CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

7.8CVSS6.7AI score0.0014EPSS

kernel: scsi: ufs: core: Fix handling of lrbp->cmd

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix handling of lrbp-cmd ufshcdqueuecommand may be called two times in a row for a SCSI command before it is completed. Hence make the following changes: - In the functions that submit a command, do not check the...

5.5CVSS6.4AI score0.00258EPSS

kernel: wifi: mac80211: use two-phase skb reclamation in ieee80211_do_stop()

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: use two-phase skb reclamation in ieee80211dostop Since 'devqueuexmit' should be called with interrupts enabled, the following backtrace: ieee80211dostop ... spinlockirqsave&local-queuestopreasonlock, flags...

RedHat Linux•added 2025/05/13 8:28 a.m.•5 views

kernel: block: fix deadlock between sd_remove & sd_release

In the Linux kernel, the following vulnerability has been resolved: block: fix deadlock between sdremove & sdrelease Our test report the following hung task: 2538.459400 INFO: task "kworker/0:0":7 blocked for more than 188 seconds. 2538.459427 Call trace: 2538.459430 switchto+0x174/0x338...

5.5CVSS6.8AI score0.00172EPSS

5.5CVSS6.9AI score0.00279EPSS

kernel: Bluetooth: Fix memory leak in hci_req_sync_complete()

This CVE identifies a memory leak in the Linux kernel's Bluetooth subsystem, specifically within the hcireqsynccomplete function. The issue arises because the function fails to release the previous synchronization request state before assigning a new one, leading to increased memory usage over...

5.5CVSS6.8AI score0.002EPSS

kernel: md/raid10: fix null ptr dereference in raid10_size()

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null ptr dereference in raid10size In raid10run if raid10setqueuelimits succeed, the return value is set to zero, and if following procedures failed raid10run will return zero while mddev-private is still NULL,...

5.5CVSS7.2AI score0.00185EPSS

kernel: Bluetooth: hci_conn: Use disable_delayed_work_sync

A flaw was found in the Bluetooth subsystem of the Linux kernel, in the handling of delayed work within the hciconn Host Controller Interface connection structure. The kernel used canceldelayedworksync when shutting down a connection, which cancels ongoing work but allows rescheduling. This could...

7CVSS7.2AI score0.00255EPSS

kernel: pipe: wakeup wr_wait after setting max_usage

CVE-2023-52672 is a vulnerability in the Linux kernel's pipe subsystem caused by a regression in how pipes are resized. When a pipe is full and resized, incorrect handling of wakeups for writers can lead to deadlocks or system lockups. This issue has been resolved by ensuring that the pipe's usag...

7.8CVSS7.4AI score0.00258EPSS

kernel: tty: n_gsm: Fix use-after-free in gsm_cleanup_mux

A user after free vulnerability exists in the linux kernel such that when gsmcleanupmux is called,the gsmmsg on the txctrllist is not freed,resulting in loss of availability of the system...

7.8CVSS7.3AI score0.00226EPSS

kernel: net: usb: lan78xx: Fix double free issue with interrupt buffer allocation

A double free vulnerability was found in the Linux kernel. In lan78xxprobe, the buf buffer is freed twice: once implicitly through usbfreeurbdev-urbintr with the URBFREEBUFFER flag and again explicitly by kfreebuf, resulting in loss of availability of the system...

5.5CVSS6.8AI score0.00227EPSS

kernel: padata: use integer wrap around to prevent deadlock on seq_nr overflow

A flaw was found in the padata parallel algorithm data subsystem in the Linux kernel. An integer overflow can be triggered when processing more than 2^32 4GiB padata objects, causing a deadlock in the serialization process, potentially resulting in a denial of service...