CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

OSV•added 2025/02/25 7:6 p.m.•7 views

USN-7289-3 linux-ibm vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - x86 architecture; - Block layer subsystem; - ACPI drivers; - GPU drivers; - HID subsystem; -...

7.8CVSS6.7AI score0.18032EPSS

Exploits2References104

AstraLinux•added 2025/02/11 7:35 a.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Avoid an off-by-one reading from userspace. We attempt to access an additional 1 byte from userspace using memdupuserbuffer, count + 1. However, userspace only provides a buffer of size count bytes, and only those...

5.5CVSS5.9AI score0.0003EPSS

AstraLinux•added 2025/02/11 7:35 a.m.•3 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Added check for filling the poll mod list. In cases where improtocols has a value of 1 and tmprotocols has a value of 0, this combination successfully passes the check. This condition is specified as “!improtocols &&...

5.5CVSS5.8AI score0.00012EPSS

AstraLinux•added 2025/02/11 7:35 a.m.•1 views

Astra Linux – Vulnerability in Linux 6.1

In the Linux kernel, the following vulnerabilities have been resolved: uprobes: Fixed a kernel information leak via “uprobes” vma. xoladdvma: Maps the uninitialized page allocated by createxolarea into user space. On some architectures x86, this memory is readable even without VMREAD or VMEXEC;...

5.5CVSS6.2AI score0.00009EPSS

RedhatCVE•added 2025/02/07 9:44 a.m.•14 views

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace...

7.8CVSS7.1AI score0.00115EPSS

RedhatCVE•added 2025/02/05 11:2 a.m.•7 views

CVE-2024-21455

Memory corruption when a compat IOCTL call is followed by another IOCTL call from userspace to a driver...

7.8CVSS6.9AI score0.00198EPSS

NVD•added 2025/02/03 5:15 p.m.•10 views

CVE-2024-45584

Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace...

7.8CVSS0.00115EPSS

Positive Technologies•added 2025/02/03 12:0 a.m.•2 views

PT-2025-2716 · Qualcomm · Snapdragon +108

Name of the Vulnerable Software and Affected Versions: No specific software or versions are mentioned in the provided descriptions. Description: Memory corruption can occur when a compat IOCTL call is followed by a normal IOCTL call from userspace. This issue arises due to the sequence of these...

7.8CVSS7.1AI score0.00115EPSS

Exploits0References6

OSV•added 2025/01/31 12:15 p.m.•3 views

AZL-56285 CVE-2025-21672 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.6AI score0.00012EPSS

OSV•added 2025/01/31 12:15 p.m.•6 views

AZL-56327 CVE-2025-21672 affecting package kernel 6.6.126.1-1

5.5CVSS6.3AI score0.00012EPSS

NVD•added 2025/01/31 12:15 p.m.•15 views

CVE-2025-21672

5.5CVSS0.00012EPSS

OSV•added 2025/01/31 12:15 p.m.•1 views

UBUNTU-CVE-2025-21672

5.5CVSS6.2AI score0.00012EPSS

Exploits0References15

CVE•added 2025/01/31 11:25 a.m.•142 views

CVE-2025-21672

CVE-2025-21672 concerns the Linux kernel, specifically the afs module, where a fix guards against a lock being left held when returning to userspace. The root cause is described as a scenario where if argc is less than 0 and a function returns directly, an inode mutex lock is not released. The pa...

5.5CVSS6.9AI score0.00012EPSS

Exploits0References2Affected Software1

NVD•added 2025/01/30 5:15 a.m.•8 views

CVE-2025-0662

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

4.9CVSS0.00101EPSS

Vulnrichment•added 2025/01/30 4:49 a.m.•5 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

4.8AI score0.00101EPSS

Cvelist•added 2025/01/30 4:49 a.m.•13 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

0.00101EPSS

CVE•added 2025/01/30 4:49 a.m.•57 views

CVE-2025-0662

CVE-2025-0662 affects FreeBSD ktrace(2): the facility can log kernel structures to userspace and, in one case, dump a variable-sized sockaddr, copying the full sockaddr even when shorter, leaking up to 14 uninitialized bytes of kernel memory from a heap allocation to userspace. The issue is explo...

4.9CVSS6.2AI score0.00101EPSS

Tenable Nessus•added 2025/01/30 12:0 a.m.•8 views

FreeBSD : FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2) (2830b374-debd-11ef-87ba-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2830b374-debd-11ef-87ba-002590c1f29c advisory. In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such...

4.9CVSS5.6AI score0.00101EPSS