1226864 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38600: kernel: ALSA: fix deadlocks with kctl removals at disconnection 2024-07-10
1226863 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38635: kernel: soundwire: cadence: fix invalid PDI offset 2024-07-10
1226861 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38619: kernel: usb-storage: alauda: Check whether the media is initialized Thu 16:36
1226858 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38624: kernel: fs/ntfs3: Use 64 bit variable to avoid 32 bit overflow 2024-06-25
1226857 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38627: kernel: stm class: Fix a double free in stm_register_device() Thu 16:36
1226856 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38622: kernel: drm/msm/dpu: Add callback function pointer check before its call 2024-07-08
1226855 SUSE Security Incidents Incidents mkubecek IN_P --- VUL-0: CVE-2024-38612: kernel: ipv6: sr: fix invalid unregister error path 2024-07-02
1226854 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38625: kernel: fs/ntfs3: Check 'folio' pointer for NULL 2024-06-25
1226851 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38623: kernel: fs/ntfs3: Use variable length array instead of fixed size 2024-06-25
1226848 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38599: kernel: jffs2: prevent xattr node from overflowing the eraseblock 2024-07-10
1226846 SUSE Security Incidents Incidents mkoutny NEW --- VUL-0: CVE-2024-38596: kernel: af_unix: fix data races in unix_release_sock/unix_stream_sendmsg 2024-06-25
1226842 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38603: kernel: drivers/perf: hisi: hns3: Actually use devm_add_action_or_reset() 2024-07-10
1226841 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-36478: kernel: null_blk: fix null-ptr-dereference while configuring 'power' and 'submit_queues' 2024-07-10
1226839 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38590: kernel: RDMA/hns: Modify the print level of CQE error 2024-07-10
1226837 SUSE Security Incidents Incidents petr.pavlu NEW --- VUL-0: CVE-2024-38588: kernel: ftrace: Fix possible use-after-free issue in ftrace_location() 2024-07-08
1226833 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-37356: kernel: tcp: Fix shift-out-of-bounds in dctcp_update_alpha(). 2024-06-25
1226801 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-36286: kernel: netfilter: nfnetlink_queue: acquire rcu_read_lock() in instance_destroy_rcu() 2024-06-21
1226799 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-36281: kernel: net/mlx5: use mlx5_ipsec_rx_status_destroy to correctly delete status rules 2024-07-08
1226798 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-36270: kernel: netfilter: tproxy: bail out if IP has been disabled on the device 2024-06-21
1226797 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-36244: kernel: net/sched: taprio: extend minimum interval restriction to entire cycle too 2024-07-04
1226790 SUSE Security Incidents Incidents shung-hsi.yu NEW --- VUL-0: CVE-2024-38566: kernel: bpf: fix verifier assumptions about socket->sk 2024-07-08
1226789 SUSE Security Incidents Incidents shung-hsi.yu IN_P --- VUL-0: CVE-2024-38564: kernel: bpf: add BPF_PROG_TYPE_CGROUP_SKB attach type enforcement in BPF_LINK_CREATE Tue 08:30
1226786 SUSE Security Incidents Incidents lduncan IN_P --- VUL-0: CVE-2024-38560: kernel: scsi: bfa: ensure the copied buf is NUL terminated 14:36:57
1226785 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38559: kernel: scsi: qedf: ensure the copied buf is NUL terminated Tue 17:42
1226783 SUSE Security Incidents Incidents vasant.karasulli NEW --- VUL-0: CVE-2024-38558: kernel: net: openvswitch: fix overwriting ct original tuple for ICMPv6 2024-07-12
1226781 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38557: kernel: net/mlx5: reload only IB representors upon lag disable/enable 2024-07-10
1226775 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38570: kernel: gfs2: Fix potential glock use-after-free on unmount 2024-07-08
1226774 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38556: kernel: net/mlx5: add a timeout to acquire the command queue semaphore 2024-07-10
1226772 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38569: kernel: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group 2024-07-08
1226771 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38568: kernel: drivers/perf: hisi: hns3: Fix out-of-bound access when valid event group 2024-07-10
1226770 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-33621: kernel: ipvlan: Dont Use skb->sk in ipvlan_process_v{4,6}_outbound Wed 12:19
1226769 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38567: kernel: wifi: carl9170: add a proper sanity check for endpoints Thu 16:36
1226768 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-33619: kernel: efi: libstub: only free priv.runtime_map when allocated 2024-07-10
1226767 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38552: kernel: drm/amd/display: fix potential index out of bounds in color transformation function 17:12:12
1226765 SUSE Security Incidents Incidents fweisbecker NEW --- VUL-0: CVE-2024-31076: kernel: genirq/cpuhotplug, x86/vector: Prevent vector leak during CPU offline 2024-06-21
1226764 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2023-52884: kernel: Input: cyapa - add missing input core locking to suspend/resume functions 2024-07-10
1226760 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38611: kernel: media: i2c: et8ek8: don't strip remove function when driver is builtin 2024-07-08
1226758 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38610: kernel: drivers/virt/acrn: fix PFNMAP PTE checks in acrn_vm_ram_map() Tue 08:30
1226757 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38598: kernel: md: fix resync softlockup when bitmap size is less than array size Thu 16:36
1226754 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38618: kernel: ALSA: timer: Set lower bound of start tick time Thu 16:36
1226750 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38586: kernel: r8169: Fix possible ring buffer corruption on fragmented Tx packets. Wed 12:29
1226749 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38597: kernel: eth: sungem: remove .ndo_poll_controller to avoid deadlocks Thu 16:36
1226748 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-38589: kernel: netrom: fix possible dead-lock in nr_rt_ioctl() 2024-06-21
1226747 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38565: kernel: wifi: ar5523: enable proper endpoint verification Thu 16:36
1226746 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38608: kernel: net/mlx5e: fix netif state handling Thu 16:36
1226744 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38553: kernel: net: fec: remove .ndo_poll_controller to avoid deadlocks Thu 16:36
1226742 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-38554: kernel: ax25: Fix reference count leak issue of net_device 2024-07-08
1226740 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38605: kernel: ALSA: core: Fix NULL module pointer assignment at card init 2024-07-10
1226739 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38573: kernel: cppc_cpufreq: Fix possible null pointer dereference 2024-07-10
1226738 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38591: kernel: RDMA/hns: Fix deadlock on SRQ async events. 2024-07-10
1226737 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38571: kernel: thermal/drivers/tsens: Fix null pointer dereference 2024-07-10
1226736 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38561: kernel: kunit: Fix kthread reference 2024-06-21
1226735 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38549: kernel: drm/mediatek: Add 0 size check to mtk_drm_gem_obj Thu 16:36
1226734 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38594: kernel: net: stmmac: move the EST lock to struct stmmac_priv 2024-07-10
1226730 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48770: kernel: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() 2024-07-10
1226719 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48735: kernel: ALSA: hda: Fix UAF of leds class devs at unbinding 2024-07-10
1226718 SUSE Security Incidents Incidents fdmanana NEW --- VUL-0: CVE-2022-48733: kernel: btrfs: fix use-after-free after failure to create a snapshot Thu 16:36
1226716 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48732: kernel: drm/nouveau: fix off by one in BIOS boundary checking Thu 16:36
1226712 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48760: kernel: USB: core: Fix hang in usb_kill_urb by adding memory barriers Thu 16:36
1226711 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48759: kernel: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev Thu 16:36
1226708 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48758: kernel: scsi: bnx2fc: Flush destroy_work queue before calling bnx2fc_interface_put() Thu 16:36
1226706 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48755: kernel: powerpc64/bpf: Limit 'ldbrx' to processors compliant with ISA v2.06 2024-07-10
1226705 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48743: kernel: net: amd-xgbe: Fix skb data length underflow Thu 16:36
1226704 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48766: kernel: drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU. 2024-07-10
1226701 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48761: kernel: usb: xhci-plat: fix crash when suspend if remote wake enable Thu 16:36
1226698 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48756: kernel: drm/msm/dsi: invalid parameter check in msm_dsi_phy_enable Thu 16:36
1226696 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2022-48744: kernel: net/mlx5e: Avoid field-overflowing memcpy() 2024-07-10
1226695 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2022-48757: kernel: net: fix information leakage in /proc/net/ptype 2024-06-21
1226694 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2022-48742: kernel: rtnetlink: make sure to refresh master_dev/m_ops in __rtnl_newlink() 2024-07-04
1226692 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48754: kernel: phylib: fix potential use-after-free Thu 16:36
1226679 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48717: kernel: ASoC: max9759: fix underflow in speaker_gain_control_put() 2024-07-10
1226678 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48716: kernel: ASoC: codecs: wcd938x: fix incorrect used of portid 2024-07-10
1226674 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48738: kernel: ASoC: ops: Reject out of bounds values in snd_soc_put_volsw() 2024-07-10
1226669 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2021-47620: kernel: Bluetooth: refactor malicious adv data check 2024-07-10
1226660 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-28397: python-Js2Py: an issue in the component js2py.disable_pyimport() of js2py up to v0.74 allows attackers to execute arbitrary code via a crafted API call. 2024-07-04
1226653 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48751: kernel: net/smc: transitional solution for clcsock race issue Tue 11:09
1226645 SUSE Security Incidents Incidents tbogendoerfer NEW --- VUL-0: CVE-2021-47619: kernel: i40e: Fix queues reservation for XDP 2024-07-10
1226642 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-6387: openssh: regression of CVE-2006-5051 Wed 16:30
1226637 SUSE Security Incidents Incidents duwe IN_P --- VUL-0: CVE-2024-38579: kernel: crypto: bcm - fix pointer arithmetic Thu 16:36
1226634 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38578: kernel: ecryptfs: fix buffer size for tag 66 packet Thu 16:36
1226633 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38550: kernel: ASoC: kirkwood: Fix potential NULL dereference 2024-07-10
1226632 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38547: kernel: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries 2024-07-10
1226631 SUSE Security Incidents Incidents fweisbecker NEW --- VUL-0: CVE-2024-38577: kernel: rcu-tasks: fix show_rcu_tasks_trace_gp_kthread buffer overflow 2024-06-20
1226629 SUSE Security Incidents Incidents jlee NEW --- VUL-0: CVE-2022-48769: kernel: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines 2024-07-10
1226628 SUSE Security Incidents Incidents jgross NEW --- VUL-0: CVE-2022-48763: kernel: KVM: x86: Forcibly leave nested virt when SMM state is toggled 2024-07-10
1226626 SUSE Security Incidents Incidents wqu NEW --- VUL-0: CVE-2022-48734: kernel: btrfs: fix deadlock between quota disable and qgroup rescan worker 2024-07-10
1226624 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48724: kernel: iommu/vt-d: Fix potential memory leak in intel_setup_irq_remapping() 2024-07-10
1226623 SUSE Security Incidents Incidents fweisbecker NEW --- VUL-0: CVE-2024-38576: kernel: rcu: fix buffer overflow in print_cpu_stall_info() 2024-06-20
1226622 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2022-48714: kernel: bpf: Use VM_MAP instead of VM_ALLOC for ringbuf 2024-07-10
1226621 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2022-48715: kernel: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Thu 16:36
1226613 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2024-38602: kernel: ax25: Fix reference count leak issues of ax25_dev 2024-07-08
1226610 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38580: kernel: epoll: be better about file lifetimes Thu 16:36
1226607 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38555: kernel: net/mlx5: Discard command completions in internal error 2024-07-10
1226606 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-38538: kernel: net: bridge: xmit: make sure we have at least eth header len bytes 2024-07-04
1226604 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2024-36979: kernel: net: bridge: mst: fix vlan use-after-free Tue 14:17
1226597 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38544: kernel: RDMA/rxe: fix seg fault in rxe_comp_queue_pkt Thu 16:36
1226595 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38545: kernel: RDMA/hns: Fix UAF for cq async event Thu 16:36
1226593 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2024-38546: kernel: drm: vc4: Fix possible null pointer dereference Thu 16:36
1226592 SUSE Security Incidents Incidents giovanni.gherdovich NEW --- VUL-0: CVE-2024-38615: kernel: cpufreq: exit() callback is optional 2024-07-08
1226587 SUSE Security Incidents Incidents security-team IN_P --- VUL-0: CVE-2024-38541: kernel: of: module: add buffer overflow check in of_modalias() Tue 08:30
1226585 SUSE Security Incidents Incidents mkubecek NEW --- VUL-0: CVE-2021-47612: kernel: nfc: fix segfault in nfc_genl_dump_devices_done 2024-07-10
1226583 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2021-47611: kernel: mac80211: validate extended element ID is present 2024-07-10
1226575 SUSE Security Incidents Incidents security-team NEW --- VUL-0: CVE-2021-47600: kernel: dm btree remove: fix use after free in rebalance_children() Thu 16:36
1226574 SUSE Security Incidents Incidents davide.benini NEW --- VUL-0: CVE-2021-47598: kernel: sch_cake: do not call cake_destroy() from cake_init() 2024-07-07
1226571 SUSE Security Incidents Incidents dsterba IN_P --- VUL-0: CVE-2021-47599: kernel: btrfs: use latest_dev in btrfs_show_devname 2024-06-21
This result was limited to 500 bugs. See all search results for this query.
CSV Feed iCal
as