Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54298

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: quarkdts: fix error pointer dereference If allocsocdts fails, then we can just return. Trying to free "socdts" will lead to an Oops...

5.9AI score0.00176EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2022-50860

In the Linux kernel, the following vulnerability has been resolved: apparmor: Fix memleak in allocns After changes in commit a1bd627b46d1 "apparmor: share profile name on replacement", the hname member of struct aapolicy is not valid slab object, but a subset of that, it can not be freed by...

5.9AI score0.00206EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54210

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcisync: Avoid use-after-free in dbg for hciremoveadvmonitor KASAN reports that there's a use-after-free in hciremoveadvmonitor. Trawling through the disassembly, you can see that the complaint is from the access in...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54188

In the Linux kernel, the following vulnerability has been resolved: dmaengine: apple-admac: Fix 'currenttx' not getting freed In terminateall we should queue up all submitted descriptors to be freed. We do that for the content of the 'issued' and 'submitted' lists, but the 'currenttx' descriptor...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54180

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle case when repair happens with dev-replace BUG There is a bug report that a BUGON in btrfsrepairiofailure originally repairiofailure in v6.0 kernel got triggered when replacing a unreliable disk: BTRFS warning device...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54187

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix potential corruption when moving a directory F2FS has the same issue in ext4rename causing crash revealed by xfstests/generic/707. See also commit 0813299c586b "ext4: Fix possible corruption when moving a directory"...

5.9AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54279

In the Linux kernel, the following vulnerability has been resolved: MIPS: fw: Allow firmware to pass a empty env fwgetenv will use env entry to determine style of env, however it is legal for firmware to just pass a empty list. Check if first entry exist before running strchr to avoid null pointe...

5.9AI score0.00196EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54313

In the Linux kernel, the following vulnerability has been resolved: ovl: fix null pointer dereference in ovlgetaclrcu Following process: P1 P2 pathopenat linkpathwalk maylookup inodepermissionrcu ovlpermission aclpermissioncheck checkacl getcachedaclrcu ovlgetinodeacl realinode =...

5.7AI score0.00163EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•8 views

CVE-2023-54317

In the Linux kernel, the following vulnerability has been resolved: dm flakey: don't corrupt the zero page When we need to zero some range on a block device, the function blkdevissuezeropages submits a write bio with the bio vector pointing to the zero page. If we use dm-flakey with corrupt bio...

5.9AI score0.00188EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•9 views

CVE-2023-54270

In the Linux kernel, the following vulnerability has been resolved: media: usb: siano: Fix use after free bugs caused by dosubmiturb There are UAF bugs caused by dosubmiturb. One of the KASan reports is shown below: 36.403605 BUG: KASAN: use-after-free in workerthread+0x4a2/0x890 36.406105 Read o...

6.2AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54239

In the Linux kernel, the following vulnerability has been resolved: iommufd: Check for uptr overflow syzkaller found that setting up a map with a user VA that wraps past zero can trigger WARNONs, particularly from pinuserpages weirdly returning 0 due to invalid arguments. Prevent creating a pages...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54287

In the Linux kernel, the following vulnerability has been resolved: tty: serial: imx: disable Ageing Timer interrupt request irq There maybe pending USR interrupt before requesting irq, however uartaddoneport has not executed, so there will be kernel panic: 0.795668 Unable to handle kernel NULL...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54278

In the Linux kernel, the following vulnerability has been resolved: s390/vmem: split pages when debug pagealloc is enabled Since commit bb1520d581a3 "s390/mm: start kernel with DAT enabled" the kernel crashes early during boot when debug pagealloc is enabled: mem auto-init: stack:off, heap...

5.8AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54314

In the Linux kernel, the following vulnerability has been resolved: media: af9005: Fix null-ptr-deref in af9005i2cxfer In af9005i2cxfer, msg is controlled by user. When msgi.buf is null and msgi.len is zero, former checks on msgi.buf would be passed. Malicious data finally reach af9005i2cxfer. If...

5.9AI score0.00165EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54232

In the Linux kernel, the following vulnerability has been resolved: m68k: Only force 030 bus error if PC not in exception table getkernelnofault does copy data in supervisor mode when forcing a task backtrace log through /proc/sysrqtrigger. This is expected cause a bus error exception on e.g. NUL...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54262

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Don't clone flow post action attributes second time The code already clones post action attributes in mlx5ecloneflowattrforpostact. Creating another copy in mlx5etcpostactadd is a erroneous leftover from original...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54179

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Array index may go out of bound Klocwork reports array 'vha-hoststr' of size 16 may use index values 16..19. Use snprintf instead of sprintf...

6.1AI score0.00173EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54199

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Fix null ptr access in adrenogpucleanup Fix the below kernel panic due to null pointer access: 18.504431 Unable to handle kernel NULL pointer dereference at virtual address 0000000000000048 18.513464 Mem abort inf...

5.9AI score0.00173EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•6 views

CVE-2023-54231

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix memory leak in wxsetuprxresources When wxallocpagepool failed in wxsetuprxresources, it doesn't release DMA buffer. Add dmafreecoherent in the error path to release the DMA buffer...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2022-50865

In the Linux kernel, the following vulnerability has been resolved: tcp: fix a signed-integer-overflow bug in tcpaddbacklog The type of skrcvbuf and sksndbuf in struct sock is int, and in tcpaddbacklog, the variable limit is caculated by adding skrcvbuf, sksndbuf and 64 1024, it may exceed the ma...

6.3AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54271

In the Linux kernel, the following vulnerability has been resolved: blk-cgroup: Fix NULL deref caused by blkgpolicydata being installed before init blk-iocost sometimes causes the following crash: BUG: kernel NULL pointer dereference, address: 00000000000000e0 ... RIP: 0010:rawspinlock+0x17/0x30...

5.7AI score0.00168EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54273

In the Linux kernel, the following vulnerability has been resolved: xfrm: Fix leak of dev tracker At the stage of direction checks, the netdev reference tracker is already initialized, but released with wrong put call...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54309

In the Linux kernel, the following vulnerability has been resolved: tpm: tpmvtpmproxy: fix a race condition in /dev/vtpmx creation /dev/vtpmx is made visible before 'workqueue' is initialized, which can lead to a memory corruption in the worst case scenario. Address this by initializing 'workqueu...

5.9AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2022-50866

In the Linux kernel, the following vulnerability has been resolved: ASoC: pxa: fix null-pointer dereference in filter kasprintf would return NULL pointer when kmalloc fail to allocate. Need to check the return pointer before calling strcmp...

5.9AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2023-54285

In the Linux kernel, the following vulnerability has been resolved: iomap: Fix possible overflow condition in iomapwritedelallocscan folionextindex returns an unsigned long value which left shifted by PAGESHIFT could possibly cause an overflow on 32-bit system. Instead use folioposfolio +...

7.8CVSS6.7AI score0.00161EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54249

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: ep: Only send -ENOTCONN status if client driver is available For the STOP and RESET commands, only send the channel disconnect status -ENOTCONN if client driver is available. Otherwise, it will result in null pointer...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54326

In the Linux kernel, the following vulnerability has been resolved: misc: pciendpointtest: Free IRQs before removing the device In pciendpointtestremove, freeing the IRQs after removing the device creates a small race window for IRQs to be received with the test device memory already released,...

5.8AI score0.00176EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54228

In the Linux kernel, the following vulnerability has been resolved: regulator: raa215300: Fix resource leak in case of error The clkregisterclkdev allocates memory by calling vclkdevalloc and this memory is not freed in the error path. Similarly, resources allocated by clkregisterfixedrate are no...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54253

In the Linux kernel, the following vulnerability has been resolved: btrfs: set page extent mapped after readfolio in relocateonepage One of the CI runs triggered the following panic assertion failed: PagePrivatepage && page-private, in fs/btrfs/subpage.c:229 ------------ cut here ------------...

5.8AI score0.00174EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54320

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmc: Fix memory leak in amdpmcstbdebugfsopenv2 Function amdpmcstbdebugfsopenv2 may be called when the STB debug mechanism enabled. When amdpmcsendcmd fails, the 'buf' needs to be released...

6.2AI score0.00159EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54284

In the Linux kernel, the following vulnerability has been resolved: media: av7110: prevent underflow in writetstodecoder The buf4 value comes from the user via tsplay. It is a value in the u8 range. The final length we pass to av7110ipackinstantrepack is "len - buf4 + 1 - 4" so add a check to...

5.9AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54217

In the Linux kernel, the following vulnerability has been resolved: Revert "drm/msm: Add missing check and destroy for allocorderedworkqueue" This reverts commit 643b7d0869cc7f1f7a5ac7ca6bd25d88f54e31d0. A recent patch that tried to fix up the msmdrminit paths with respect to the workqueue but on...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54281

In the Linux kernel, the following vulnerability has been resolved: btrfs: release path before inode lookup during the ino lookup ioctl During the ino lookup ioctl we can end up calling btrfsiget to get an inode reference while we are holding on a root's btree. If btrfsiget needs to lookup the...

5.9AI score0.00168EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54204

In the Linux kernel, the following vulnerability has been resolved: mmc: sunplus: fix return value check of mmcaddhost mmcaddhost may return error, if we ignore its return value, 1. the memory allocated in mmcallochost will be leaked 2. null-ptr-deref will happen when calling mmcremovehost in...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54286

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dvm: Fix memcpy: detected field-spanning write backtrace A received TKIP key may be up to 32 bytes because it may contain MIC rx/tx keys too. These are not used by iwl and copying these over overflows the...

5.8AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54310

In the Linux kernel, the following vulnerability has been resolved: scsi: message: mptlan: Fix use after free bug in mptlanremove due to race condition mptlanprobe calls mptregisterlandevice which initializes the &priv-postbucketstask workqueue. A call to mptlanwakepostbucketstask will subsequent...

5.8AI score0.00185EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2022-50861

In the Linux kernel, the following vulnerability has been resolved: NFSD: Finish converting the NFSv2 GETACL result encoder The xdrstream conversion inadvertently left some code that set the pagelen of the send buffer. The XDR stream encoders should handle this automatically now. This oversight...

5.8AI score0.002EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•1 views

CVE-2023-54219

In the Linux kernel, the following vulnerability has been resolved: Revert "IB/isert: Fix incorrect release of isert connection" Commit: 699826f4e30a "IB/isert: Fix incorrect release of isert connection" is causing problems on OPA when DEVICEREMOVAL is happening. ------------ cut here -----------...

5.7AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54300

In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: avoid referencing uninit memory in ath9kwmictrlrx For the reasons also described in commit b383e8abed41 "wifi: ath9k: avoid uninit memory read in ath9khtcrxmsg", ath9khtcrxmsg should validate pktlen before accessing...

5.9AI score0.00195EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54182

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to check readonly condition correctly With below case, it can mount multi-device image w/ rw option, however one of secondary device is set as ro, later update will cause panic, so let's introduce f2fsdevisreadonly, and...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•5 views

CVE-2023-54280

In the Linux kernel, the following vulnerability has been resolved: cifs: fix potential race when tree connecting ipc Protect access of TCPServerInfo::hostname when building the ipc tree name as it might get freed in cifsd thread and thus causing an use-after-free bug in treeconnectdfstarget. Als...

5.7AI score0.00167EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54238

In the Linux kernel, the following vulnerability has been resolved: mlx5: fix skb leak while fifo resync and push During ptp resync operation SKBs were poped from the fifo but were never freed neither by napiconsume nor by devkfreeskbany. Add call to napiconsumeskb to properly free SKBs. Another...

5.7AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•4 views

CVE-2023-54227

In the Linux kernel, the following vulnerability has been resolved: blk-mq: fix tags leak when shrink nrhwqueues Although we don't need to realloc set-tags when shrink nrhwqueues, we need to free them. Or these tags will be leaked. How to reproduce: 1. mount -t configfs configfs /mnt 2. modprobe...

5.7AI score0.00156EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54174

In the Linux kernel, the following vulnerability has been resolved: vfio: Fix NULL pointer dereference caused by uninitialized group-iommufd group-iommufd is not initialized for the iommufdctxput 20018.331541 BUG: kernel NULL pointer dereference, address: 0000000000000000 20018.377508 RIP:...

5.7AI score0.00155EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•2 views

CVE-2023-54303

In the Linux kernel, the following vulnerability has been resolved: bpf: Disable preemption in bpfperfeventoutput The nesting protection in bpfperfeventoutput relies on disabled preemption, which is guaranteed for kprobes and tracepoints. However bpfperfeventoutput can be also called from uprobes...

5.8AI score0.00166EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54323

In the Linux kernel, the following vulnerability has been resolved: cxl/pmem: Fix nvdimm registration races A loop of the form: while true; do modprobe cxlpci; modprobe -r cxlpci; done ...fails with the following crash signature: BUG: kernel NULL pointer dereference, address: 0000000000000040...

5.7AI score0.00169EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2022-50875

In the Linux kernel, the following vulnerability has been resolved: of: overlay: fix null pointer dereferencing in finddupcsetnodeentry and finddupcsetprop When kmalloc fail to allocate memory in kasprintf, fn1 or fn2 will be NULL, and strcmp will cause null pointer dereference...

5.9AI score0.00173EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54221

In the Linux kernel, the following vulnerability has been resolved: clk: imx93: fix memory leak and missing unwind goto in imx93clocksprobe In function probe, it returns directly without unregistered hws when error occurs. Fix this by adding 'goto unregisterhws;' on line 295 and line 310. Use...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54252

In the Linux kernel, the following vulnerability has been resolved: platform/x86: think-lmi: Fix memory leaks when parsing ThinkStation WMI strings My previous commit introduced a memory leak where the item allocated from tlmisetting was not freed. This commit also renames it to avoid confusion...

5.7AI score0.00168EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/12/30 1:16 p.m.•3 views

CVE-2023-54207

In the Linux kernel, the following vulnerability has been resolved: HID: uclogic: Correct devm device reference for hidinput inputdev name Reference the HID device rather than the input device for the devm allocation of the inputdev name. Referencing the inputdev would lead to a use-after-free wh...

7.8CVSS6.6AI score0.0013EPSS
Exploits0References19
Total number of security vulnerabilities68528