Lucene search
+L

950 matches found

cvelist
cvelist
added 2025/05/09 6:42 a.m.16 views

CVE-2025-37862 HID: pidff: Fix null pointer dereference in pidff_find_fields

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Fix null pointer dereference in pidfffindfields This function triggered a null pointer dereference if used to search for a report that isn't implemented on the device. This happened both for optional and required...

0.00254EPSS
Exploits0References9
nvd
nvd
added 2025/05/08 7:15 a.m.26 views

CVE-2025-37834

In the Linux kernel, the following vulnerability has been resolved: mm/vmscan: don't try to reclaim hwpoison folio Syzkaller reports a bug as follows: Injecting memory failure for pfn 0x18b00e at process virtual address 0x20ffd000 Memory failure: 0x18b00e: dirty swapcache page still referenced by...

5.5CVSS0.00154EPSS
Exploits0References3
cve
cve
added 2025/05/08 6:26 a.m.90 views

CVE-2025-37827

CVE-2025-37827 affects the Linux kernel’s Btrfs zoned mechanism when a RAID1 block-group has a write-pointer mismatch between disks. Root cause: a NULL pointer dereference in __btrfs_add_free_space_zoned() triggered by converting the metadata profile from DUP to RAID1 on two disks, leading to an ...

5.5CVSS6.4AI score0.00155EPSS
Exploits0References3Affected Software1
osv
osv
added 2025/05/05 12:11 a.m.4 views

OSV-2025-324 Index-out-of-bounds in dwg_decode_eed

OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=415083665 Crash type: Index-out-of-bounds Crash state: dwgdecodeeed dwgdecodeentity dwgdecodeATTDEFprivate...

7.2AI score
Exploits0References1
cvelist
cvelist
added 2025/05/02 3:56 p.m.25 views

CVE-2023-53138 net: caif: Fix use-after-free in cfusbl_device_notify()

In the Linux kernel, the following vulnerability has been resolved: net: caif: Fix use-after-free in cfusbldevicenotify syzbot reported use-after-free in cfusbldevicenotify 1. This causes a stack trace like below: BUG: KASAN: use-after-free in cfusbldevicenotify+0x7c9/0x870 net/caif/caifusb.c:138...

0.00159EPSS
Exploits0References8
cvelist
cvelist
added 2025/05/01 2:9 p.m.12 views

CVE-2022-49832 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 0000000000000000 by task...

0.00186EPSS
Exploits0References8
osv
osv
added 2025/05/01 2:9 p.m.8 views

CVE-2022-49832 pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrldttomap Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50 Read of size 1 at addr 0000000000000000 by task...

5.5CVSS6AI score0.00186EPSS
Exploits0References11
osv
osv
added 2025/05/01 2:9 p.m.13 views

CVE-2022-49783 x86/fpu: Drop fpregs lock before inheriting FPU permissions

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Drop fpregs lock before inheriting FPU permissions Mike Galbraith reported the following against an old fork of preempt-rt but the same issue also applies to the current preempt-rt tree. BUG: sleeping function called fro...

5.5CVSS5.8AI score0.00141EPSS
Exploits0References5
osv
osv
added 2025/05/01 12:55 p.m.8 views

CVE-2025-37742 jfs: Fix uninit-value access of imap allocated in the diMount() function

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix uninit-value access of imap allocated in the diMount function syzbot reports that hexdumptobuffer is using uninit-value: ===================================================== BUG: KMSAN: uninit-value in...

5.5CVSS6.1AI score0.00155EPSS
Exploits0References11
openvas
openvas
added 2025/04/21 12:0 a.m.4 views

Fedora: Security Advisory (FEDORA-2025-d5fdbedb7f)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5AI score
Exploits0References4
nvd
nvd
added 2025/04/18 7:15 a.m.17 views

CVE-2025-37925

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

5.5CVSS0.00234EPSS
Exploits0References7
osv
osv
added 2025/04/18 7:1 a.m.20 views

CVE-2025-37925 jfs: reject on-disk inodes of an unsupported type

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668! Oops: invalid opcode: 0000 1 PREEMPT SMP KASAN PTI CPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted...

5.5CVSS6AI score0.00234EPSS
Exploits0References10
cve
cve
added 2025/04/18 7:1 a.m.149 views

CVE-2025-37925

The CVE-2025-37925 entry concerns a Linux kernel vulnerability in the JFS filesystem. When finalizing an on-disk inode, clear_inode() could encounter an unknown type and trigger a kernel BUG; the root cause is an invalid handling path for on-disk inode types, where types 5–15 are reserved. The fi...

5.5CVSS6.4AI score0.00234EPSS
Exploits0References7Affected Software1
cvelist
cvelist
added 2025/04/16 10:20 a.m.21 views

CVE-2025-22020 memstick: rtsx_usb_ms: Fix slab-use-after-free in rtsx_usb_ms_drv_remove

In the Linux kernel, the following vulnerability has been resolved: memstick: rtsxusbms: Fix slab-use-after-free in rtsxusbmsdrvremove This fixes the following crash: ================================================================== BUG: KASAN: slab-use-after-free in rtsxusbmspollcard+0x159/0x20...

0.00176EPSS
Exploits0References9
chrome
chrome
added 2025/04/08 12:0 a.m.16 views

Stable Channel Update for Desktop

The Stable channel has been updated to 135.0.7049.84/.85 for Windows, Mac and 135.0.7049.84 for Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the Log. Security Fixes and Rewards Note: Access to bug details and links may be kept restrict...

8.8CVSS9.3AI score0.00342EPSS
Exploits0Affected Software1
trellix
trellix
added 2025/04/03 12:0 a.m.25 views

The Bug Report - March 2025 Edition

The Bug Report - March 2025 Edition By Jonathan Omakun · April 3, 2025 Why am I here? Welcome to the March 2025 edition of The Bug Report—where the bracket-breaking isn’t just happening on the court. While US college basketball fans are busy filling out brackets and chasing Cinderella stories,...

10CVSS9.1AI score0.99945EPSS
Exploits55
redhatcve
redhatcve
added 2025/03/29 5:48 p.m.16 views

CVE-2023-53031

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Fix use of mutex in IRQs disabled section Current imc-pmu code triggers a WARNING with CONFIGDEBUGATOMICSLEEP and CONFIGPROVELOCKING enabled, while running a threadimc event. Command to trigger the warning: perf...

5.5CVSS7.4AI score0.00138EPSS
Exploits0References4
osv
osv
added 2025/03/27 4:43 p.m.15 views

CVE-2023-52973 vc_screen: move load of struct vc_data pointer in vcs_read() to avoid UAF

In the Linux kernel, the following vulnerability has been resolved: vcscreen: move load of struct vcdata pointer in vcsread to avoid UAF After a call to consoleunlock in vcsread the vcdata struct can be freed by vcdeallocate. Because of that, the struct vcdata pointer load must be done at the top...

7.8CVSS5.5AI score0.00274EPSS
Exploits0References10
cve
cve
added 2025/03/27 4:42 p.m.59 views

CVE-2022-49744

The CVE-2022-49744 entry concerns a Linux kernel mm/uffd issue: when forking, the dst_vma may not inherit VM_UFFD_WP even if the src has it, leading to a stale pte marker and potential access to a corrupted page. The fix is a two‑patch series under “mm: Fixes on pte markers” that hardens pte mark...

5.5CVSS6.4AI score0.0015EPSS
Exploits0References2Affected Software1
debiancve
debiancve
added 2025/03/27 2:57 p.m.8 views

CVE-2025-21887

In the Linux kernel, the following vulnerability has been resolved: ovl: fix UAF in ovldentryupdatereval by moving dput in ovllinkup The issue was caused by dputupper being called before ovldentryupdatereval, while upper-dflags was still accessed in ovldentryremote. Move dputupper after its last...

7.8CVSS5.7AI score0.00185EPSS
Exploits0
Rows per page
Query Builder