Lucene search
K

231 matches found

CVE
CVE
added 2025/05/20 4:47 p.m.105 views

CVE-2025-37973

CVE-2025-37973 affects the Linux kernel Wi-Fi stack, specifically the cfg80211 defragmentation logic for multi-link elements. The issue is a miscalculation during multi-link element defragmentation that adds the MLE length to the total IEs length, which can cause an out-of-bounds access if the ML...

7.1CVSS6.5AI score0.00153EPSS
Exploits0References4Affected Software1
OSV
OSV
added 2025/05/20 4:47 p.m.7 views

CVE-2025-37969 iio: imu: st_lsm6dsx: fix possible lockup in st_lsm6dsx_read_tagged_fifo

In the Linux kernel, the following vulnerability has been resolved: iio: imu: stlsm6dsx: fix possible lockup in stlsm6dsxreadtaggedfifo Prevent stlsm6dsxreadtaggedfifo from falling in an infinite loop in case patternlen is equal to zero and the device FIFO is not empty...

5.5CVSS6.4AI score0.00127EPSS
Exploits0References13
NVD
NVD
added 2025/05/20 4:15 p.m.7 views

CVE-2025-37917

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll Use spinlockirqsave and spinunlockirqrestore instead of spinlock and spinunlock in mtkstaremac driver to avoid spinlock recursion occurrence that can happe...

5.5CVSS0.0016EPSS
Exploits0References8
OSV
OSV
added 2025/05/20 3:21 p.m.6 views

CVE-2025-37906 ublk: fix race between io_uring_cmd_complete_in_task and ublk_cancel_cmd

In the Linux kernel, the following vulnerability has been resolved: ublk: fix race between iouringcmdcompleteintask and ublkcancelcmd ublkcancelcmd calls iouringcmddone to complete uringcmd, but we may have scheduled task work via iouringcmdcompleteintask for dispatching request, then kernel cras...

4.7CVSS6.5AI score0.00106EPSS
Exploits0References5
NVD
NVD
added 2025/05/02 4:15 p.m.10 views

CVE-2023-53054

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: fix a devres leak in hwenable upon suspend resume Each time the platform goes to low power, PM suspend / resume routines call: dwc2lowlevelhwenable - devmaddactionorreset. This adds a new devres each time. This may als...

5.5CVSS0.00169EPSS
Exploits0References5
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.16 views

CVE-2023-53111 loop: Fix use-after-free issues

In the Linux kernel, the following vulnerability has been resolved: loop: Fix use-after-free issues doreqfilebacked calls blkmqcompleterequest synchronously or asynchronously when using asynchronous I/O unless memory allocation fails. Hence, modify loophandlecmd such that it does not dereference...

0.0017EPSS
Exploits0References4
Cvelist
Cvelist
added 2025/05/02 3:55 p.m.11 views

CVE-2023-53048 usb: typec: tcpm: fix warning when handle discover_identity message

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: fix warning when handle discoveridentity message Since both source and sink device can send discoveridentity message in PD3, kernel may dump below warning: ------------ cut here ------------ WARNING: CPU: 0 PID:...

0.00165EPSS
Exploits0References4
OSV
OSV
added 2025/05/02 2:16 p.m.17 views

CVE-2025-37797 net_sched: hfsc: Fix a UAF vulnerability in class handling

In the Linux kernel, the following vulnerability has been resolved: netsched: hfsc: Fix a UAF vulnerability in class handling This patch fixes a Use-After-Free vulnerability in the HFSC qdisc class handling. The issue occurs due to a time-of-check/time-of-use condition in hfscchangeclass when...

7.8CVSS6.2AI score0.00174EPSS
Exploits0References13
OSV
OSV
added 2025/05/01 2:11 p.m.6 views

CVE-2022-49921 net: sched: Fix use after free in red_enqueue()

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in redenqueue We can't use "skb" again after passing it to qdiscenqueue. This is basically identical to commit 2f09707d0c97 "schsfb: Also store skb len before calling child enqueue"...

7.8CVSS6.1AI score0.00159EPSS
Exploits0References11
OSV
OSV
added 2025/05/01 2:10 p.m.8 views

CVE-2022-49898 btrfs: fix tree mod log mishandling of reallocated nodes

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix tree mod log mishandling of reallocated nodes We have been seeing the following panic in production kernel BUG at fs/btrfs/tree-mod-log.c:677! invalid opcode: 0000 1 SMP RIP: 0010:treemodlogrewind+0x1b4/0x200 RSP:...

5.5CVSS6.1AI score0.00164EPSS
Exploits0References6
CVE
CVE
added 2025/05/01 2:10 p.m.77 views

CVE-2022-49869

CVE-2022-49869 (bnxt_en): In the Linux kernel bnxt_hwrm_set_coal() may crash during error recovery because rtnl_lock isn’t held for the entire sequence, allowing freed datastructures. The fix uses BNXT_STATE_OPEN rather than netif_running() to ensure the device is fully operational before reconfi...

5.5CVSS6.4AI score0.00183EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2025/05/01 1:7 p.m.80 views

CVE-2025-37779

CVE-2025-37779 pertains to the Linux kernel. A folio refcount bug in lib/iov_iter caused a UAF when an EROFS file-backed mount over 9P (v9fs) on QEMU was exercised, due to pages in bvec being coalesced across a folio boundary. The root cause was inadequate refcount handling for non-slab folios, p...

5.5CVSS6.4AI score0.0013EPSS
Exploits0References2Affected Software1
OSV
OSV
added 2025/05/01 1:7 p.m.8 views

CVE-2025-37776 ksmbd: fix use-after-free in smb_break_all_levII_oplock()

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in smbbreakalllevIIoplock There is a room in smbbreakalllevIIoplock that can cause racy issues when unlocking in the middle of the loop. This patch use read lock to protect whole loop...

7CVSS6.1AI score0.00149EPSS
Exploits0References7
OSV
OSV
added 2025/05/01 12:55 p.m.9 views

CVE-2025-23157 media: venus: hfi_parser: add check to avoid out of bound access

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfiparser: add check to avoid out of bound access There is a possibility that initcodecs is invoked multiple times during manipulated payload from video firmware. In such case, if codecscount can get incremented to...

7.1CVSS6.1AI score0.0018EPSS
Exploits0References14
CVE
CVE
added 2025/05/01 12:55 p.m.148 views

CVE-2025-23145

CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...

5.5CVSS6.8AI score0.00176EPSS
Exploits0References10Affected Software1
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.11 views

PT-2025-18407 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A bug in the Linux kernel has been resolved, specifically in the arm/crc-t10dif component, where an array was used outside of its scope in the crc t10dif arch function. This issue has...

7.8CVSS7.6AI score0.28222EPSS
Exploits0References678
Positive Technologies
Positive Technologies
added 2025/05/01 12:0 a.m.4 views

PT-2025-18482 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A vulnerability has been resolved in the Linux kernel, specifically in the net/9p module. The issue involves inconsistent lock state in the p9 req put function, which can be caused by...

5AI score0.00124EPSS
Exploits0References15
NVD
NVD
added 2025/04/18 7:15 a.m.18 views

CVE-2025-37785

In the Linux kernel, the following vulnerability has been resolved: ext4: fix OOB read when checking dotdot dir Mounting a corrupted filesystem with directory which contains '.' dir entry with reclen == block size results in out-of-bounds read later on, when the corrupted directory is removed...

7.1CVSS0.0024EPSS
Exploits0References12
NVD
NVD
added 2025/04/16 3:16 p.m.10 views

CVE-2025-22072

In the Linux kernel, the following vulnerability has been resolved: spufs: fix gang directory lifetimes prior to "POWERPC spufs: Fix gang destroy leaks" we used to have a problem with gang lifetimes - creation of a gang returns opened gang directory, which normally gets removed when that gets...

5.5CVSS0.00176EPSS
Exploits0References7
OSV
OSV
added 2025/04/16 2:13 p.m.7 views

CVE-2025-22122 block: fix adding folio to bio

In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepage is supported, then 'offset' of folio can't be held in 'unsigned int', cause warning in bioaddfolionofail and IO failure. Fix it by...

5.5CVSS6AI score0.00162EPSS
Exploits0References6
Rows per page
Query Builder