Lucene search
K

17 matches found

CVE
CVE
added 2025/07/25 3:27 p.m.87 views

CVE-2025-38441

CVE-2025-38441 affects the Linux kernel netfilter flowtable nf_flow_pppoe_proto() where the Ethernet header was not accounted for in PPPoE offload logic, leading to potential use of uninitialized data (KMSAN). The vulnerability is locally exploitable; CVSS 3.1/AV:L/AC:L/PR:L/UI:N/S:U/I:N/A:H with...

5.5CVSS6.3AI score0.00156EPSS
Exploits0References7Affected Software1
CVE
CVE
added 2025/07/03 8:36 a.m.81 views

CVE-2025-38158

CVE-2025-38158 affects the Linux kernel (hisi_acc_vfio_pci) and fixes an XQE/AEQE DMA address error observed after migration. The root cause is an incorrect address construction when reading hardware registers, causing wrong DMA addresses for EQE/AEQE and guest kernel‑mode encryption services to ...

5.5CVSS6.9AI score0.00092EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2025/05/20 4:15 p.m.11 views

CVE-2025-37934

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graphutilparselinkdirection Actually check if the passed pointers are valid, before writing to them. This also fixes a USBAN warning: UBSAN: invalid-load in...

7.8CVSS0.00166EPSS
Exploits0References3
OSV
OSV
added 2025/05/01 2:11 p.m.11 views

CVE-2022-49929 RDMA/rxe: Fix mr leak in RESPST_ERR_RNR

In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix mr leak in RESPSTERRRNR rxerecheckmr will increase mr's refcnt, so we should call rxeputmr to drop mr's refcnt in RESPSTERRRNR to avoid below warning: WARNING: CPU: 0 PID: 4156 at...

5.5CVSS5.8AI score0.0013EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/04/16 2:12 p.m.22 views

CVE-2025-22092 PCI: Fix NULL dereference in SR-IOV VF creation error path

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix NULL dereference in SR-IOV VF creation error path Clean up when virtfn setup fails to prevent NULL pointer dereference during device removal. The kernel oops below occurred due to incorrect error handling flow when...

0.00164EPSS
Exploits0References3
CVE
CVE
added 2025/04/16 2:12 p.m.88 views

CVE-2025-22082

CVE-2025-22082 affects the Linux kernel IIO subsystem: iio_backend_debugfs_write_reg() could pass an uninitialized stack buffer to sscanf() due to missing NULL termination. The root cause is a stack buffer not guaranteed to be 0-initialized, leading to potential uncontrolled reads. The vulnerabil...

5.5CVSS6.7AI score0.00165EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/03/27 4:43 p.m.8 views

CVE-2023-52985

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fec driver tries to power down the phy which leads to crash of the kernel and non-responsible kernel with the...

5.5CVSS5.5AI score0.00204EPSS
Exploits0
Vulnrichment
Vulnrichment
added 2025/02/27 8:0 p.m.9 views

CVE-2024-58034 memory: tegra20-emc: fix an OF node reference bug in tegra_emc_find_node_by_ram_code()

In the Linux kernel, the following vulnerability has been resolved: memory: tegra20-emc: fix an OF node reference bug in tegraemcfindnodebyramcode As offindnodebyname release the reference of the argument device node, tegraemcfindnodebyramcode releases some device nodes while still in use,...

7.5AI score0.00217EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2025/02/27 2:7 a.m.10 views

CVE-2025-21718

In the Linux kernel, the following vulnerability has been resolved: net: rose: fix timer races against user threads Rose timers only acquire the socket spinlock, without checking if the socket is owned by one user thread. Add a check and rearm the timers if needed. BUG: KASAN: slab-use-after-free...

7CVSS6.2AI score0.00151EPSS
Exploits0
Cvelist
Cvelist
added 2025/02/27 2:7 a.m.14 views

CVE-2024-57985 firmware: qcom: scm: Cleanup global '__scm' on probe failures

In the Linux kernel, the following vulnerability has been resolved: firmware: qcom: scm: Cleanup global 'scm' on probe failures If SCM driver fails the probe, it should not leave global 'scm' variable assigned, because external users of this driver will assume the probe finished successfully. For...

0.00187EPSS
Exploits0References3
CVE
CVE
added 2025/02/26 2:11 a.m.117 views

CVE-2022-49375

The CVE-2022-49375 entry concerns the Linux kernel rtc: mt6397 driver. The described vulnerability is a potential null-pointer dereference when platform_get_resource() returns NULL, caused by not checking the return value. The connected documentation states the fix is to check the return value of...

5.5CVSS6.6AI score0.00252EPSS
Exploits0References9Affected Software1
CVE
CVE
added 2025/02/26 1:55 a.m.130 views

CVE-2022-49227

CVE-2022-49227 : In the Linux kernel igc driver, the ethtool RX-ring reconfiguration path copies an igc_ring structure but fails to reset the xdp_rxq_info member before igc_setup_rx_resources is called. This causes xdp_rxq_info_reg() to be invoked on an already registered xdp_rxq_info, leading to...

5.5CVSS5.2AI score0.00252EPSS
Exploits0References4Affected Software1
Debian CVE
Debian CVE
added 2025/02/26 1:55 a.m.8 views

CVE-2022-49180

In the Linux kernel, the following vulnerability has been resolved: LSM: general protection fault in legacyparseparam The usual LSM hook "bail on fail" scheme doesn't work for cases where a security module may return an error code indicating that it does not recognize an input. In this particular...

5.5CVSS5.4AI score0.00253EPSS
Exploits0
CVE
CVE
added 2025/01/31 11:25 a.m.144 views

CVE-2025-21680

The CVE-2025-21680 issue affects the Linux kernel’s pktgen code, specifically get_imix_entries, where an insufficient boundary check on the imix_entries array allows out-of-bounds access when a large number of imix entries are passed. This leads to UBSAN reported array-index-out-of-bounds in net/...

7.8CVSS7AI score0.00208EPSS
Exploits0References6Affected Software1
CVE
CVE
added 2024/12/27 2:51 p.m.139 views

CVE-2024-56625

CVE-2024-56625 refers to a Linux kernel issue where the can: dev: can_set_termination() implementation used gpiod_set_value() to drive a GPIO behind a sleep-capable expander, which can sleep. The root cause is the use of gpiod_set_value() in the GPIO termination patch, triggering a warning when t...

5.5CVSS6.5AI score0.00203EPSS
Exploits0References6Affected Software1
Cvelist
Cvelist
added 2024/12/24 11:28 a.m.18 views

CVE-2024-53146 NFSD: Prevent a potential integer overflow

In the Linux kernel, the following vulnerability has been resolved: NFSD: Prevent a potential integer overflow If the tag length is = U32MAX - 3 then the "length + 4" addition can result in an integer overflow. Address this by splitting the decoding into several steps so that decodecbcompound4res...

0.00225EPSS
Exploits0References9
Vulnrichment
Vulnrichment
added 2024/04/17 9:43 a.m.21 views

CVE-2024-26828 cifs: fix underflow in parse_server_interfaces()

In the Linux kernel, the following vulnerability has been resolved: cifs: fix underflow in parseserverinterfaces In this loop, we step through the buffer and after each item we check if the sizeleft is greater than the minimum size we need. However, the problem is that "bytesleft" is type ssizet...

7.1AI score0.00407EPSS
Exploits0References4
Rows per page
Query Builder