Lucene search
K

37 matches found

CVE
CVE
added 2025/02/27 2:18 a.m.157 views

CVE-2025-21761

CVE-2025-21761 affects the Linux kernel/Open vSwitch area. The root cause is that ovs_vport_cmd_fill_info() could be invoked without RTNL or RCU, risking a use-after-free. The fix adds RCU protection and uses dev_net_rcu() to prevent UAF. This is a kernel-level issue with potential impact describ...

7.8CVSS6.5AI score0.00232EPSS
Exploits0References11Affected Software1
OSV
OSV
added 2024/12/02 9:14 a.m.11 views

SUSE-SU-2024:4122-1 Security update for the Linux Kernel RT (Live Patch 10 for SLE 15 SP5)

This update for the Linux Kernel 5.14.21-1505001335 fixes several issues. The following security issues were fixed: - CVE-2021-47517: Fix panic when interrupt coaleceing is set via ethtool bsc1225429. - CVE-2024-36904: tcp: Use refcountincnotzero in tcptwskunique bsc1225733. - CVE-2024-43861: Fix...

7.8CVSS8.5AI score0.0094EPSS
Exploits1References69
NVD
NVD
added 2024/10/21 8:15 p.m.13 views

CVE-2022-48960

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2rx The skb is delivered to napigroreceive which may free it, after calling this, dereferencing skb may trigger use-after-free...

7.8CVSS0.00238EPSS
Exploits0References8
CVE
CVE
added 2024/10/21 8:6 p.m.114 views

CVE-2022-49015

The CVE-2022-49015 entry concerns a Linux kernel use-after-free in the net: hsr path. The issue arises when a socket buffer (skb) delivered to netif_rx() may be freed, and subsequent dereferencing of skb could trigger a UAF. Affects the Linux kernel’s hsr subsystem (net: hsr) and is tied to skb l...

7.8CVSS7.3AI score0.00251EPSS
Exploits0References8Affected Software1
NVD
NVD
added 2024/10/21 1:15 p.m.14 views

CVE-2024-47732

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix potential use after free bug The freedevicecompressionmodeiaadevice, devicemode function frees "devicemode" but it iss passed to iaacompressionmodesi-free a few lines later resulting in a use after free. The goo...

5.5CVSS0.00223EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2024/06/20 12:0 a.m.21 views

CVE-2022-48754

In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 "phylib: Add device reset GPIO support" added call to phydeviceresetphydev after the putdevice call in phydetach. The comment before the putdevice call says that the phydev...

8.4CVSS6.3AI score0.00233EPSS
Exploits0References8
Cvelist
Cvelist
added 2024/05/21 3:31 p.m.29 views

CVE-2023-52800 wifi: ath11k: fix htt pktlog locking

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix htt pktlog locking The ath11k active pdevs are protected by RCU but the htt pktlog handling code calling ath11kmacgetarbypdevid was not marked as a read-side critical section. Mark the code in question as an RCU...

6.6AI score0.00227EPSS
Exploits0References6
Debian CVE
Debian CVE
added 2024/05/21 3:30 p.m.19 views

CVE-2023-52769

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix htt mlo-offset event locking The ath12k active pdevs are protected by RCU but the htt mlo-offset event handling code calling ath12kmacgetarbypdevid was not marked as a read-side critical section. Mark the code i...

7.8CVSS6.6AI score0.00238EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/04/18 10:0 a.m.41 views

CVE-2024-3857

The Mozilla Foundation Security Advisory describes this flaw as: The JIT created incorrect code for arguments in certain cases. This led to potential use-after-free crashes during garbage collection...

7.5CVSS6.9AI score0.00243EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2024/04/18 12:0 a.m.32 views

RHEL 7 : firefox (RHSA-2024:1910)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1910 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.5AI score0.00847EPSS
Exploits2References17
Debian CVE
Debian CVE
added 2024/04/17 10:27 a.m.17 views

CVE-2024-26866

In the Linux kernel, the following vulnerability has been resolved: spi: lpspi: Avoid potential use-after-free in probe fsllpspiprobe is allocating/disposing memory manually with spiallochost/spialloctarget, but uses devmspiregistercontroller. In case of error after the latter call the memory wil...

5.5CVSS6.6AI score0.00216EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2024/03/03 10:1 a.m.19 views

CVE-2021-47081

A use-after-free vulnerability was found in the Linux kernel, which affects the gaudi component and is caused by a reference attempt cb-id, which may have been previously freed during a call to the hlcbput function...

4.4CVSS7.4AI score0.00231EPSS
Exploits0References4
Cvelist
Cvelist
added 2024/03/01 9:15 p.m.22 views

CVE-2021-47081 habanalabs/gaudi: Fix a potential use after free in gaudi_memset_device_memory

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...

7.1AI score0.00231EPSS
Exploits0References2
Debian CVE
Debian CVE
added 2024/03/01 9:15 p.m.25 views

CVE-2021-47081

In the Linux kernel, the following vulnerability has been resolved: habanalabs/gaudi: Fix a potential use after free in gaudimemsetdevicememory Our code analyzer reported a uaf. In gaudimemsetdevicememory, cb is get via hlcbkernelcreate with 2 refcount. If hlcsallocatejob failed, the execution ru...

7.8CVSS5.8AI score0.00231EPSS
Exploits0
CloudLinux
CloudLinux
added 2024/02/29 11:6 a.m.53 views

kernel: Fix of 7 CVEs

KVM: nSVM: avoid picking up unsupported bits from L2 in intctl CVE-2021-3653 CVE-2021-3653 - xen/netfront: fix leaking data in shared pages CVE-2022-33740 - xfs: fix up non-directory creation in SGID directories CVE-2021-4037 - netsched: clsroute: remove from list when handle is 0 CVE-2022-2588 -...

8.8CVSS7.3AI score0.06214EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2024/02/27 7:4 p.m.14 views

CVE-2021-46973

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: Avoid potential use after free in MHI send It is possible that the MHI ulcallback will be invoked immediately following the queueing of the skb for transmission, leading to the callback decrementing the refcount of the...

8.4CVSS5.9AI score0.00236EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/02/26 5:20 p.m.25 views

CVE-2019-25162 i2c: Fix a potential use after free

In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after we are done using it. This patch just moves the putdevice down a bit to avoid the use after free. wsa: added comment to the code, added Fixes tag...

7.2AI score0.00378EPSS
Exploits0References8
Tenable Nessus
Tenable Nessus
added 2023/07/13 12:0 a.m.28 views

RHEL 8 : firefox (RHSA-2023:4075)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2023:4075 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox...

8.8CVSS7.9AI score0.00696EPSS
Exploits0References12
OSV
OSV
added 2023/01/17 4:28 p.m.4 views

GSD-2023-1000350 net: hisilicon: Fix potential use-after-free in hix5hd2_rx()

net: hisilicon: Fix potential use-after-free in hix5hd2rx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.302 by commit...

7.3AI score
Exploits0
OSV
OSV
added 2023/01/17 4:24 p.m.11 views

GSD-2023-1000317 net: hisilicon: Fix potential use-after-free in hisi_femac_rx()

net: hisilicon: Fix potential use-after-free in hisifemacrx This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.269 by commit...

7.3AI score
Exploits0
Rows per page
Query Builder