CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

CVE•added 2025/06/18 9:28 a.m.•70 views

CVE-2025-38016

CVE-2025-38016 (Linux kernel, HID: bpf: abort dispatch if device destroyed) is confirmed in connected sources as a HID subsystem issue in the Linux kernel. The vulnerability stems from HID-BPF dispatch when a HID device is destroyed: after hid_bpf_destroy_device(), a cleaned-up SRCU can be access...

5.5CVSS6.7AI score0.00157EPSS

Exploits0References3Affected Software1

AstraLinux•added 2025/06/16 11:28 a.m.•2 views

Astra Linux – Vulnerability found in Linux 6.1, Linux 6.12

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquiring SRCU in KVMGETMPSTATE to protect guest memory accesses Acquiring a lock on kvm-srcu when userspace is obtaining the MP state can lead to a severe edge case where processing APIC events, such as during pending...

5.5CVSS5.6AI score0.00161EPSS

Exploits0References3

NVD•added 2025/05/01 1:15 p.m.•4 views

CVE-2025-23141

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Acquire SRCU in KVMGETMPSTATE to protect guest memory accesses Acquire a lock on kvm-srcu when userspace is getting MP state to handle a rather extreme edge case where "accepting" APIC events, i.e. processing pending IN...

5.5CVSS0.00161EPSS

Exploits0References8

OSV•added 2025/05/01 1:15 p.m.•1 views

DEBIAN-CVE-2025-23141

5.5CVSS5.4AI score0.00161EPSS

Exploits0References1

OSV•added 2025/05/01 1:15 p.m.•2 views

AZL-69662 CVE-2025-23141 affecting package kernel 5.15.200.1-1

5.5CVSS6.1AI score0.00161EPSS

Exploits0References1

OSV•added 2025/05/01 1:15 p.m.•0 views

UBUNTU-CVE-2025-23141

5.5CVSS6.1AI score0.00161EPSS

Exploits0References28

CVE•added 2025/05/01 12:55 p.m.•126 views

CVE-2025-23141

CVE-2025-23141 affects the Linux kernel with KVM on x86. The vulnerability arises from acquiring SRCU in KVM_GET_MP_STATE to protect guest memory accesses during a window where APIC events (INIT/SIPI) and a pending triple_fault can trigger nested VM-exits, potentially allowing guest memory access...

5.5CVSS6.2AI score0.00161EPSS

Exploits0References8Affected Software1

Cvelist•added 2025/05/01 12:55 p.m.•12 views

CVE-2025-23141 KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses

0.00161EPSS

Exploits0References7

Debian CVE•added 2025/05/01 12:55 p.m.•7 views

CVE-2025-23141

5.5CVSS5.3AI score0.00161EPSS

Exploits0

Tenable Nessus•added 2025/03/05 12:0 a.m.•5 views

Linux Distros Unpatched Vulnerability : CVE-2024-47744

"The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: KVM: Use dedicated mutex to protect kvmusagecount to avoid deadlock Use a dedicated mutex t...

5.5CVSS5.8AI score0.00166EPSS

Exploits0References2

SUSE CVE•added 2025/02/27 3:3 a.m.•0 views

SUSE CVE-2022-49651

In the Linux kernel, the following vulnerability has been resolved: srcu: Tighten cleanupsrcustruct GP checks Currently, cleanupsrcustruct checks for a grace period in progress, but it does not check for a grace period that has not yet started but which might start at any time. Such a situation...

7CVSS7.6AI score0.00235EPSS

Exploits0References4

OSV•added 2025/02/26 7:1 a.m.•0 views

UBUNTU-CVE-2022-49651

7.8CVSS6.1AI score0.00235EPSS

Exploits0References5

CVE•added 2025/02/26 2:23 a.m.•151 views

CVE-2022-49651

CVE-2022-49651 affects the Linux kernel. The advisory states that cleanup_srcu_struct() now checks for a grace period that is started but not yet started, addressing a potential use-after-free (UAF). It is resolved by a commit tightening GP checks in cleanup_srcu_struct(), with references to kern...

7.8CVSS5.3AI score0.00235EPSS

Exploits0References2Affected Software1

Debian CVE•added 2025/02/26 2:23 a.m.•7 views

CVE-2022-49651

7.8CVSS5.4AI score0.00235EPSS

Exploits0

SUSE Linux•added 2024/11/27 2:22 p.m.•4 views

Security update for the Linux Kernel

The SUSE Linux Enterprise 15 SP3 RT kernel was updated to receive various security bugfixes. The following security bugs were fixed: CVE-2022-48956: ipv6: avoid use-after-free in ip6fragment bsc1231893. CVE-2022-48960: net: hisilicon: Fix potential use-after-free in hix5hd2rx bsc1231979...

9.2CVSS8.3AI score0.03651EPSS

Exploits3References222

RedHat Linux•added 2024/11/12 9:11 a.m.•2 views

kernel: drm/amdkfd: lock dependency warning with srcu

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix lock dependency warning with srcu ====================================================== WARNING: possible circular locking dependency detected 6.5.0-kfd-yangp 2289 Not tainted...

5.5CVSS6.8AI score0.00168EPSS

Exploits0References5

CVE•added 2024/11/05 5:10 p.m.•98 views

CVE-2024-50114

CVE-2024-50114 affects Linux kernel KVM on arm64. The flaw originates in the vCPU teardown path when a failed vCPU creation leads to an MMIO redistributor being unregistered, triggering a use-after-free in kvm_put_kvm during VM teardown. The root cause is improper teardown ordering that could all...

7.8CVSS6.5AI score0.00227EPSS

Exploits0References2Affected Software1

OSV•added 2024/10/21 8:15 p.m.•0 views

DEBIAN-CVE-2022-49003

In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvmenshead list Walking the nvmenshead siblings list is protected by the head's srcu in nvmensheadsubmitbio but not nvmempathrevalidatepaths. Removing namespaces from the list also fails to synchroniz...

4.7CVSS4.8AI score0.00229EPSS

Exploits0References1