CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

3432 matches found

RedHat Linux•added 2025/05/13 8:28 a.m.•4 views

kernel: sysctl: always initialize i_uid/i_gid

In the Linux kernel, the following vulnerability has been resolved: sysctl: always initialize iuid/igid Always initialize iuid/igid inside the sysfs core so setownership can safely skip setting them. Commit 5ec27ec735ba "fs/proc/procsysctl.c: fix the default values of iuid/igid on /proc/sys...

5.5CVSS6.7AI score0.00216EPSS

Exploits0References5

RedHat Linux•added 2025/05/13 8:28 a.m.•5 views

kernel: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name

In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dumpmapping accessing invalid dentry.dname.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: ------------ cut here...

4.6CVSS6.8AI score0.00388EPSS

Exploits0References5

SUSE CVE•added 2025/05/12 1:6 a.m.•1 views

SUSE CVE-2022-49890

In the Linux kernel, the following vulnerability has been resolved: capabilities: fix potential memleak on error path from vfsgetxattralloc In capinodegetsecurity, we will use vfsgetxattralloc to complete the memory allocation of tmpbuf, if we have completed the memory allocation of tmpbuf, but...

5.5CVSS6.3AI score0.00178EPSS

Exploits0References9

SUSE CVE•added 2025/05/09 4:54 a.m.•2 views

SUSE CVE-2022-49913

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at findparentnodes During backref walking, at findparentnodes, if we are dealing with a data extent and we get an error while resolving the indirect backrefs, at...

5.5CVSS6.4AI score0.00166EPSS

Exploits0References4

SUSE CVE•added 2025/05/09 3:23 a.m.•2 views

SUSE CVE-2025-37806

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Keep write operations atomic syzbot reported a NULL pointer dereference in genericfilewriteiter. 1 Before the write operation is completed, the user executes ioctl2 to clear the compress flag of the file, which causes t...

5.5CVSS6.4AI score0.00157EPSS

Exploits0References3

OSV•added 2025/05/08 7:15 a.m.•1 views

DEBIAN-CVE-2025-37806

5.5CVSS5.6AI score0.00157EPSS

Exploits0References1

OSV•added 2025/05/08 7:15 a.m.•1 views

UBUNTU-CVE-2025-37806

5.5CVSS6.2AI score0.00157EPSS

Exploits0References6

CVE•added 2025/05/08 6:26 a.m.•88 views

CVE-2025-37806

CVE-2025-37806 affects Linux kernel fs/ntfs3 write path. A NULL pointer dereference can occur in __generic_file_write_iter when an ioctl clears the file’s compress flag during a write, causing is_compressed() to return 0 and the code to call the wrong AOP, leading to a null dereference in write_b...

5.5CVSS5.2AI score0.00157EPSS

Exploits0References3Affected Software1

OSV•added 2025/05/08 6:26 a.m.•8 views

CVE-2025-37806 fs/ntfs3: Keep write operations atomic

5.5CVSS5.9AI score0.00157EPSS

Exploits0References6

CNNVD•added 2025/05/08 12:0 a.m.•2 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a null pointer dereference due to unused inode lock synchronization ioctl and write operations...

5.5CVSS6.4AI score0.00157EPSS

Exploits0References3

SUSE CVE•added 2025/05/07 2:19 a.m.•2 views

SUSE CVE-2022-49914

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix inode list leak during backref walking at resolveindirectrefs During backref walking, at resolveindirectrefs, if we get an error we jump to the 'out' label and call ulistfree on the 'parents' ulist, which frees all the...

5.5CVSS6.5AI score0.00166EPSS

Exploits0References4

OSV•added 2025/05/05 9:36 p.m.•8 views

CLSA-2025-1746479711 kernel-uek: Fix of 218 CVEs

sctp: sysctl: authenable: avoid using current-nsproxy - sctp: sysctl: cookiehmacalg: avoid using current-nsproxy CVE-2025-21640 - bpf: Use preemptcount directly in bpfsendsignalcommon - Revert "sctp: sysctl: cookiehmacalg: avoid using current-nsproxy" - jfs: fix slab-out-of-bounds read in eaget -...

8.8CVSS7AI score0.06879EPSS

Exploits3References1

RedhatCVE•added 2025/05/04 4:53 p.m.•22 views

CVE-2023-53101

In the Linux kernel, the following vulnerability has been resolved: ext4: zero idisksize when initializing the bootloader inode If the boot loader inode has never been used before, the EXT4IOCSWAPBOOT inode will initialize it, including setting the isize to 0. However, if the "never before used"...

5.5CVSS6.8AI score0.00162EPSS

Exploits0References4

SUSE CVE•added 2025/05/03 2:50 a.m.•2 views

SUSE CVE-2023-53089

In the Linux kernel, the following vulnerability has been resolved: ext4: fix task hung in ext4xattrdeleteinode Syzbot reported a hung task problem: ================================================================== INFO: task syz-executor232:5073 blocked for more than 143 seconds. Not tainted...

4.4CVSS6.2AI score0.00162EPSS

Exploits0References9

SUSE CVE•added 2025/05/03 2:50 a.m.•7 views

SUSE CVE-2023-53091

In the Linux kernel, the following vulnerability has been resolved: ext4: update sjournalinum if it changes after journal replay When mounting a crafted ext4 image, sjournalinum may change after journal replay, which is obviously unreasonable because we have successfully loaded and replayed the...

5.5CVSS6.3AI score0.00171EPSS

Exploits0References10

SUSE CVE•added 2025/05/03 2:50 a.m.•2 views

SUSE CVE-2023-53101

3.3CVSS6.4AI score0.00162EPSS

Exploits0References10