Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53855

In the Linux kernel, the following vulnerability has been resolved: net: dsa: ocelot: call dsatag8021qunregister under rtnllock on driver remove When the tagging protocol in current use is "ocelot-8021q" and we unbind the driver, we see this splat: $ echo '0000:00:00.2'...

5.7AI score0.00184EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2023-53827

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free in l2capdisconnectreq,rsp Similar to commit d0be8347c623 "Bluetooth: L2CAP: Fix use-after-free caused by l2capchanput", just use l2capchanholdunlesszero to prevent referencing a channel that i...

5.9AI score0.00216EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53833

In the Linux kernel, the following vulnerability has been resolved: drm/i915: Fix NULL ptr deref by checking newcrtcstate intelatomicgetnewcrtcstate can return NULL, unless crtc state wasn't obtained previously with intelatomicgetcrtcstate, so we must check it for NULLness here, just as in many...

5.7AI score0.00203EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.7 views

CVE-2023-53832

In the Linux kernel, the following vulnerability has been resolved: md/raid10: fix null-ptr-deref in raid10syncrequest initresync inits mempool and sets conf-havereplacemnt at the beginning of sync, closesync frees the mempool when sync is completed. After 1 recovery might be skipped and initresy...

5.9AI score0.00216EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2023-53846

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on direct node in truncatednode syzbot reports below bug: BUG: KASAN: slab-use-after-free in f2fstruncatedatablocksrange+0x122a/0x14c0 fs/f2fs/file.c:574 Read of size 4 at addr ffff88802a25c000 by tas...

5.7AI score0.00176EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2023-53852

In the Linux kernel, the following vulnerability has been resolved: nvme-core: fix memory leak in dhchapsecretstore Free dhchapsecret in nvmectrldhchapsecretstore before we return fix following kmemleack:- unreferenced object 0xffff8886376ea800 size 64: comm "check", pid 22048, jiffies 4344316705...

5.7AI score0.00191EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53850

In the Linux kernel, the following vulnerability has been resolved: iavf: use internal state to free traffic IRQs If the system tries to close the netdev while iavfresettask is running, LINKSTATESTART will be cleared and netifrunning will return false in iavfreinitinterruptscheme. This will resul...

5.7AI score0.00189EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2023-53839

In the Linux kernel, the following vulnerability has been resolved: dccp: fix data-race around dp-dccpsmsscache dccpsendmsg reads dp-dccpsmsscache before locking the socket. Same thing in dodccpgetsockopt. Add READONCE/WRITEONCE annotations, and change dccpsendmsg to check again dccpsmsscache aft...

5.9AI score0.00216EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.11 views

CVE-2023-53848

In the Linux kernel, the following vulnerability has been resolved: md/raid5-cache: fix a deadlock in r5lexitlog Commit b13015af94cf "md/raid5-cache: Clear conf-log after finishing work" introduce a new problem: // caller hold reconfigmutex r5lexitlog flushwork&log-disablewritebackwork...

6.3AI score0.00191EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2023-53837

In the Linux kernel, the following vulnerability has been resolved: drm/msm: fix NULL-deref on snapshot tear down In case of early initialisation errors and on platforms that do not use the DPU controller, the deinitilisation code can be called with the kms pointer set to NULL. Patchwork:...

5.8AI score0.002EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2022-50669

In the Linux kernel, the following vulnerability has been resolved: misc: ocxl: fix possible name leak in ocxlfileregisterafu If deviceregister returns error in ocxlfileregisterafu, the name allocated by devsetname need be freed. As comment of deviceregister says, it should use putdevice to give ...

5.9AI score0.00211EPSS
Exploits0References8
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-40331

In the Linux kernel, the following vulnerability has been resolved: sctp: Prevent TOCTOU out-of-bounds write For the following path not holding the sock lock, sctpdiagdump - sctpforeachendpoint - sctpepdump make sure not to exceed bounds in case the address list has grown between buffer allocatio...

6AI score0.00201EPSS
Exploits0References35
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-40341

In the Linux kernel, the following vulnerability has been resolved: futex: Don't leak robustlist pointer on exec race sysgetrobustlist and compatgetrobustlist use ptracemayaccess to check if the calling task is allowed to access another task's robustlist pointer. This check is racy against a...

5.9AI score0.00191EPSS
Exploits0References22
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2023-53820

In the Linux kernel, the following vulnerability has been resolved: loop: loopsetstatusfrominfo check before assignment In loopsetstatusfrominfo, lo-looffset and lo-losizelimit should be checked before reassignment, because if an overflow error occurs, the original correct value will be changed t...

5.8AI score0.00233EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2022-50659

In the Linux kernel, the following vulnerability has been resolved: hwrng: geode - Fix PCI device refcount leak foreachpcidev is implemented by pcigetdevice. The comment of pcigetdevice says that it will increase the reference count for the returned pcidev and also decrease the reference count fo...

5.9AI score0.00233EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2022-50678

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: fix invalid address access when enabling SCAN log level The variable i is changed when setting random MAC address and causes invalid address access when printing the value of pi-reqsi-reqid. We replace reqs index...

5.9AI score0.00216EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.6 views

CVE-2025-40339

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix nullptr err of vmhandlemoved If a amdgpubova is fpriv-prtva, the bo of this one is always NULL. So, such kind of amdgpubova should be updated separately before amdgpuvmhandlemoved...

5.7AI score0.00189EPSS
Exploits0References20
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-40337

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: Correctly handle Rx checksum offload errors The stmmacrx function would previously set skb-ipsummed to CHECKSUMUNNECESSARY if hardware checksum offload CoE was enabled and the packet was of a known IP ethertype...

5.7AI score0.00191EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53845

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix infinite loop in nilfsmdtgetblock If the disk image that nilfs2 mounts is corrupted and a virtual block address obtained by block lookup for a metadata file is invalid, nilfsbmaplookupatlevel may return the same...

5.9AI score0.00217EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2023-53829

In the Linux kernel, the following vulnerability has been resolved: f2fs: flush inode if atomic file is aborted Let's flush the inode being aborted atomic operation to avoid stale dirty inode during eviction in this call stack: f2fsmarkinodedirtysync+0x22/0x40 f2fs f2fsabortatomicwrite+0xc4/0xf0...

5.7AI score0.00198EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2024-38798

EDK2 contains a vulnerability in BIOS where an attacker may cause “Exposure of Sensitive Information to an Unauthorized Actor” by local access. Successful exploitation of this vulnerability will lead to possible information disclosure or escalation of privilege and impact Confidentiality...

5.8CVSS5.9AI score0.00119EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2025-40329

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix deadlock in drmschedentitykilljobscb The Mesa issue referenced below pointed out a possible deadlock: 1231.611031 Possible interrupt unsafe locking scenario: 1231.611033 CPU0 CPU1 1231.611034 ---- ---- 1231.611035...

5.8AI score0.00186EPSS
Exploits0References21
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-40332

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix mmap write lock not release If mmap write lock is taken while draining retry fault, mmap write lock is not released because svmrangerestorepages calls mmapreadunlock then returns. This causes deadlock and system...

5.7AI score0.00184EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.5 views

CVE-2022-50658

In the Linux kernel, the following vulnerability has been resolved: cpufreq: qcom: fix memory leak in error path If for some reason the speedbin length is incorrect, then there is a memory leak in the error path because we never free the speedbin buffer. This commit fixes the error path to always...

5.9AI score0.00206EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53823

In the Linux kernel, the following vulnerability has been resolved: block/rqqos: protect rqqos apis with a new lock commit 50e34d78815e "block: disable the elevator int delgendisk" move rqqosexit from diskrelease to delgendisk, this will introduce some problems: 1 If rqqosadd is triggered by...

5.7AI score0.00189EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-14326

Use-after-free in the Audio/Video: GMP component. This vulnerability was fixed in Firefox 146 and Thunderbird 146...

9.8CVSS7.3AI score0.00394EPSS
Exploits0References4
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2022-50668

In the Linux kernel, the following vulnerability has been resolved: ext4: fix deadlock due to mbcache entry corruption When manipulating xattr blocks, we can deadlock infinitely looping inside ext4xattrblockset where we constantly keep finding xattr block for reuse in mbcache but we are unable to...

6.1AI score0.00211EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2022-50660

In the Linux kernel, the following vulnerability has been resolved: wifi: ipw2200: fix memory leak in ipwwdevinit In the error path of ipwwdevinit, exception value is returned, and the memory applied for in the function is not released. Also the memory is not released in ipwpciprobe. As a result,...

5.8AI score0.00211EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2022-50675

In the Linux kernel, the following vulnerability has been resolved: arm64: mte: Avoid setting PGmtetagged if no tags cleared or restored Prior to commit 69e3b846d8a7 "arm64: mte: Sync tags for pages where PTE is untagged", mtesynctags was only called for ptetagged entries those mapped with PROTMT...

5.7AI score0.00203EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2025-14306

A directory traversal vulnerability exists in the CacheCleaner component of Robocode version 1.9.3.6. The recursivelyDelete method fails to properly sanitize file paths, allowing attackers to traverse directories and delete arbitrary files on the system. This vulnerability can be exploited by...

10CVSS5.8AI score0.00897EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2023-53826

In the Linux kernel, the following vulnerability has been resolved: ubi: Fix UAF wear-leveling entry in eraseblkcountseqshow Wear-leveling entry could be freed in error path, which may be accessed again in eraseblkcountseqshow, for example: eraseworker eraseblkcountseqshow wl =...

5.8AI score0.00211EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2025-14307

An insecure temporary file creation vulnerability exists in the AutoExtract component of Robocode version 1.9.3.6. The createTempFile method fails to securely create temporary files, allowing attackers to exploit race conditions and potentially execute arbitrary code or overwrite critical files...

9.3CVSS6.2AI score0.00277EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2022-50666

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix QP destroy to wait for all references dropped. Delay QP destroy completion until all siw references to QP are dropped. The calling RDMA core will free QP structure after successful return from siwqpdestroy call, so...

5.7AI score0.00206EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2022-50662

In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: fix memory leak in hnsroceallocmr When hnsrocemrenable failed in hnsroceallocmr, mrkey is not released. Compiled test only...

5.9AI score0.002EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2022-50676

In the Linux kernel, the following vulnerability has been resolved: net: rds: don't hold sock lock when cancelling work from rdstcpresetcallbacks syzbot is reporting lockdep warning at rdstcpresetcallbacks 1, for commit ac3615e7f3cffe2a "RDS: TCP: Reduce code duplication in rdstcpresetcallbacks"...

5.9AI score0.00239EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2022-50667

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

5.7AI score0.002EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.8 views

CVE-2023-53838

In the Linux kernel, the following vulnerability has been resolved: f2fs: synchronize atomic write aborts To fix a race condition between atomic write aborts, I use the inode lock and make COW inode to be re-usable thoroughout the whole atomic file inode lifetime...

5.7AI score0.00198EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2023-53836

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix skb refcnt race after locking changes There is a race where skb's from the skpsockbacklog can be referenced after userspace side has already skbconsumed the skbuff and its refcnt dropped to zer0 causing use afte...

5.7AI score0.002EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-14308

An integer overflow vulnerability exists in the write method of the Buffer class in Robocode version 1.9.3.6. The method fails to properly validate the length of data being written, allowing attackers to cause an overflow, potentially leading to buffer overflows and arbitrary code execution. This...

10CVSS6.3AI score0.00491EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.7 views

CVE-2022-50679

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix DMA mappings leak During reallocation of RX buffers, new DMA mappings are created for those buffers. steps for reproduction: while : do for i=0; i=8160; i=i+32 do ethtool -G enp130s0f0 rx $i tx $i sleep 0.5 ethtool -g...

5.9AI score0.00206EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2022-50663

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix possible memory leak in stmmacdvrprobe The bitmapfree should be called to free priv-afxdpzcqps when createsinglethreadworkqueue fails, otherwise there will be a memory leak, so we add the err path errorwqinit to...

5.7AI score0.002EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-2296

EDK2 contains a vulnerability in BIOS where an attacker may cause “ Improper Input Validation” by local access. Successful exploitation of this vulnerability could alter control flow in unexpected ways, potentially allowing arbitrary command execution and impacting Confidentiality, Integrity, and...

8.4CVSS6.2AI score0.00704EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.5 views

CVE-2023-53863

In the Linux kernel, the following vulnerability has been resolved: netlink: do not hard code device address lenth in fdb dumps syzbot reports that some netdev devices do not have a six bytes address 1 Replace ETHALEN by dev-addrlen. 1 Case of a device where dev-addrlen = 4 BUG: KMSAN:...

6AI score0.00223EPSS
Exploits0References11
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2022-50677

In the Linux kernel, the following vulnerability has been resolved: ipmi: fix use after free in ipmidestroyuser The intffree function frees the "intf" pointer so we cannot dereference it again on the next line...

5.9AI score0.00211EPSS
Exploits0References9
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-14345

A post-authentication flaw in the network two-phase commit protocol used for cross-shard transactions in MongoDB Server may lead to logical data inconsistencies under specific conditions which are not predictable and exist for a very short period of time. This error can cause the transaction...

5.4CVSS5.9AI score0.00192EPSS
Exploits0References2
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.1 views

CVE-2025-14329

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

8.8CVSS7.3AI score0.00334EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.2 views

CVE-2025-14328

Privilege escalation in the Netmonitor component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

8.8CVSS7.3AI score0.00334EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14330

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

9.8CVSS7.3AI score0.00422EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14333

Memory safety bugs present in Firefox ESR 140.5, Thunderbird ESR 140.5, Firefox 145 and Thunderbird 145. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability was fixed in...

8.1CVSS7.4AI score0.00376EPSS
Exploits0References6
UbuntuCve
UbuntuCve
added 2025/12/09 4:17 p.m.3 views

CVE-2025-14324

JIT miscompilation in the JavaScript Engine: JIT component. This vulnerability was fixed in Firefox 146, Firefox ESR 115.31, Firefox ESR 140.6, Thunderbird 146, and Thunderbird 140.6...

9.8CVSS7.3AI score0.00481EPSS
Exploits0References8
Total number of security vulnerabilities68528