Lucene search
K

3274 matches found

RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: net: fix refcount bug in sk_psock_get (2)

In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in skpsockget 2 Syzkaller reports refcount bug as follows: ------------ cut here ------------ refcountt: saturated; leaking memory. WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19...

5.5CVSS6.3AI score0.00205EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: net/sunrpc: fix potential memory leaks in rpc_sysfs_xprt_state_change()

A flaw was found in the sunrpc module in the Linux kernel. A missing decrement of the reference count when an error occurs can cause a memory leak, and a missing check can cause a NULL pointer dereference, potentially resulting in a denial of service...

5.5CVSS6.6AI score0.00157EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: powerpc/64s: Don't use DSISR for SLB faults

In the Linux kernel, the following vulnerability has been resolved: powerpc/64s: Don't use DSISR for SLB faults Since commit 46ddcb3950a2 "powerpc/mm: Show if a bad page fault on data is read or write." we use pagefaultiswriteregs-dsisr in badpagefault to determine if the fault is for a read or...

5.5CVSS6.3AI score0.00252EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: scsi: sg: Allow waiting for commands to complete on removed device

In the Linux kernel, the following vulnerability has been resolved: scsi: sg: Allow waiting for commands to complete on removed device When a SCSI device is removed while in active use, currently sg will immediately return -ENODEV on any attempt to wait for active commands that were sent before t...

5.5CVSS6.2AI score0.00199EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: tcp: Fix data-races around sysctl_tcp_mtu_probing.

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctltcpmtuprobing. While reading sysctltcpmtuprobing, it can be changed concurrently. Thus, we need to add READONCE to its readers...

4.7CVSS6.3AI score0.00181EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: ipv4: Fix a data-race around sysctl_fib_multipath_use_neigh.

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix a data-race around sysctlfibmultipathuseneigh. While reading sysctlfibmultipathuseneigh, it can be changed concurrently. Thus, we need to add READONCE to its reader...

4.7CVSS6.3AI score0.0018EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.4 views

kernel: bpf: Fix potential array overflow in bpf_trampoline_get_progs()

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix potential array overflow in bpftrampolinegetprogs The cnt value in the 'cnt = BPFMAXTRAMPPROGS' check does not include BPFTRAMPMODIFYRETURN bpf programs, so the number of the attached BPFTRAMPMODIFYRETURN bpf programs in...

7.8CVSS6.3AI score0.00288EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: perf/x86/intel/uncore: Fix reference count leak in snr_uncore_mmio_map()

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/uncore: Fix reference count leak in snruncoremmiomap pcigetdevice will increase the reference count for the returned pcidev, so snruncoregetmcdev will return a pcidev with its reference count increased. We need to...

5.7AI score0.00174EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: blk-mq: fix null pointer dereference in blk_mq_clear_rq_mapping()

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix null pointer dereference in blkmqclearrqmapping Our syzkaller report a null pointer dereference, root cause is following: blkmqallocmapandrqs set-tagshctxidx = blkmqallocmapandrqs blkmqallocmapandrqs blkmqallocrqs //...

5.5CVSS6.7AI score0.00129EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: net/sched: sch_taprio: fix possible use-after-free

In the Linux kernel, the following vulnerability has been resolved: net/sched: schtaprio: fix possible use-after-free syzbot reported a nasty crash 1 in nettxaction which made little sense until we got a repro. This repro installs a taprio qdisc, but providing an invalid TCARATE attribute...

7.8CVSS6.3AI score0.0018EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/05/09 10:4 a.m.3 views

kernel: ice: xsk: prohibit usage of non-balanced queue id

In the Linux kernel, the following vulnerability has been resolved: ice: xsk: prohibit usage of non-balanced queue id Fix the following scenario: 1. ethtool -L $IFACE rx 8 tx 96 2. xdpsock -q 10 -t -z Above refers to a case where user would like to attach XSK socket in txonly mode at a queue id...

5.5CVSS6.3AI score0.00159EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/05/09 12:0 a.m.17 views

PT-2025-40694

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw in the drm/i915 subsystem related to handling requests for GuC virtual engines. Specifically, references to i915 requests could be held indefinitely acro...

7.8CVSS6.8AI score0.08942EPSS
Exploits4References1004
Positive Technologies
Positive Technologies
added 2023/04/19 12:0 a.m.4 views

PT-2025-49646

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel related to device mapper dm flakey functionality. A specific command involving dmsetup create flakey with a crafted table can cause a NULL pointer...

7.8CVSS6.7AI score0.00462EPSS
Exploits2References914
SUSE CVE
SUSE CVE
added 2023/02/15 4:12 a.m.10 views

SUSE CVE-2019-11479

Jonathan Looney discovered that the Linux kernel default MSS is hard-coded to 48 bytes. This allows a remote peer to fragment TCP resend queues significantly more than if a larger MSS were enforced. A remote attacker could use this to cause a denial of service. This has been fixed in stable kerne...

7.5CVSS6.3AI score0.9166EPSS
Exploits1References24
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.5 views

PT-2025-37875

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A flaw exists in the Linux kernel's ext4 filesystem implementation where the i disksize can exceed i size during partial write operations. This condition can trigger a warning and...

6CVSS6.6AI score0.00145EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2023/01/01 12:0 a.m.4 views

PT-2025-54071

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.2.1-1280.native Description The Linux kernel contains a flaw within the block, bfq subsystem. Specifically, a division by zero error can occur when the weighted sum is zero during limit calculations. This issue...

6.6AI score0.00166EPSS
Exploits0
OSV
OSV
added 2022/12/08 3:16 a.m.10 views

GSD-2022-1008212 kcm: avoid potential race in kcm_tx_work

kcm: avoid potential race in kcmtxwork This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.267 by commit...

7.2AI score
Exploits0
Positive Technologies
Positive Technologies
added 2022/12/08 12:0 a.m.3 views

PT-2025-49468

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.1.0-rc5-wt-ath-656295-gef907406320c-dirty 6 Description The Linux kernel contains a flaw within the ath11k module related to monitor mode bringup. When an interface is activated in monitor mode, a NULL pointer...

6CVSS5.5AI score0.00172EPSS
Exploits0References22
OSV
OSV
added 2022/12/01 6:28 p.m.4 views

CLSA-2022-1669919330 kernel: Fix of CVE-2021-22543

KVM: do not allow mapping valid but non-reference-counted pages CVE-2021-22543...

8.7CVSS6.8AI score0.0066EPSS
Exploits1References1
Prion
Prion
added 2022/11/15 10:15 p.m.16 views

Design/Logic Flaw

SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. SMI functions in AhciBusDxe use untrusted inputs leading to corruption of SMRAM. This issue was discovered by Insyde during security review. It was fixed in: Kernel 5.0: version 05.09.18 Kernel 5.1: version 05.17.18...

4CVSS8.2AI score0.00193EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder