kernel-source (SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 11 SP4 LTSS EXTREME CORE package kernel-source, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2026-31607 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a…
CVE-2026-31402 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay…
CVE-2026-43037 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the…
CVE-2026-31685 — CVSS 9.4 (critical): In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets…
CVE-2021-47347 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function…
CVE-2021-47323 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This…
CVE-2021-47324 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's…
CVE-2016-20022 — CVSS 8.4 (high): In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint…
CVE-2026-43190 — CVSS 8.2 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_tcpmss: check remaining length before reading optlen…
CVE-2022-48919 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When…
CVE-2021-4439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The…
CVE-2021-47321 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This…
CVE-2021-47391 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Ensure rdma_addr_cancel() happens before issuing more…
CVE-2021-47485 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: IB/qib: Protect from buffer overflow in struct qib_user_sdma_pkt fields…
CVE-2021-47520 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: pch_can: pch_can_rx_normal: fix use after free After calling…
CVE-2021-47589 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igbvf: fix double free in `igbvf_probe` In `igbvf_probe`, if…
CVE-2021-47600 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dm btree remove: fix use after free in rebalance_children() Move…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2022-1652 — CVSS 7.8 (high): Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2022-3424 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by…
CVE-2022-4095 — CVSS 7.8 (high): A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c…
CVE-2022-45934 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via…
CVE-2022-48791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a…
CVE-2022-49288 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent prealloc proc writes We have no…
CVE-2022-49291 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix races among concurrent hw_params and hw_free calls…
CVE-2022-50067 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: unset reloc control if transaction commit fails in…
CVE-2022-50252 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igb: Do not free q_vector unless new one was allocated Avoid potential…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2023-1670 — CVSS 7.8 (high): A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to…
CVE-2023-2007 — CVSS 7.8 (high): The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations…
CVE-2023-23559 — CVSS 7.8 (high): In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2023-3111 — CVSS 7.8 (high): A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-52445 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module…
CVE-2023-52475 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete…
CVE-2023-52591 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change…
CVE-2023-52752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip…
CVE-2023-52973 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vc_screen: move load of struct vc_data pointer in vcs_read() to avoid…
CVE-2023-52974 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi_tcp: Fix UAF during login when accessing the shost…
CVE-2023-53000 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes…
CVE-2023-53282 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free KFENCE violation during sysfs firmware…
CVE-2023-53322 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Wait for io return on terminate rport System crash due…
CVE-2023-53395 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer ACPICA commit…
CVE-2023-53676 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix buffer overflow in lio_target_nacl_info_show()…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2024-26898 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This…
CVE-2024-26930 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan…
CVE-2024-27043 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device…
CVE-2024-35863 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions…
CVE-2024-40902 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is…
CVE-2024-42104 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nilfs2: add missing check for inode numbers on directory entries Syzbot…
CVE-2024-42148 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings…
CVE-2024-49982 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing…
CVE-2024-53057 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: stop qdisc_tree_reduce_backlog on TC_H_ROOT In…
CVE-2024-53141 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When…
CVE-2024-53156 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: add range check for conn_rsp_epid in htc_connect_service()…
CVE-2024-53173 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: NFSv4.0: Fix a use-after-free problem in the asynchronous open() Yang…
CVE-2024-53239 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: 6fire: Release resources at card release The current 6fire code…
CVE-2024-56548 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: hfsplus: don't query the device logical block size multiple times…
CVE-2024-56598 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: jfs: array-index-out-of-bounds fix in dtReadFirst The value of stbl can…
CVE-2024-56600 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: inet6: do not leave a dangling sk pointer in inet6_create()…
CVE-2024-56601 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: inet: do not leave a dangling sk pointer in inet_create()…
CVE-2024-56604 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: RFCOMM: avoid leaving dangling sk pointer in…
CVE-2024-56605 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: do not leave dangling sk pointer on error in…
CVE-2024-56619 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential out-of-bounds memory access in nilfs_find_entry()…
CVE-2024-56658 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: defer final 'struct net' free in netns dismantle Ilya reported a…
CVE-2024-56759 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free when COWing tree bock and tracing is enabled…
CVE-2024-57850 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: jffs2: Prevent rtime decompress memory corruption The rtime…
CVE-2025-21700 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: sched: Disallow replacing of child qdisc from one parent to…
CVE-2025-21702 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pfifo_tail_enqueue: Drop new packet when sch->limit == 0 Expected…
CVE-2025-21772 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: partitions: mac: fix handling of bogus partition table Fix several…
CVE-2025-22004 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees…
CVE-2025-38079 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: algif_hash - fix double free in hash_accept If accept(2) is…
CVE-2025-38685 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: fbdev: Fix vmalloc out-of-bounds write in fast_imageblit This issue…
CVE-2026-23074 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design…
CVE-2026-23089 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix use-after-free in snd_usb_mixer_free() When…
CVE-2026-23191 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of…
CVE-2026-23271 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: perf: Fix __perf_event_overflow() vs perf_remove_from_context() race…
CVE-2026-43126 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: mixer: oss: Add card disconnect checkpoints ALSA OSS mixer layer…
CVE-2026-43437 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: fix use-after-free on linked stream runtime in…
CVE-2026-43499 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: rtmutex: Use waiter::task instead of current in remove_waiter()…
CVE-2019-3900 — CVSS 7.7 (high): An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming…
CVE-2023-52340 — CVSS 7.5 (high): The IPv6 implementation in the Linux kernel before 6.3 has a net/ipv6/route.c max_size threshold that can be consumed easily, e.g., leading…
CVE-2022-36946 — CVSS 7.5 (high): nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service…
CVE-2023-3141 — CVSS 7.1 (high): A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a…
CVE-2023-3268 — CVSS 7.1 (high): An out of bounds (OOB) memory access flaw was found in the Linux kernel in relay_file_read_start_pos in kernel/relay.c in the relayfs. This…
CVE-2023-53117 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: fs: prevent out-of-bounds array speculation when closing a file…
CVE-2022-1353 — CVSS 7.1 (high): A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged…
CVE-2023-3567 — CVSS 7.1 (high): A use-after-free flaw was found in vcs_read in drivers/tty/vt/vc_screen.c in vc_screen in the Linux Kernel. This issue may allow an…
CVE-2021-47633 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ath5k: fix OOB in ath5k_eeprom_read_pcal_info_5111 The bug was found…
CVE-2025-38713 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc() The…
CVE-2024-38599 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: jffs2: prevent xattr node from overflowing the eraseblock Add a check…
CVE-2024-47757 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential oob read in nilfs_btree_check_delete() The…
CVE-2024-49860 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: ACPI: sysfs: validate return type of _STR method Only buffer objects…
CVE-2024-38538 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: net: bridge: xmit: make sure we have at least eth header len bytes…
CVE-2021-47383 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: tty: Fix out-of-bound vmalloc access in imageblit This issue happens…
CVE-2023-6606 — CVSS 7.1 (high): An out-of-bounds read vulnerability was found in smbCalcSize in fs/smb/client/netmisc.c in the Linux Kernel. This issue could allow a local…
CVE-2022-41858 — CVSS 7.1 (high): A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in…
CVE-2024-35937 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: check A-MSDU format more carefully If it looks like…
CVE-2022-50200 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry()…
CVE-2021-47219 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The…
CVE-2022-50211 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: md-raid10: fix KASAN warning There's a KASAN warning in…
CVE-2021-47110 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: x86/kvm: Disable kvmclock on all CPUs on shutdown Currenly, we disable…
CVE-2026-46243 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: reject userspace cifs.spnego descriptions cifs.spnego key…
CVE-2024-56650 — CVSS 7.1 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: x_tables: fix LED ID check in led_tg_check() Syzbot has…
CVE-2023-35824 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in dm1105_remove in drivers/media/pci/dm1105/dm1105.c.
CVE-2024-43882 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: exec: Fix ToCToU between perm check and set-uid/gid usage When opening…
CVE-2022-45919 — CVSS 7.0 (high): An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there…
CVE-2022-1048 — CVSS 7.0 (high): A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The…
CVE-2025-21718 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only…
CVE-2023-1077 — CVSS 7.0 (high): In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry…
CVE-2024-43883 — CVSS 7.0 (high): In the Linux kernel, the following vulnerability has been resolved: usb: vhci-hcd: Do not drop references before new references are gained…
CVE-2023-1989 — CVSS 7.0 (high): A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove…
CVE-2023-6270 — CVSS 7.0 (high): A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on…
CVE-2017-2636 — CVSS 7.0 (high): Race condition in drivers/tty/n_hdlc.c in the Linux kernel through 4.10.1 allows local users to gain privileges or cause a denial of…
CVE-2023-51782 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept…
CVE-2022-3028 — CVSS 7.0 (high): A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to…
CVE-2023-51780 — CVSS 7.0 (high): An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg…
CVE-2023-51779 — CVSS 7.0 (high): bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race…
CVE-2022-20166 — CVSS 6.7 (medium): In various methods of kernel base drivers, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local…
CVE-2022-20369 — CVSS 6.7 (medium): In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local…
CVE-2022-21499 — CVSS 6.7 (medium): KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a…
CVE-2021-33655 — CVSS 6.7 (medium): When sending malicous data to kernel by ioctl cmd FBIOPUT_VSCREENINFO,kernel will write memory out of bounds.
CVE-2022-43750 — CVSS 6.7 (medium): drivers/usb/mon/mon_bin.c in usbmon in the Linux kernel before 5.19.15 and 6.x before 6.0.1 allows a user-space client to corrupt the…
CVE-2021-34981 — CVSS 6.7 (medium): Linux Kernel Bluetooth CMTP Module Double Free Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate…
CVE-2018-9517 — CVSS 6.7 (medium): In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with…
CVE-2023-3159 — CVSS 6.7 (medium): A use after free issue was discovered in driver/firewire in outbound_phy_packet_callback in the Linux Kernel. In this flaw a local attacker…
CVE-2023-39192 — CVSS 6.7 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The xt_u32 module did not validate the fields in the xt_u32 structure…
CVE-2023-32269 — CVSS 6.7 (medium): An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also…
CVE-2021-47580 — CVSS 6.6 (medium): In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix type in min_t to avoid stack OOB Change min_t()…
CVE-2022-40982 — CVSS 6.5 (medium): Information exposure through microarchitectural state after transient execution in certain vector execution units for some Intel(R)…
CVE-2023-0459 — CVSS 6.5 (medium): Copy_from_user on 64-bit versions of the Linux kernel does not implement the __uaccess_begin_nospec allowing a user to bypass the…
CVE-2023-1192 — CVSS 6.5 (medium): A use-after-free flaw was found in smb2_is_status_io_timeout() in CIFS in the Linux Kernel. After CIFS transfers response data to a system…
CVE-2023-28746 — CVSS 6.5 (medium): Information exposure through microarchitectural state after transient execution from some register files for some Intel(R) Atom(R)…
CVE-2021-26341 — CVSS 6.5 (medium): Some AMD CPUs may transiently execute beyond unconditional direct branches, which may potentially result in data leakage.
CVE-2022-29900 — CVSS 6.5 (medium): Mis-trained branch predictions for return instructions may allow arbitrary speculative code execution under certain microarchitecture-depend…
CVE-2022-44032 — CVSS 6.4 (medium): An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant…
CVE-2022-44033 — CVSS 6.4 (medium): An issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant…
CVE-2023-45863 — CVSS 6.4 (medium): An issue was discovered in lib/kobject.c in the Linux kernel before 6.2.3. With root access, an attacker can trigger a race condition that…
CVE-2022-1462 — CVSS 6.3 (medium): An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition…
CVE-2024-57893 — CVSS 6.3 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: seq: oss: Fix races at processing SysEx messages OSS sequencer…
CVE-2020-16119 — CVSS 6.3 (medium): Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached…
CVE-2022-21385 — CVSS 6.2 (medium): A flaw in net_rds_alloc_sgs() in Oracle Linux kernels allows unprivileged local users to crash the machine. CVSS 3.1 Base Score 6.2…
CVE-2023-39193 — CVSS 6.1 (medium): A flaw was found in the Netfilter subsystem in the Linux kernel. The sctp_mt_check did not validate the flag_count field. This flaw allows…
CVE-2019-3837 — CVSS 6.1 (medium): It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged…
CVE-2023-1206 — CVSS 5.7 (medium): A hash collision flaw was found in the IPv6 connection lookup table in the Linux kernel’s IPv6 functionality when a user makes a new kind…
CVE-2017-5753 — CVSS 5.6 (medium): Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an…
CVE-2022-29901 — CVSS 5.6 (medium): Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the…
CVE-2024-56539 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Fix memcpy() field-spanning write warning in…
CVE-2023-52880 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: require CAP_NET_ADMIN to attach N_GSM0710 ldisc Any…
CVE-2023-52881 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tcp: do not accept ACK of bytes we never sent This patch is based on a…
CVE-2025-38200 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: i40e: fix MMIO write access to an invalid page in i40e_clear_hw When…
CVE-2023-23454 — CVSS 5.5 (medium): cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds…
CVE-2023-53032 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create()…
CVE-2023-2162 — CVSS 5.5 (medium): A use-after-free vulnerability was found in iscsi_sw_tcp_session_create in drivers/scsi/iscsi_tcp.c in SCSI sub-component in the Linux…
CVE-2023-53147 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: xfrm: add NULL check in xfrm_update_ae_params Normally, x->replay_esn…
CVE-2025-38498 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure…
CVE-2023-53365 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ip6mr: Fix skb_under_panic in ip6mr_cache_report() skbuff…
CVE-2023-20593 — CVSS 5.5 (medium): An issue in “Zen 2” CPUs, under specific microarchitectural circumstances, may allow an attacker to potentially access sensitive…
CVE-2023-20588 — CVSS 5.5 (medium): A division-by-zero error on some AMD processors can potentially return speculative data resulting in loss of confidentiality.
CVE-2024-53063 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: dvbdev: prevent the risk of out of memory access The dvbdev…
CVE-2025-21738 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ata: libata-sff: Ensure that we cannot write outside the allocated…
CVE-2024-23851 — CVSS 5.5 (medium): copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because…
CVE-2024-26733 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown…
CVE-2022-21123 — CVSS 5.5 (medium): Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable…
CVE-2025-21971 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net_sched: Prevent creation of classes with TC_H_ROOT The function…
CVE-2023-4385 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in dbFree in fs/jfs/jfs_dmap.c in the journaling file system (JFS) in the Linux Kernel. This…
CVE-2023-4459 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in vmxnet3_rq_cleanup in drivers/net/vmxnet3/vmxnet3_drv.c in the networking sub-component in…
CVE-2017-13695 — CVSS 5.5 (medium): The acpi_ns_evaluate() function in drivers/acpi/acpica/nseval.c in the Linux kernel through 4.12.9 does not flush the operand cache and…
CVE-2023-31085 — CVSS 5.5 (medium): An issue was discovered in drivers/mtd/ubi/cdev.c in the Linux kernel 6.2. There is a divide-by-zero error in do_div(sz,mtd->erasesize)…
CVE-2023-28328 — CVSS 5.5 (medium): A NULL pointer dereference flaw was found in the az6027 driver in drivers/media/usb/dev-usb/az6027.c in the Linux Kernel. The message from…
CVE-2023-23455 — CVSS 5.5 (medium): atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type…
CVE-2023-52429 — CVSS 5.5 (medium): dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX…
CVE-2024-53164 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: sched: fix ordering of qlen adjustment Changes to sch->q.qlen…
CVE-2023-52449 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: mtd: Fix gluebi NULL pointer dereference caused by ftl notifier If both…
CVE-2023-52590 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ocfs2: Avoid touching renamed directory if parent does not change The…
CVE-2025-38177 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: sch_hfsc: make hfsc_qlen_notify() idempotent hfsc_qlen_notify() is not…
CVE-2022-50381 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: md: fix a crash in mempool_free There's a crash in mempool_free when…
CVE-2021-43389 — CVSS 5.5 (medium): An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in…
CVE-2021-45868 — CVSS 5.5 (medium): In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for…
CVE-2021-46904 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple…
CVE-2021-46905 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: net: hso: fix NULL-deref on disconnect regression Commit 8a12f8836145…
CVE-2021-46932 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: Input: appletouch - initialize work before device registration Syzbot…
CVE-2021-47104 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: IB/qib: Fix memory leak in qib_user_sdma_queue_pkts() The wrong goto…
CVE-2022-50272 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer() Wei…
CVE-2022-50116 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: tty: n_gsm: fix deadlock and link starvation in outgoing data path The…
CVE-2022-49937 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: media: mceusb: Use new usb_control_msg_*() routines Automatic kernel…
CVE-2018-7755 — CVSS 5.5 (medium): An issue was discovered in the fd_locked_ioctl function in drivers/block/floppy.c in the Linux kernel through 4.15.7. The floppy driver…
CVE-2024-36964 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: fs/9p: only translate RWX permissions for plain 9P2000 Garbage in plain…
CVE-2022-49545 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Cancel pending work at closing a MIDI substream At…
CVE-2021-47511 — CVSS 5.5 (medium): In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size…