CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

1432 matches found

OSV•added 2025/02/26 7:1 a.m.•0 views

UBUNTU-CVE-2022-49407

In the Linux kernel, the following vulnerability has been resolved: dlm: fix plock invalid read This patch fixes an invalid read showed by KASAN. A unlock will allocate a "struct plockop" and a followed sendop will append it to a global sendlist data structure. In some cases a followed devread...

7.1CVSS6.2AI score0.00009EPSS

Exploits0References12

OSV•added 2025/02/26 7:1 a.m.•1 views

UBUNTU-CVE-2022-49565

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel/lbr: Fix unchecked MSR access error on HSW The fuzzer triggers the below trace. 7763.384369 unchecked MSR access error: WRMSR to 0x689 tried to write 0x1fffffff8101349e at rIP: 0xffffffff810704a4...

5.5CVSS6.1AI score0.00091EPSS

Exploits0References5

OSV•added 2025/02/26 7:0 a.m.•1 views

DEBIAN-CVE-2022-49204

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix more uncharged while msg has moredata In tcpbpfsendverdict, if msg has more data after tcpbpfsendmsgredir: tcpbpfsendverdict tosend = msg-sg.size //msg-sg.size = 22220 case SKREDIRECT: skmsgreturn //uncharged...

5.5CVSS5.2AI score0.00016EPSS

Exploits0References1

OSV•added 2025/02/26 7:0 a.m.•2 views

DEBIAN-CVE-2022-49049

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix panic when growing a memfdsecret When one tries to grow an existing memfdsecret with ftruncate, one gets a panic 1. For example, doing the following reliably induces the panic: fd = memfdsecret; ftruncatefd, 10;...

5.5CVSS5.4AI score0.00039EPSS

Exploits0References1

OSV•added 2025/02/26 7:0 a.m.•1 views

UBUNTU-CVE-2022-49073

In the Linux kernel, the following vulnerability has been resolved: ata: satadwc460ex: Fix crash due to OOB write the driver uses libata's "tag" values from in various arrays. Since the mentioned patch bumped the ATATAGINTERNAL to 32, the value of the SATADWCQCMDMAX needs to account for that...

7.8CVSS6.2AI score0.00019EPSS

Exploits0References10

Cvelist•added 2025/02/26 2:24 a.m.•14 views

CVE-2022-49711 bus: fsl-mc-bus: fix KASAN use-after-free in fsl_mc_bus_remove()

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc-bus: fix KASAN use-after-free in fslmcbusremove In fslmcbusremove, mc-rootmcbusdev-mcio is passed to fsldestroymcio. However, mc-rootmcbusdev is already freed in fslmcdeviceremove. Then reference to mc-rootmcbusdev-mc...

0.00014EPSS

Exploits0References4

Debian CVE•added 2025/02/26 2:24 a.m.•6 views

CVE-2022-49711

7.8CVSS5.6AI score0.00014EPSS

Exploits0

Cvelist•added 2025/02/26 2:23 a.m.•11 views

CVE-2022-49641 sysctl: Fix data races in proc_douintvec().

In the Linux kernel, the following vulnerability has been resolved: sysctl: Fix data races in procdouintvec. A sysctl variable is accessed concurrently, and there is always a chance of data-race. So, all readers and writers need some basic protection to avoid load/store-tearing. This patch change...

0.0001EPSS

Exploits0References4

CVE•added 2025/02/26 2:23 a.m.•91 views

CVE-2022-49640

The CVE-2022-49640 issue affects the Linux kernel’s sysctl path, specifically proc_douintvec_minmax(). A concurrent access to a sysctl variable led to potential data races; the fix patches the function to use READ_ONCE() and WRITE_ONCE() internally, addressing the data-race on the sysctl side. Th...

4.7CVSS5.3AI score0.00009EPSS

Exploits0References4Affected Software1

Vulnrichment•added 2025/02/26 2:23 a.m.•2 views

CVE-2022-49583 iavf: Fix handling of dummy receive descriptors

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix handling of dummy receive descriptors Fix memory leak caused by not handling dummy receive descriptor properly. iavfgetrxbuffer now sets the rxbuffer return value for dummy receive descriptors. Without this patch, when...

6.3AI score0.00014EPSS

Exploits0References5

CVE•added 2025/02/26 2:13 a.m.•93 views

CVE-2022-49489

CVE-2022-49489 details (NORMAL mode) Affects the Linux kernel component: drm/msm/disp/dpu1. The issue arises from set vbif hw config to NULL to avoid use-after-free during PM runtime resume in the DPU, leading to an Unable to handle kernel paging request crash (illustrated by the call trace inclu...

7.8CVSS5.3AI score0.00015EPSS

Exploits0References7Affected Software1

Cvelist•added 2025/02/26 2:12 a.m.•11 views

CVE-2022-49444 module: fix [e_shstrndx].sh_size=0 OOB access

In the Linux kernel, the following vulnerability has been resolved: module: fix eshstrndx.shsize=0 OOB access It is trivial to craft a module to trigger OOB access in this line: if info-secstringsstrhdr-shsize - 1 != '\0' BUG: unable to handle page fault for address: ffffc90000aa0fff PGD 10000006...

0.00014EPSS

Exploits0References4

Vulnrichment•added 2025/02/26 1:55 a.m.•11 views

CVE-2022-49182 net: hns3: add vlan list lock to protect vlan list

In the Linux kernel, the following vulnerability has been resolved: net: hns3: add vlan list lock to protect vlan list When adding port base VLAN, vf VLAN need to remove from HW and modify the vlan state in vf VLAN list as false. If the periodicity task is freeing the same node, it may cause "use...

7.4AI score0.00017EPSS

Exploits0References4

Vulnrichment•added 2025/02/26 1:55 a.m.•12 views

CVE-2022-49176 bfq: fix use-after-free in bfq_dispatch_request

In the Linux kernel, the following vulnerability has been resolved: bfq: fix use-after-free in bfqdispatchrequest KASAN reports a use-after-free report when doing normal scsi-mq test 69832.239032 ================================================================== 69832.241810 BUG: KASAN:...

7.3AI score0.00014EPSS

Exploits0References7

CVE•added 2025/02/26 1:54 a.m.•104 views

CVE-2021-47633

CVE-2021-47633 is described in connected documents as a Linux kernel flaw in the ath5k driver where, during EEPROM parsing (ath5k_eeprom_read_pcal_info_5111), an out-of-bounds write could occur when no curve is selected in a loop, allowing idx to reach AR5K_EEPROM_N_PD_CURVES and causing pd to be...

7.1CVSS6.5AI score0.00011EPSS

Exploits0References9Affected Software1

SUSE Linux•added 2025/02/24 9:3 a.m.•1 views

Security update for the Linux Kernel (Live Patch 2 for SLE 15 SP6)

This update for the Linux Kernel 6.4.0-1506002314 fixes several issues. The following security issues were fixed: CVE-2024-36974: net/sched: taprio: always validate TCATAPRIOATTRPRIOMAP bsc1227371. CVE-2024-53104: media: uvcvideo: Skip parsing frames of type UVCVSUNDEFINED in uvcparseformat...

7.8CVSS8.3AI score0.18032EPSS

Exploits1References8

SUSE CVE•added 2025/02/14 7:8 a.m.•7 views

SUSE CVE-2023-0045

The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ibprctlset function updates the Thread Information Flags TIFs for the task and updates the SPECCTRL MSR on the function speculationctrlupdate, but the IBPB is only issued on the next schedul...

4.7CVSS7AI score0.00277EPSS

Exploits3References29

SUSE CVE•added 2025/02/14 6:3 a.m.•2 views

SUSE CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476 FSP2 system: kernel tried to execute user page b7ee2000 - exploit attempt? uid: 0 BUG: Unable to handle kernel...

5.5CVSS4.7AI score0.00018EPSS

Exploits0References3

Tenable Nessus•added 2025/02/10 12:0 a.m.•2 views

Azure Linux 3.0 Security Update: kernel (CVE-2024-49903)

The version of kernel installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-49903 advisory. - In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uaf in dbFreeBits syzbot report...

7CVSS6AI score0.00013EPSS

Exploits0References2