Lucene search

K
LinuxLinux Kernel

10927 matches found

CVE
CVE
added 2011/05/26 4:55 p.m.70 views

CVE-2010-4805

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.35 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service by sending a large amount of network traffic, related to the sk_add_backlog function and the sk_rmem_allo...

7.8CVSS7AI score0.0215EPSS
CVE
CVE
added 2013/03/01 12:37 p.m.70 views

CVE-2011-1019

The dev_load function in net/core/dev.c in the Linux kernel before 2.6.38 allows local users to bypass an intended CAP_SYS_MODULE capability requirement and load arbitrary modules by leveraging the CAP_NET_ADMIN capability.

1.9CVSS6.6AI score0.00057EPSS
CVE
CVE
added 2011/05/26 4:55 p.m.70 views

CVE-2011-1581

The bond_select_queue function in drivers/net/bonding/bond_main.c in the Linux kernel before 2.6.39, when a network device with a large number of receive queues is installed but the default tx_queues setting is used, does not properly restrict queue indexes, which allows remote attackers to cause a...

9CVSS7.6AI score0.01072EPSS
CVE
CVE
added 2013/06/08 1:5 p.m.70 views

CVE-2011-3593

A certain Red Hat patch to the vlan_hwaccel_do_receive function in net/8021q/vlan_core.c in the Linux kernel 2.6.32 on Red Hat Enterprise Linux (RHEL) 6 allows remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames.

5.7CVSS7.6AI score0.0032EPSS
CVE
CVE
added 2012/07/03 4:40 p.m.70 views

CVE-2012-2100

The ext4_fill_flex_info function in fs/ext4/super.c in the Linux kernel before 3.2.2, on the x86 platform and unspecified other platforms, allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and possibly cause a denial of service via a malformed ext4 filesystem cont...

7.1CVSS6.1AI score0.03356EPSS
CVE
CVE
added 2012/06/13 10:24 a.m.70 views

CVE-2012-2383

Integer overflow in the i915_gem_execbuffer2 function in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 3.3.5 on 32-bit platforms allows local users to cause a denial of service (out-of-bounds write) or possibly have unspecified...

4.9CVSS6.7AI score0.00064EPSS
CVE
CVE
added 2013/07/15 8:55 p.m.70 views

CVE-2013-4125

The fib6_add_rt2node function in net/ipv6/ip6_fib.c in the IPv6 stack in the Linux kernel through 3.10.1 does not properly handle Router Advertisement (RA) messages in certain circumstances involving three routes that initially qualified for membership in an ECMP route set until a change occurred f...

5.4CVSS5.8AI score0.01428EPSS
CVE
CVE
added 2013/12/09 6:55 p.m.70 views

CVE-2013-4270

The net_ctl_permissions function in net/sysctl_net.c in the Linux kernel before 3.11.5 does not properly determine uid and gid values, which allows local users to bypass intended /proc/sys/net restrictions via a crafted application.

3.6CVSS5.7AI score0.00044EPSS
CVE
CVE
added 2013/11/20 1:19 p.m.70 views

CVE-2013-4591

Buffer overflow in the __nfs4_get_acl_uncached function in fs/nfs/nfs4proc.c in the Linux kernel before 3.7.2 allows local users to cause a denial of service (memory corruption and system crash) or possibly have unspecified other impact via a getxattr system call for the system.nfs4_acl extended at...

6.2CVSS7.8AI score0.00062EPSS
CVE
CVE
added 2015/08/31 10:59 a.m.70 views

CVE-2015-5706

Use-after-free vulnerability in the path_openat function in fs/namei.c in the Linux kernel 3.x and 4.x before 4.0.4 allows local users to cause a denial of service or possibly have unspecified other impact via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation.

4.6CVSS6AI score0.0005EPSS
CVE
CVE
added 2015/12/28 11:59 a.m.70 views

CVE-2015-7885

The dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

2.3CVSS3AI score0.00077EPSS
CVE
CVE
added 2019/07/27 10:15 p.m.70 views

CVE-2016-10764

In the Linux kernel before 4.9.6, there is an off by one in the drivers/mtd/spi-nor/cadence-quadspi.c cqspi_setup_flash() function. There are CQSPI_MAX_CHIPSELECT elements in the ->f_pdata array so the ">" should be ">=" instead.

9.8CVSS9.1AI score0.00815EPSS
CVE
CVE
added 2016/08/06 8:59 p.m.70 views

CVE-2016-5400

Memory leak in the airspy_probe function in drivers/media/usb/airspy/airspy.c in the airspy USB driver in the Linux kernel before 4.7 allows local users to cause a denial of service (memory consumption) via a crafted USB device that emulates many VFL_TYPE_SDR or VFL_TYPE_SUBDEV devices and performs...

4.9CVSS5AI score0.00082EPSS
CVE
CVE
added 2016/12/28 7:59 a.m.70 views

CVE-2016-9777

KVM in the Linux kernel before 4.8.12, when I/O APIC is enabled, does not properly restrict the VCPU index, which allows guest OS users to gain host OS privileges or cause a denial of service (out-of-bounds array access and host OS crash) via a crafted interrupt request, related to arch/x86/kvm/ioa...

7.8CVSS7.2AI score0.00067EPSS
CVE
CVE
added 2018/02/26 3:29 a.m.70 views

CVE-2017-18200

The f2fs implementation in the Linux kernel before 4.14 mishandles reference counts associated with f2fs_wait_discard_bios calls, which allows local users to cause a denial of service (BUG), as demonstrated by fstrim.

5.5CVSS5.1AI score0.00042EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.70 views

CVE-2021-47100

In the Linux kernel, the following vulnerability has been resolved: ipmi: Fix UAF when uninstall ipmi_si and ipmi_msghandler module Hi, When testing install and uninstall of ipmi_si.ko and ipmi_msghandler.ko,the system crashed. The log as follows:[ 141.087026] BUG: unable to handle kernel paging re...

5.5CVSS6.2AI score0.00009EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.70 views

CVE-2021-47111

In the Linux kernel, the following vulnerability has been resolved: xen-netback: take a reference to the RX task thread Do this in order to prevent the task from being freed if the threadreturns (which can be triggered by the frontend) before the call tokthread_stop done as part of the backend tear...

7.8CVSS6.3AI score0.00037EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.70 views

CVE-2021-47182

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix scsi_mode_sense() buffer length handling Several problems exist with scsi_mode_sense() buffer length handling: The allocation length field of the MODE SENSE(10) command is 16-bits,occupying bytes 7 and 8 of the CDB....

5.5CVSS6.7AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47252

In the Linux kernel, the following vulnerability has been resolved: batman-adv: Avoid WARN_ON timing related checks The soft/batadv interface for a queued OGM can be changed during the timethe OGM was queued for transmission and when the OGM is actuallytransmitted by the worker. But WARN_ON must be...

5.5CVSS6.7AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47288

In the Linux kernel, the following vulnerability has been resolved: media: ngene: Fix out-of-bounds bug in ngene_command_config_free_buf() Fix an 11-year old bug in ngene_command_config_free_buf() whileaddressing the following warnings caught with -Warray-bounds: arch/alpha/include/asm/string.h:22:...

7.1CVSS6.8AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47297

In the Linux kernel, the following vulnerability has been resolved: net: fix uninit-value in caif_seqpkt_sendmsg When nr_segs equal to zero in iovec_from_user, the objectmsg->msg_iter.iov is uninit stack memory in caif_seqpkt_sendmsgwhich is defined in ___sys_sendmsg. So we cann't just judgemsg-...

5.5CVSS6.8AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47314

In the Linux kernel, the following vulnerability has been resolved: memory: fsl_ifc: fix leak of private memory on probe failure On probe error the driver should free the memory allocated for privatestructure. Fix this by using resource-managed allocation.

5.5CVSS6.8AI score0.00013EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47395

In the Linux kernel, the following vulnerability has been resolved: mac80211: limit injected vht mcs/nss in ieee80211_parse_tx_radiotap Limit max values for vht mcs and nss in ieee80211_parse_tx_radiotaproutine in order to fix the following warning reported by syzbot: WARNING: CPU: 0 PID: 10717 at ...

6.7AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.70 views

CVE-2021-47410

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix svm_migrate_fini warning Device manager releases device-specific resources when a driverdisconnects from a device, devm_memunmap_pages anddevm_release_mem_region calls in svm_migrate_fini are redundant. It causes be...

6.7AI score0.00021EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.70 views

CVE-2021-47534

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: kms: Add missing drm_crtc_commit_put Commit 9ec03d7f1ed3 ("drm/vc4: kms: Wait on previous FIFO users before acommit") introduced a global state for the HVS, with each FIFO storingthe current CRTC commit so that we can prop...

4.1CVSS6.4AI score0.00008EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.70 views

CVE-2021-47547

In the Linux kernel, the following vulnerability has been resolved: net: tulip: de4x5: fix the problem that the array 'lp->phy[8]' may be out of bound In line 5001, if all id in the array 'lp->phy[8]' is not 0, when the'for' end, the 'k' is 8. At this time, the array 'lp->phy[8]' may be ou...

4.4CVSS6.4AI score0.00014EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.70 views

CVE-2021-47612

In the Linux kernel, the following vulnerability has been resolved: nfc: fix segfault in nfc_genl_dump_devices_done When kmalloc in nfc_genl_dump_devices() fails thennfc_genl_dump_devices_done() segfaults as below KASAN: null-ptr-deref in range [0x0000000000000008-0x000000000000000f]CPU: 0 PID: 25 ...

5.5CVSS6.9AI score0.00015EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.70 views

CVE-2021-47647

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: fix PCI-E clock oops Fix PCI-E clock related kernel oops that are caused by a missing clockparent. pcie0_rchng_clk_src has num_parents set to 2 but only one parent isactually set via parent_hws, it should also h...

5.2AI score0.00044EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.70 views

CVE-2022-48633

In the Linux kernel, the following vulnerability has been resolved: drm/gma500: Fix WARN_ON(lock->magic != lock) error psb_gem_unpin() calls dma_resv_lock() but the underlying ww_mutexgets destroyed by drm_gem_object_release() move thedrm_gem_object_release() call in psb_gem_free_object() to aft...

6.5AI score0.00026EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.70 views

CVE-2022-48670

In the Linux kernel, the following vulnerability has been resolved: peci: cpu: Fix use-after-free in adev_release() When auxiliary_device_add() returns an error, auxiliary_device_uninit()is called, which causes refcount for device to be decremented and.release callback will be triggered. Because ad...

7.8CVSS6.6AI score0.00015EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.70 views

CVE-2022-48694

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix drain SQ hang with no completion SW generated completions for outstanding WRs posted on SQafter QP is in error target the wrong CQ. This causes theib_drain_sq to hang with no completion. Fix this to generate complet...

7.8CVSS6.5AI score0.00015EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.70 views

CVE-2022-48788

In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: fix possible use-after-free in transport error_recovery work While nvme_rdma_submit_async_event_work is checking the ctrl and queuestate before preparing the AER command and scheduling io_work, in orderto fully prevent a...

7.8CVSS8.2AI score0.00012EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.70 views

CVE-2022-48805

In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup ax88179_rx_fixup() contains several out-of-bounds accesses that can betriggered by a malicious (or defective) USB device, in particular: The metadata array (hdr_off..hd...

7.8CVSS6.4AI score0.00057EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.70 views

CVE-2022-48887

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Remove rcu locks from user resources User resource lookups used rcu to avoid two extra atomics. Unfortunatelythe rcu paths were buggy and it was easy to make the driver crash bysubmitting command buffers from two differ...

5.5CVSS6.5AI score0.0004EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.70 views

CVE-2022-48909

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix connection leak There's a potential leak issue under following execution sequence : smc_release smc_connect_workif (sk->sk_state == SMC_INIT)send_clc_confirimtcp_abort();...sk.sk_state = SMC_ACTIVEsmc_close_activesw...

5.5CVSS6.5AI score0.0004EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.70 views

CVE-2022-49033

In the Linux kernel, the following vulnerability has been resolved: btrfs: qgroup: fix sleep from invalid context bug in btrfs_qgroup_inherit() Syzkaller reported BUG as follows: BUG: sleeping function called from invalid context atinclude/linux/sched/mm.h:274Call Trace:dump_stack_lvl+0xcd/0x134__m...

5.5CVSS5.4AI score0.00053EPSS
CVE
CVE
added 2025/01/02 3:15 p.m.70 views

CVE-2022-49035

In the Linux kernel, the following vulnerability has been resolved: media: s5p_cec: limit msg.len to CEC_MAX_MSG_SIZE I expect that the hardware will have limited this to 16, but just incase it hasn't, check for this corner case.

5.5CVSS7AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49100

In the Linux kernel, the following vulnerability has been resolved: virtio_console: eliminate anonymous module_init & module_exit Eliminate anonymous module_init() and module_exit(), which can lead toconfusion or ambiguity when reading System.map, crashes/oops/bugs,or an initcall_debug log. Give ea...

5.4AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49126

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix memory leaks Fix memory leaks related to operational reply queue's memory segments whichare not getting freed while unloading the driver.

5.5CVSS6.5AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49157

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix premature hw access after PCI error After a recoverable PCI error has been detected and recovered, qla driverneeds to check to see if the error condition still persist and/or waitfor the OS to give the resume sig...

5.4AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49187

In the Linux kernel, the following vulnerability has been resolved: clk: Fix clk_hw_get_clk() when dev is NULL Any registered clk_core structure can have a NULL pointer in its devfield. While never actually documented, this is evidenced by the wideusage of clk_register and clk_hw_register with a NU...

5.5CVSS5.3AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49189

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: clk-rcg2: Update logic to calculate D value for RCG The display pixel clock has a requirement on certain newer platforms tosupport M/N as (2/3) and the final D value calculated results inunderflow errors.As the current i...

5.4AI score0.00067EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49212

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: atmel: fix refcount issue in atmel_nand_controller_init The reference counting issue happens in several error handling pathson a refcounted object "nc->dmac". In these paths, the function simplyreturns the error co...

5.5CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.70 views

CVE-2022-49224

In the Linux kernel, the following vulnerability has been resolved: power: supply: ab8500: Fix memory leak in ab8500_fg_sysfs_init kobject_init_and_add() takes reference even when it fails.According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be calle...

5.5CVSS5.3AI score0.00035EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49285

In the Linux kernel, the following vulnerability has been resolved: iio: accel: mma8452: use the correct logic to get mma8452_data The original logic to get mma8452_data is wrong, the *dev point tothe device belong to iio_dev. we can't use this dev to find thecorrect i2c_client. The original logic ...

5.2AI score0.0006EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49341

In the Linux kernel, the following vulnerability has been resolved: bpf, arm64: Clear prog->jited_len along prog->jited syzbot reported an illegal copy_to_user() attemptfrom bpf_prog_get_info_by_fd() [1] There was no repro yet on this bug, but I thinkthat commit 0aef499f3172 ("mm/usercopy: De...

5.3AI score0.00076EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49438

In the Linux kernel, the following vulnerability has been resolved: Input: sparcspkr - fix refcount leak in bbc_beep_probe of_find_node_by_path() calls of_find_node_opts_by_path(),which returns a node pointer with refcountincremented, we should use of_node_put() on it when done.Add missing of_node_...

5.5CVSS5.3AI score0.00023EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49460

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: rk3399_dmc: Disable edev on remove() Otherwise we hit an unablanced enable-count when unbinding the DFIdevice: [ 1279.659119] ------------[ cut here ]------------[ 1279.659179] WARNING: CPU: 2 PID: 5638 at drivers/dev...

5.4AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49473

In the Linux kernel, the following vulnerability has been resolved: ASoC: ti: j721e-evm: Fix refcount leak in j721e_soc_probe_* of_parse_phandle() returns a node pointer with refcountincremented, we should use of_node_put() on it when not needed anymore.Add missing of_node_put() to avoid refcount l...

5.5CVSS5.3AI score0.00045EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.70 views

CVE-2022-49523

In the Linux kernel, the following vulnerability has been resolved: ath11k: disable spectral scan during spectral deinit When ath11k modules are removed using rmmod with spectral scan enabled,crash is observed. Different crash trace is observed for each crash. Send spectral scan disable WMI command...

5.5CVSS5.4AI score0.00045EPSS
Total number of security vulnerabilities10927