VYPR

Linux Enterprise Debuginfo

by SUSE S.A.

CVEs (348)

  • CVE-2015-5194HigJul 21, 2017
    risk 0.42cvss 7.5epss 0.06

    The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

  • CVE-2016-5412MedAug 6, 2016
    risk 0.42cvss 6.5epss 0.00

    arch/powerpc/kvm/book3s_hv_rmhandlers.S in the Linux kernel through 4.7 on PowerPC platforms, when CONFIG_KVM_BOOK3S_64_HV is enabled, allows guest OS users to cause a denial of service (host OS infinite loop) by making a H_CEDE hypercall during the existence of a suspended…

  • CVE-2015-8746HigMay 2, 2016
    risk 0.42cvss 7.5epss 0.03

    fs/nfs/nfs4proc.c in the NFS client in the Linux kernel before 4.2.2 does not properly initialize memory for migration recovery operations, which allows remote NFS servers to cause a denial of service (NULL pointer dereference and panic) via crafted network traffic.

  • CVE-2026-46230HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/vcn3: Prevent OOB reads when parsing dec msg Check bounds against the end of the BO whenever we access the msg.

  • CVE-2026-46203HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: spi: cadence-quadspi: fix unclocked access on unbind Make sure that the controller is runtime resumed before disabling it during driver unbind to avoid an unclocked register access. This issue was flagged by…

  • CVE-2026-46191HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fbcon: Avoid OOB font access if console rotation fails Clear the font buffer if the reallocation during console rotation fails in fbcon_rotate_font(). The putcs implementations for the rotated buffer will…

  • CVE-2026-46190HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mtd: spi-nor: debugfs: fix out-of-bounds read in spi_nor_params_show() Sashiko noticed an out-of-bounds read [1]. In spi_nor_params_show(), the snor_f_names array is passed to spi_nor_print_flags() using…

  • CVE-2026-46154HigMay 28, 2026
    risk 0.39cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sched_ext: Read scx_root under scx_cgroup_ops_rwsem in cgroup setters scx_group_set_{weight,idle,bandwidth}() cache scx_root before acquiring scx_cgroup_ops_rwsem, so the pointer can be stale by the time the…

  • CVE-2026-46149HigMay 28, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: target: configfs: Bound snprintf() return in tg_pt_gp_members_show() target_tg_pt_gp_members_show() formats LUN paths with snprintf() into a 256-byte stack buffer, then will memcpy() cur_len bytes from…

  • CVE-2026-43450HigMay 8, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_cthelper: fix OOB read in nfnl_cthelper_dump_table() nfnl_cthelper_dump_table() has a 'goto restart' that jumps to a label inside the for loop body. When the "last" helper saved in…

  • CVE-2026-43442HigMay 8, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring: fix physical SQE bounds check for SQE_MIXED 128-byte ops When IORING_SETUP_SQE_MIXED is used without IORING_SETUP_NO_SQARRAY, the boundary check for 128-byte SQE operations in io_init_req() validated…

  • CVE-2026-31426HigApr 13, 2026
    risk 0.39cvss 7.0epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ACPI: EC: clean up handlers on probe failure in acpi_ec_setup() When ec_install_handlers() returns -EPROBE_DEFER on reduced-hardware platforms, it has already started the EC and installed the address space…

  • CVE-2026-31407HigApr 6, 2026
    risk 0.39cvss 7.1epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack: add missing netlink policy validations Hyunwoo Kim reports out-of-bounds access in sctp and ctnetlink. These attributes are used by the kernel without any validation. Extend the netlink…

  • CVE-2023-45896HigAug 28, 2024
    risk 0.39cvss 7.1epss 0.00

    ntfs3 in the Linux kernel through 6.8.0 allows a physically proximate attacker to read kernel memory by mounting a filesystem (e.g., if a Linux distribution is configured to allow unprivileged mounts of removable media) and then leveraging local access to trigger an…

  • CVE-2023-51779HigFeb 29, 2024
    risk 0.39cvss 7.0epss 0.00

    bt_sock_recvmsg in net/bluetooth/af_bluetooth.c in the Linux kernel through 6.6.8 has a use-after-free because of a bt_sock_ioctl race condition.

  • CVE-2018-7273MedFeb 21, 2018
    risk 0.39cvss 5.5epss 0.02

    In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the…

  • CVE-2026-47334MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain AppArmor SAUCE patches which incorrectly sleep while holding a spinlock in notification handling code. The bug can be triggered by an unprivileged local user and can result in kernel panic or deadlock.

  • CVE-2026-47326MedMay 28, 2026
    risk 0.36cvss 5.5epss 0.00

    Ubuntu Linux 6.8, 6.17 and 7.0 contain SAUCE patches with a memory leak in the handling of big responses to AppArmor notifications. The bug can be triggered by an unprivileged local user. The memory leak could lead to resource exhaustion.

  • CVE-2018-7754MedAug 10, 2018
    risk 0.36cvss 5.5epss 0.00

    The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.

  • CVE-2018-5995MedAug 7, 2018
    risk 0.36cvss 5.5epss 0.00

    The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

Page 6 of 18