Lucene search
K

1534 matches found

OSV
OSV
added 2025/01/31 12:15 p.m.9 views

AZL-56327 CVE-2025-21672 affecting package kernel 6.6.126.1-1

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.3AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 12:15 p.m.10 views

AZL-56285 CVE-2025-21672 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.6AI score0.00136EPSS
Exploits0References1
OSV
OSV
added 2025/01/31 12:15 p.m.2 views

UBUNTU-CVE-2025-21672

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace1. This is because if argc is less than 0 and the function returns directly, the held inode lock is not released. Fix this by...

5.5CVSS6.2AI score0.00136EPSS
Exploits0References15
CVE
CVE
added 2025/01/31 11:25 a.m.146 views

CVE-2025-21672

CVE-2025-21672 concerns the Linux kernel, specifically the afs module, where a fix guards against a lock being left held when returning to userspace. The root cause is described as a scenario where if argc is less than 0 and a function returns directly, an inode mutex lock is not released. The pa...

5.5CVSS6.9AI score0.00136EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2025/01/30 5:15 a.m.9 views

CVE-2025-0662

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

4.9CVSS0.00348EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/01/30 4:49 a.m.16 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

0.00348EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/01/30 4:49 a.m.5 views

CVE-2025-0662 Uninitialized kernel memory disclosure via ktrace(2)

In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14 uninitialized bytes of...

4.8AI score0.00348EPSS
Exploits0References1
CVE
CVE
added 2025/01/30 4:49 a.m.62 views

CVE-2025-0662

CVE-2025-0662 affects FreeBSD ktrace(2): the facility can log kernel structures to userspace and, in one case, dump a variable-sized sockaddr, copying the full sockaddr even when shorter, leaking up to 14 uninitialized bytes of kernel memory from a heap allocation to userspace. The issue is explo...

4.9CVSS6.2AI score0.00348EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/01/30 12:0 a.m.8 views

FreeBSD : FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2) (2830b374-debd-11ef-87ba-002590c1f29c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 2830b374-debd-11ef-87ba-002590c1f29c advisory. In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such...

4.9CVSS5.6AI score0.00348EPSS
Exploits0References2
FreeBSD
FreeBSD
added 2025/01/29 12:0 a.m.14 views

FreeBSD -- Uninitialized kernel memory disclosure via ktrace(2)

Problem Description: In some cases, the ktrace facility will log the contents of kernel structures to userspace. In one such case, ktrace dumps a variable-sized sockaddr to userspace. There, the full sockaddr is copied, even when it is shorter than the full size. This can result in up to 14...

4.9CVSS6.9AI score0.00348EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/01/20 5:51 a.m.6 views

CVE-2024-57911

In the Linux kernel, the following vulnerability has been resolved: iio: dummy: iiosimplydummybuffer: fix information leak in triggered buffer The 'data' array is allocated via kmalloc and it is used to push data to user space from a triggered buffer, but it does not set values for inactive...

5.5CVSS6.8AI score0.00214EPSS
Exploits0References4
OSV
OSV
added 2025/01/19 12:15 p.m.1 views

UBUNTU-CVE-2024-57907

In the Linux kernel, the following vulnerability has been resolved: iio: adc: rockchipsaradc: fix information leak in triggered buffer The 'data' local struct is used to push data to user space from a triggered buffer, but it does not set values for inactive channels, as it only uses...

7.1CVSS6.3AI score0.0021EPSS
Exploits0References33
OSV
OSV
added 2025/01/19 12:15 p.m.4 views

UBUNTU-CVE-2024-57912

In the Linux kernel, the following vulnerability has been resolved: iio: pressure: zpa2326: fix information leak in triggered buffer The 'sample' local struct is used to push data to user space from a triggered buffer, but it has a hole between the temperature and the timestamp u32 pressure, u16...

7.1CVSS6.4AI score0.00214EPSS
Exploits0References45
CVE
CVE
added 2025/01/19 11:52 a.m.54 views

CVE-2024-57909

CVE-2024-57909 – Linux kernel iio bh1745 information leak : The vulnerability occurs in the IIO light driver (bh1745) where the ‘scan’ local struct used to push data to userspace from a triggered buffer is not initialized for inactive channels, since the code only uses iio_for_each_active_channel...

7.1CVSS6.1AI score0.00234EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2025/01/19 11:52 a.m.165 views

CVE-2024-57908

CVE-2024-57908 affects the Linux kernel’s IIO KMX61 driver (iio: imu: kmx61). The vulnerability arises from using a local buffer to push data to userspace from a triggered buffer without initializing inactive channels, potentially leaking information. The documented fix is to initialize the buffe...

7.1CVSS6.1AI score0.00214EPSS
Exploits0References9Affected Software1
RedhatCVE
RedhatCVE
added 2025/01/08 2:0 p.m.9 views

CVE-2024-56538

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpkms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an...

7.8CVSS6.8AI score0.0022EPSS
Exploits0References4
OSV
OSV
added 2025/01/06 2:27 p.m.11 views

USN-7154-2 linux-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - MIPS architecture; - PowerPC architecture; - RISC-V architecture; - S390 architecture; -...

8.8CVSS6.7AI score0.00879EPSS
Exploits12References403
RedhatCVE
RedhatCVE
added 2024/12/29 2:28 p.m.13 views

CVE-2024-53195

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Get rid of userspaceirqchipinuse Improper use of userspaceirqchipinuse led to syzbot hitting the following WARNON in kvmtimerupdateirq: WARNING: CPU: 0 PID: 3281 at arch/arm64/kvm/archtimer.c:459...

5.5CVSS6.9AI score0.00213EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/12/28 3:49 a.m.3 views

SUSE CVE-2024-56538

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpkms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an...

5.5CVSS7.7AI score0.0022EPSS
Exploits0References13
NVD
NVD
added 2024/12/27 2:15 p.m.13 views

CVE-2024-56538

In the Linux kernel, the following vulnerability has been resolved: drm: zynqmpkms: Unplug DRM device before removal Prevent userspace accesses to the DRM device from causing use-after-frees by unplugging the device before we remove it. This causes any further userspace accesses to result in an...

7.8CVSS0.0022EPSS
Exploits0References4
Rows per page
Query Builder