Lucene search
K

49 matches found

UbuntuCve
UbuntuCve
added 2025/04/01 4:15 p.m.8 views

CVE-2025-21964

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix integer overflow while processing acregmax mount option User-provided mount parameter acregmax of type u32 is intended to have an upper limit, but before it is validated, the value is converted from seconds to jiffies...

5.5CVSS6.4AI score0.00178EPSS
Exploits0References33
UbuntuCve
UbuntuCve
added 2025/03/27 5:15 p.m.6 views

CVE-2022-49761

In the Linux kernel, the following vulnerability has been resolved: btrfs: always report error in runonedelayedref Currently we have a btrfsdebug for runonedelayedref failure, but if end users hit such problem, there will be no chance that btrfsdebug is enabled. This can lead to very little usefu...

7.8CVSS6.2AI score0.00182EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/03/27 3:15 p.m.9 views

CVE-2025-21875

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sockownedbyme include/net/sock.h:1711 inline WARNING: CP...

5.5CVSS6.4AI score0.00195EPSS
Exploits0References40
UbuntuCve
UbuntuCve
added 2025/03/18 7:15 p.m.12 views

CVE-2025-24801

GLPI is a free asset and IT management software package. An authenticated user can upload and force the execution of .php files located on the GLPI server. This vulnerability is fixed in 10.0.18...

8.8CVSS6.1AI score0.17467EPSS
Exploits2References1
UbuntuCve
UbuntuCve
added 2025/03/06 4:15 p.m.5 views

CVE-2024-58075

In the Linux kernel, the following vulnerability has been resolved: crypto: tegra - do not transfer req when tegra init fails The tegracmacinit or tegrashainit function may return an error when memory is exhausted. It should not transfer the request when they return an error...

5.5CVSS6.3AI score0.00169EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/02/27 3:15 a.m.7 views

CVE-2025-21736

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix possible int overflows in nilfsfiemap Since nilfsbmaplookupcontig in nilfsfiemap calculates its result by being prepared to go through potentially maxblocks == INTMAX blocks, the value in n may experience an overflow...

5.5CVSS6.4AI score0.00216EPSS
Exploits0References49
UbuntuCve
UbuntuCve
added 2025/02/27 2:15 a.m.10 views

CVE-2025-21731

In the Linux kernel, the following vulnerability has been resolved: nbd: don't allow reconnect after disconnect Following process can cause nbdconfig UAF: 1 grab nbdconfig temporarily; 2 nbdgenldisconnect flush all recvwork and release the initial reference: nbdgenldisconnect nbddisconnectandput...

7.8CVSS6.4AI score0.00204EPSS
Exploits0References49
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.6 views

CVE-2022-49493

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix errorenous cleanup order There is a logic error when removing rt5645 device as the function rt5645i2cremove first cancel the &rt5645-jackdetectwork and delete the &rt5645-btnchecktimer latter. However, since the...

7.8CVSS6.3AI score0.00252EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.11 views

CVE-2022-49456

In the Linux kernel, the following vulnerability has been resolved: bonding: fix missed rcu protection When removing the rcureadlock in bondethtoolgettsinfo as discussed 1, I didn't notice it could be called via setsockopt, which doesn't hold rcu lock, as syzbot pointed: stack backtrace: CPU: 0...

5.5CVSS5.9AI score0.00243EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.8 views

CVE-2022-49731

In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: fix NULL pointer deref in atahostallocpinfo In an unlikely and probably wrong? case that the 'ppi' parameter of atahostallocpinfo points to an array starting with a NULL pointer, there's going to be a kernel oop...

5.5CVSS6.3AI score0.00275EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/02/26 7:1 a.m.12 views

CVE-2022-49647

In the Linux kernel, the following vulnerability has been resolved: cgroup: Use separate src/dst nodes when preloading csssets for migration Each cset cssset is pinned by its tasks. When we're moving tasks around across csets for a migration, we need to hold the source and destination csets to...

7.8CVSS6.2AI score0.00281EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/02/26 6:37 a.m.9 views

CVE-2021-47639

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/mmu: Zap all roots when unmapping gfn range in TDP MMU Zap both valid and invalid roots when zapping/unmapping a gfn range, as KVM must ensure it holds no references to the freed page after returning from the unmap...

7.8CVSS6.1AI score0.00237EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/02/26 6:37 a.m.9 views

CVE-2021-47654

In the Linux kernel, the following vulnerability has been resolved: samples/landlock: Fix pathlist memory leak Clang static analysis reports this error sandboxer.c:134:8: warning: Potential leak of memory pointed to by 'pathlist' ret = 0; ^ pathlist is allocated in parsepath but never freed...

5.5CVSS6.3AI score0.00245EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/02/10 4:15 p.m.11 views

CVE-2025-21693

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: properly synchronize freeing resources during CPU hotunplug In zswapcompress and zswapdecompress, the per-CPU acompctx of the current CPU at the beginning of the operation is retrieved and used throughout. However, sin...

7.8CVSS6.4AI score0.002EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2024/12/27 3:15 p.m.6 views

CVE-2024-56586

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix f2fsbugon when uninstalling filesystem call f2fsevictinode. creating a large files during checkpoint disable until it runs out of space and then delete it, then remount to enable checkpoint again, and then unmount the...

5.5CVSS6.4AI score0.00236EPSS
Exploits0References45
UbuntuCve
UbuntuCve
added 2024/12/27 2:15 p.m.12 views

CVE-2024-53177

In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to opencacheddir error paths If opencacheddir encounters an error parsing the lease from the server, the error handling may race with receiving a lease break, resulting in opencacheddir freeing the...

7.8CVSS6.4AI score0.00229EPSS
Exploits0References18
UbuntuCve
UbuntuCve
added 2024/12/27 2:15 p.m.15 views

CVE-2024-53197

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds the initial value used in usbgetconfiguration for allocating dev-config. This can...

7.8CVSS6.6AI score0.03558EPSS
Exploits0References52
UbuntuCve
UbuntuCve
added 2024/12/02 2:15 p.m.6 views

CVE-2024-53105

In the Linux kernel, the following vulnerability has been resolved: mm: pagealloc: move mlocked flag clearance into freepagesprepare Syzbot reported a bad page state problem caused by a page being freed using freepage still having a mlocked flag at freepagesprepare stage: BUG: Bad page state in...

5.5CVSS6.4AI score0.00233EPSS
Exploits0References16
UbuntuCve
UbuntuCve
added 2024/11/17 3:15 a.m.8 views

CVE-2024-52867

guix-daemon in GNU Guix before 5ab3c4c allows privilege escalation because build outputs are accessible by local users before file metadata concerns e.g., for setuid and setgid programs are properly addressed. The vulnerability can be remediated within the product via certain pull, reconfigure, a...

8.1CVSS5.8AI score0.00228EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2024/11/09 11:15 a.m.6 views

CVE-2024-50232

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124setchannelodr In the ad7124writeraw function, parameter val can potentially be zero. This may lead to a division by zero when DIVROUNDCLOSEST is called within ad7124setchannelodr. T...

5.5CVSS6.4AI score0.00248EPSS
Exploits0References33
Rows per page
Query Builder