CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

372 matches found

NVD•added 2025/09/23 6:15 a.m.•13 views

CVE-2025-39871

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Remove improper idxdfree The call to idxdfree introduces a duplicate putdevice leading to a reference count underflow: refcountt: underflow; use-after-free. WARNING: CPU: 15 PID: 4428 at lib/refcount.c:28...

7.8CVSS0.0014EPSS

Exploits0References5

OSV•added 2025/09/23 6:15 a.m.•1 views

UBUNTU-CVE-2025-39871

7.8CVSS6.5AI score0.0014EPSS

Exploits0References17

CVE•added 2025/09/23 6:0 a.m.•31 views

CVE-2025-39871

CVE-2025-39871 relates to the Linux kernel dmaengine idxd driver. The fix removes an improper idxd_free() call that could trigger a duplicate put_device() leading to refcount underflow and a use-after-free during module unload. The issue arises in idxd_remove() and during module exit when CONFIG_...

7.8CVSS6.2AI score0.0014EPSS

Exploits0References5Affected Software1

OSV•added 2025/09/23 6:0 a.m.•7 views

CVE-2025-39871 dmaengine: idxd: Remove improper idxd_free

7.8CVSS6.2AI score0.0014EPSS

Exploits0References8

Cvelist•added 2025/09/23 6:0 a.m.•10 views

CVE-2025-39871 dmaengine: idxd: Remove improper idxd_free

0.0014EPSS

Exploits0References5

RedHat Linux•added 2025/09/22 11:7 a.m.•2 views

kernel: vsock: Fix transport_* TOCTOU

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport TOCTOU Transport assignment may race with module unload. Protect newtransport from becoming a stale pointer. This also takes care of an insecure call in vsockuselocaltransport; add a lockdep assert. BUG: unab...

4.7CVSS6.8AI score0.00113EPSS

Exploits0References5

SUSE CVE•added 2025/09/21 11:24 p.m.•3 views

SUSE CVE-2023-53224

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix function prototype mismatch for ext4featktype With clang's kernel control flow integrity kCFI, CONFIGCFICLANG, indirect call targets are validated against the expected function pointer prototype to make sure the call...

5.5CVSS6.5AI score0.00146EPSS

Exploits0References3

RedHat Linux•added 2025/09/18 8:45 a.m.•4 views

grub2: command/gpg: Use-after-free due to hooks not being removed on module unload

A flaw was found in command/gpg. In some scenarios, hooks created by loaded modules are not removed when the related module is unloaded. This flaw allows an attacker to force grub2 to call the hooks once the module that registered it was unloaded, leading to a use-after-free vulnerability. If...

6.4CVSS5.9AI score0.00262EPSS

Exploits0References5

SUSE CVE•added 2025/09/17 11:31 p.m.•2 views

SUSE CVE-2022-50256

In the Linux kernel, the following vulnerability has been resolved: drm/meson: remove drm bridges at aggregate driver unbind time drm bridges added by mesonencoderhdmiinit and mesonencodercvbsinit were not manually removed at module unload time, which caused dangling references to freed memory to...

7.8CVSS6.5AI score0.00147EPSS

Exploits0References3

OSV•added 2025/09/16 2:15 p.m.•14 views

AZL-71260 CVE-2025-39833 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: mISDN: hfcpci: Fix warning when deleting uninitialized timer With CONFIGDEBUGOBJECTSTIMERS unloading hfcpci module leads to the following splat: 250.215892 ODEBUG: assertinit not available active state 0 object: ffffffffc01a3dc0...

5.5CVSS5.6AI score0.00119EPSS

Exploits0References1

NVD•added 2025/09/16 2:15 p.m.•20 views

CVE-2025-39833

5.5CVSS0.00119EPSS

Exploits0References2

OSV•added 2025/09/16 2:15 p.m.•8 views

UBUNTU-CVE-2025-39833

5.5CVSS5.7AI score0.00119EPSS

Exploits0References5

Vulnrichment•added 2025/09/16 1:8 p.m.•2 views

CVE-2025-39833 mISDN: hfcpci: Fix warning when deleting uninitialized timer

6.1AI score0.00119EPSS

Exploits0References2

CVE•added 2025/09/16 1:8 p.m.•30 views

CVE-2025-39833

CVE-2025-39833 (Linux kernel) Root cause: when unloading the hfcpci module with CONFIG_DEBUG_OBJECTS_TIMERS enabled, an uninitialized timer could trigger a kernel warning path during deletion, as shown in the stack trace and timer-related debug prints. Impact: locally leveraged by a privileged co...

5.5CVSS6.1AI score0.00119EPSS

Exploits0References2Affected Software1

NVD•added 2025/09/16 8:15 a.m.•5 views

CVE-2023-53291

In the Linux kernel, the following vulnerability has been resolved: rcu/rcuscale: Stop kfreescalethread threads after unloading rcuscale Running the 'kfreercutest' test case 1 results in a splat 2. The root cause is the kfreescalethread threads continue running after unloading the rcuscale module...

5.5CVSS0.00136EPSS

Exploits0References6

Debian CVE•added 2025/09/16 8:11 a.m.•3 views

CVE-2023-53291

5.5CVSS5.3AI score0.00136EPSS

Exploits0

NVD•added 2025/09/15 3:15 p.m.•3 views

CVE-2023-53224

5.5CVSS0.00146EPSS

Exploits0References7

OSV•added 2025/09/15 2:48 p.m.•4 views

CVE-2022-50316 orangefs: Fix kmemleak in orangefs_sysfs_init()

In the Linux kernel, the following vulnerability has been resolved: orangefs: Fix kmemleak in orangefssysfsinit When insert and remove the orangefs module, there are kobjects memory leaked as below: unreferenced object 0xffff88810f95af00 size 64: comm "insmod", pid 783, jiffies 4294813439 age...

5.5CVSS6.2AI score0.00143EPSS

Exploits0References6

Cvelist•added 2025/09/15 2:21 p.m.•7 views

CVE-2023-53224 ext4: Fix function prototype mismatch for ext4_feat_ktype

0.00146EPSS

Exploits0References7

OSV•added 2025/09/15 2:21 p.m.•7 views

CVE-2023-53224 ext4: Fix function prototype mismatch for ext4_feat_ktype

5.5CVSS5.4AI score0.00146EPSS

Exploits0References10

Rows per page