Lucene search
K
UbuntucveRecent

68528 matches found

UbuntuCve
UbuntuCve
•added 2025/09/18 2:15 p.m.•1 views

CVE-2023-53388

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Clean dangling pointer on bind error path mtkdrmbind can fail, in which case drmdevput is called, destroying the drmdevice object. However a pointer to it was still being held in the private object, and that pointer...

7.8CVSS6.2AI score0.00143EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/09/18 2:15 p.m.•2 views

CVE-2022-50399

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: prevent integer overflow in shcsssetblackframe The "height" and "width" values come from the user so the "height width" multiplication can overflow...

5.5CVSS6AI score0.00145EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/18 2:15 p.m.•2 views

CVE-2023-53415

In the Linux kernel, the following vulnerability has been resolved: USB: dwc3: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instead whi...

5.5CVSS6.2AI score0.00135EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/18 2:15 p.m.•3 views

CVE-2022-50395

In the Linux kernel, the following vulnerability has been resolved: integrity: Fix memory leakage in keyring allocation error path Key restriction is allocated in integrityinitkeyring. However, if keyring allocation failed, it is not freed, causing memory leaks...

5.5CVSS5.9AI score0.00147EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/09/18 12:0 a.m.•1 views

CVE-2025-30187

In some circumstances, when DNSdist is configured to use the nghttp2 library to process incoming DNS over HTTPS queries, an attacker might be able to cause a denial of service by crafting a DoH exchange that triggers an unbounded I/O read loop, causing an unexpected consumption of CPU resources...

3.7CVSS5.9AI score0.00271EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 6:15 p.m.•2 views

CVE-2025-58767

REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 has a DoS vulnerability when parsing XML containing multiple XML declarations. If you need to parse untrusted XMLs, you may be impacted to these vulnerabilities. The REXML gem 3.4.2 or later include the patches to fix these...

5.3CVSS6.7AI score0.00231EPSS
Exploits0References3
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•4 views

CVE-2022-50355

In the Linux kernel, the following vulnerability has been resolved: staging: vt6655: fix some erroneous memory clean-up loops In some initialization functions of this driver, memory is allocated with 'i' acting as an index variable and increasing from 0. The commit in "Fixes" introduces some...

5.5CVSS5.9AI score0.0019EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2023-53364

In the Linux kernel, the following vulnerability has been resolved: regulator: da9063: better fix null deref with partial DT Two versions of the original patch were sent but V1 was merged instead of V2 due to a mistake. So update to V2. The advantage of V2 is that it completely avoids dereferenci...

5.5CVSS5.9AI score0.00152EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2022-50374

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hcildisc,serdev: check percpuinitrwsem failure syzbot is reporting NULL pointer dereference at hciuartttyclose 1, for rcusyncenter is called without rcusyncinit due to hciuartttyopen ignoring percpuinitrwsem failure...

5.5CVSS6.1AI score0.00191EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53367

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: fix mem leak in capture user mappings This commit fixes a memory leak caused when clearing the usermappings info when a new context is opened immediately after usermapping is captured and a hard reset is perform...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2022-50373

In the Linux kernel, the following vulnerability has been resolved: fs: dlm: fix race in lowcomms This patch fixes a race between queuework in dlmlowcommscommitmsg and srcureadunlock. The queuework can take the final reference of a dlmmsg and so msg-idx can contain garbage which is signaled by th...

4.7CVSS5.7AI score0.00135EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2022-50359

In the Linux kernel, the following vulnerability has been resolved: media: cx88: Fix a null-ptr-deref bug in bufferprepare When the driver calls cx88riscbuffer to prepare the buffer, the function call may fail, resulting in a empty buffer and null-ptr-deref later in bufferqueue. The following log...

5.5CVSS6AI score0.00196EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2022-50365

In the Linux kernel, the following vulnerability has been resolved: skbuff: Account for tail adjustment during pull operations Extending the tail can have some unexpected side effects if a program uses a helper like BPFFUNCskbpulldata to read partial content beyond the head skb headlen when all t...

5.5CVSS5.9AI score0.00196EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50362

In the Linux kernel, the following vulnerability has been resolved: dmaengine: hisilicon: Add multi-thread support for a DMA channel When we get a DMA channel and try to use it in multiple threads it will cause oops and hanging the system. % echo 100 /sys/module/dmatest/parameters/threadsperchan ...

5.5CVSS5.8AI score0.00184EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2023-53355

In the Linux kernel, the following vulnerability has been resolved: staging: pi433: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove instea...

5.5CVSS5.8AI score0.00174EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•0 views

CVE-2023-53340

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Collect command failures data only for known commands DEVX can issue a general command, which is not used by mlx5 driver. In case such command is failed, mlx5 is trying to collect the failure data, However, mlx5 doesn't...

7.8CVSS6.6AI score0.00197EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50354

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: Fix kfdprocessdeviceinitvm error handling Should only destroy the ibmem and let process cleanup worker to free the outstanding BOs. Reset the pointer in pdd-qpd structure, to avoid NULL pointer access in process destr...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53360

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: Rework scratch handling for READPLUS again I found that the read code might send multiple requests using the same nfspgioheader, but nfs4procreadsetup is only called once. This is how we ended up occasionally...

5.5CVSS6AI score0.00176EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53351

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Check scheduler work queue before calling timeout handling During an IGT GPU reset test we see again oops despite of commit 0c8c901aaaebc9 drm/sched: Check scheduler ready before calling timeout handling. It uses ready...

5.5CVSS5.8AI score0.00163EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53353

In the Linux kernel, the following vulnerability has been resolved: accel/habanalabs: postpone memmgr IDR destruction to hprivrelease The memory manager IDR is currently destroyed when user releases the file descriptor. However, at this point the user context might be still held, and memory buffe...

5.5CVSS5.7AI score0.00156EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50372

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when build ntlmssp negotiate blob failed There is a memory leak when mount cifs: unreferenced object 0xffff888166059600 size 448: comm "mount.cifs", pid 51391, jiffies 4295596373 age 330.596s hex dump first ...

5.5CVSS5.9AI score0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50358

In the Linux kernel, the following vulnerability has been resolved: brcmfmac: return error when getting invalid maxflowrings from dongle When firmware hit trap at initialization, host will read abnormal maxflowrings number from dongle, and it will cause kernel panic when doing iowrite to initiali...

4.2CVSS5.9AI score0.00275EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53350

In the Linux kernel, the following vulnerability has been resolved: accel/qaic: Fix slicing memory leak The temporary buffer storing slicing configuration data from user is only freed on error. This is a memory leak. Free the buffer unconditionally...

5.5CVSS6AI score0.00168EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53363

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix use-after-free in pcibusreleasedomainnr Commit c14f7ccc9f5d "PCI: Assign PCI domain IDs by idaalloc" introduced a use-after-free bug in the bus removal cleanup. The issue was found with kfence: 19.293351 BUG: KFENCE:...

7.8CVSS6.5AI score0.00176EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53366

In the Linux kernel, the following vulnerability has been resolved: block: be a bit more careful in checking for NULL bdev while polling Wei reports a crash with an application using polled IO: PGD 14265e067 P4D 14265e067 PUD 47ec50067 PMD 0 Oops: 0000 1 SMP CPU: 0 PID: 21915 Comm: iocore0 Kdump:...

5.5CVSS5.9AI score0.00174EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53349

In the Linux kernel, the following vulnerability has been resolved: media: ov2740: Fix memleak in ov2740initcontrols There is a kmemleak when testing the media/i2c/ov2740.c with bpf mock device: unreferenced object 0xffff8881090e19e0 size 16: comm "51-i2c-ov2740", pid 278, jiffies 4294781584 age...

5.5CVSS5.9AI score0.00184EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2022-50356

In the Linux kernel, the following vulnerability has been resolved: net: sched: sfb: fix null pointer access issue when sfbinit fails When the default qdisc is sfb, if the qdisc of devqueue fails to be inited during mqprioinit, sfbreset is invoked to clear resources. In this case, the q-qdisc is...

5.5CVSS5.9AI score0.00191EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50357

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: core: fix some leaks in probe The dwc3getproperties function calls: dwc-usbpsy = powersupplygetbynameusbpsyname; so there is some additional clean up required on these error paths...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53335

In the Linux kernel, the following vulnerability has been resolved: RDMA/cxgb4: Fix potential null-ptr-deref in passestablish If getepfromtid fails to lookup non-NULL value for ep, ep is dereferenced later regardless of whether it is empty. This patch adds a simple sanity check to fix the issue...

5.5CVSS6.2AI score0.00191EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50367

In the Linux kernel, the following vulnerability has been resolved: fs: fix UAF/GPF bug in nilfsmdtdestroy In allocinode, inodeinitalways could return -ENOMEM if securityinodealloc fails, which causes inode-iprivate uninitialized. Then nilfsismetadatafileinode returns true and nilfsfreeinode...

7.8CVSS6.1AI score0.00206EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•5 views

CVE-2023-53341

In the Linux kernel, the following vulnerability has been resolved: of/fdt: run soc memory setup when earlyinitdtscanmemory fails If memory has been found earlyinitdtscanmemory now returns 1. If it hasn't found any memory it will return 0, allowing other memory setup mechanisms to carry on...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2022-50366

In the Linux kernel, the following vulnerability has been resolved: powercap: intelrapl: fix UBSAN shift-out-of-bounds issue When value timeunit, the parameter of ilog2 will be zero and the return value is -1. u64-1 is too large for shift exponent and then will trigger shift-out-of-bounds: shift...

7.1CVSS6.1AI score0.002EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50369

In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix null-ptr-deref in vkmsrelease A null-ptr-deref is triggered when it tries to destroy the workqueue in vkms-output.composerworkq in vkmsrelease. KASAN: null-ptr-deref in range 0x0000000000000118-0x000000000000011f CP...

5.5CVSS5.9AI score0.00184EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2022-50363

In the Linux kernel, the following vulnerability has been resolved: skmsg: pass gfp argument to allocskmsg syzbot found that allocskmsg could be called from a non sleepable context. skpsockverdictrecv uses rcureadlock protection. We need the callers to pass a gfpt argument to avoid issues. syzbot...

5.5CVSS5.9AI score0.00163EPSS
Exploits0References4
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2022-50361

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: add missing unregisternetdev in wilcnetdevifcinit Fault injection test reports this issue: kernel BUG at net/core/dev.c:10731! invalid opcode: 0000 1 PREEMPT SMP KASAN PTI Call Trace: wilcnetdevifcinit+0x19f/0x220...

5.5CVSS5.9AI score0.00206EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53346

In the Linux kernel, the following vulnerability has been resolved: kernel/failfunction: fix memory leak with using debugfslookup When calling debugfslookup the result must have dput called on it, otherwise the memory will leak over time. To make things simpler, just call debugfslookupandremove...

5.5CVSS5.9AI score0.00185EPSS
Exploits0References8
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•3 views

CVE-2022-50370

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: Fix handling of real but unexpected device interrupts Commit c7b79a752871 "mfd: intel-lpss: Add Intel Alder Lake PCH-S PCI IDs" caused a regression on certain Gigabyte motherboards for Intel Alder Lake-S where...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References6
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2022-50364

In the Linux kernel, the following vulnerability has been resolved: i2c: mux: reg: check return value after calling platformgetresource It will cause null-ptr-deref in resourcesize, if platformgetresource returns NULL, move calling resourcesize after devmioremapresource that will check 'res' to...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53354

In the Linux kernel, the following vulnerability has been resolved: skbuff: skbsegment, Call zero copy functions before using skbuff frags Commit bf5c25d60861 "skbuff: in skbsegment, call zerocopy functions once per nskb" added the call to zero copy functions in skbsegment. The change introduced ...

5.5CVSS6.3AI score0.00177EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53345

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix potential data race in rxrpcwaittobeconnected Inside the loop in rxrpcwaittobeconnected it checks call-error to see if it should exit the loop without first checking the call state. This is probably safe as if call-err...

4.7CVSS5.8AI score0.00126EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53357

In the Linux kernel, the following vulnerability has been resolved: md/raid10: check slab-out-of-bounds in mdbitmapgetcounter If we write a large number to md/bitmapsetbits, mdbitmapcheckpage will return -EINVAL because 'page = bitmap-pages', but the return value was not checked immediately in...

7.1CVSS6.6AI score0.00183EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53337

In the Linux kernel, the following vulnerability has been resolved: nilfs2: do not write dirty data after degenerating to read-only According to syzbot's report, markbufferdirty called from nilfssegctordoconstruct outputs a warning with some patterns after nilfs2 detects metadata corruption and...

5.5CVSS5.9AI score0.00189EPSS
Exploits0References11
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53343

In the Linux kernel, the following vulnerability has been resolved: icmp6: Fix null-ptr-deref of ip6nullentry-rt6iidev in icmp6dev. With some IPv6 Ext Hdr RPL, SRv6, etc., we can send a packet that has the link-local address as src and dst IP and will be forwarded to an external IP in the IPv6 Ex...

5.5CVSS6.1AI score0.00192EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53339

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix BUGON condition in btrfscancelbalance Pausing and canceling balance can race to interrupt balance lead to BUGON panic in btrfscancelbalance. The BUGON condition in btrfscancelbalance does not take this race scenario in...

5.5CVSS5.9AI score0.00187EPSS
Exploits0References9
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•2 views

CVE-2023-53358

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix racy issue under cocurrent smb2 tree disconnect There is UAF issue under cocurrent smb2 tree disconnect. This patch introduce TREECONNEXPIRE flags for tcon to avoid cocurrent access...

7CVSS6.6AI score0.00164EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53344

In the Linux kernel, the following vulnerability has been resolved: can: bcm: bcmtxsetup: fix KMSAN uninit-value in vfswrite Syzkaller reported the following issue: ===================================================== BUG: KMSAN: uninit-value in aiorwdone fs/aio.c:1520 inline BUG: KMSAN:...

5.5CVSS5.9AI score0.00185EPSS
Exploits0References10
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53362

In the Linux kernel, the following vulnerability has been resolved: bus: fsl-mc: don't assume child devices are all fsl-mc devices Changes in VFIO caused a pseudo-device to be created as child of fsl-mc devices causing a crash 1 when trying to bind a fsl-mc device to VFIO. Fix this by checking th...

5.5CVSS5.9AI score0.0017EPSS
Exploits0References5
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53352

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: check null pointer before accessing when swapping Add a check to avoid null pointer dereference as below: 90.002283 general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 1 PREEMPT SMP KASA...

5.5CVSS6.2AI score0.00184EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53356

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: userial: Add null pointer check in gserialsuspend Consider a case where gserialdisconnect has already cleared gser-ioport. And if gserialsuspend gets called afterwards, it will lead to accessing of gser-ioport and th...

5.5CVSS5.9AI score0.00172EPSS
Exploits0References7
UbuntuCve
UbuntuCve
•added 2025/09/17 3:15 p.m.•1 views

CVE-2023-53342

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix handling IPv4 routes with nhid Fix handling IPv4 routes referencing a nexthop via its id by replacing calls to fibinfonh with fibinfonhc. Trying to add an IPv4 route referencing a nextop via nhid: $ ip...

5.5CVSS5.9AI score0.00182EPSS
Exploits0References5
Total number of security vulnerabilities68528