Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2024/06/25 3:15 p.m.64 views

CVE-2024-39296

In the Linux kernel, the following vulnerability has been resolved: bonding: fix oops during rmmod "rmmod bonding" causes an oops ever since commit cc317ea3d927 ("bonding:remove redundant NULL check in debugfs function"). Here are the relevantfunctions being called: bonding_exit()bond_destroy_debug...

7AI score0.00065EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.64 views

CVE-2024-40909

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a potential use-after-free in bpf_link_free() After commit 1a80dbcb2dba, bpf_link can be freed bylink->ops->dealloc_deferred, but the code still tests and useslink->ops->dealloc afterward, which leads to a use-...

7.8CVSS8.3AI score0.00048EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.64 views

CVE-2024-40916

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: hdmi: report safe 640x480 mode as a fallback when no EDID found When reading EDID fails and driver reports no modes available, the DRMcore adds an artificial 1024x786 mode to the connector. Unfortunatelysome variants of...

6.4AI score0.00194EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.64 views

CVE-2024-40920

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: fix suspicious rcu usage in br_mst_set_state I converted br_mst_set_state to RCU to avoid a vlan use-after-freebut forgot to change the vlan group dereference helper. Switch to vlangroup RCU deref helper to fix th...

6.5AI score0.00111EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.64 views

CVE-2024-40921

In the Linux kernel, the following vulnerability has been resolved: net: bridge: mst: pass vlan group directly to br_mst_vlan_set_state Pass the already obtained vlan group pointer to br_mst_vlan_set_state()instead of dereferencing it again. Each caller has already correctlydereferenced it for thei...

6.5AI score0.00111EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.64 views

CVE-2024-40994

In the Linux kernel, the following vulnerability has been resolved: ptp: fix integer overflow in max_vclocks_store On 32bit systems, the "4 * max" multiply can overflow. Use kcalloc()to do the allocation to prevent this.

7.8CVSS8.6AI score0.00051EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.64 views

CVE-2024-41027

In the Linux kernel, the following vulnerability has been resolved: Fix userfaultfd_api to return EINVAL as expected Currently if we request a feature that is not set in the Kernel config wefail silently and return all the available features. However, the manpage indicates we should return an EINVA...

6.4AI score0.00103EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.64 views

CVE-2024-41068

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Fix sclp_init() cleanup on failure If sclp_init() fails it only partially cleans up: if there are multiplefailing calls to sclp_init() sclp_state_change_event will be added severaltimes to sclp_reg_list, which results in...

6.5AI score0.00263EPSS
CVE
CVE
added 2024/07/29 4:15 p.m.64 views

CVE-2024-42072

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix may_goto with negative offset. Zac's syzbot crafted a bpf prog that exposed two bugs in may_goto.The 1st bug is the way may_goto is patched. When offset is negativeit should be patched differently.The 2nd bug is in the ver...

7.8CVSS6.6AI score0.00049EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.64 views

CVE-2024-42120

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a size of MAX_PIPES so checking its index before accessingthe array. This fixes an OVERRUN issue reported by Coverity.

6.6AI score0.00191EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.64 views

CVE-2024-42151

In the Linux kernel, the following vulnerability has been resolved: bpf: mark bpf_dummy_struct_ops.test_1 parameter as nullable Test case dummy_st_ops/dummy_init_ret_value passes NULL as the firstparameter of the test_1() function. Mark this parameter as nullable tomake verifier aware of such possi...

5.5CVSS6.5AI score0.00047EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.64 views

CVE-2024-42281

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a segment issue when downgrading gso_size Linearize the skb when downgrading gso_size because it may trigger aBUG_ON() later when the skb is segmented as described in [1,2].

6.6AI score0.00194EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.64 views

CVE-2024-42286

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: validate nvme_local_port correctly The driver load failed with error message, qla2xxx [0000:04:00.0]-ffff:0: register_localport failed: ret=ffffffef and with a kernel crash, BUG: unable to handle kernel NULL pointer ...

5.5CVSS6.5AI score0.0007EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.64 views

CVE-2024-42287

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Complete command early within lock A crash was observed while performing NPIV and FW reset, BUG: kernel NULL pointer dereference, address: 000000000000001c#PF: supervisor read access in kernel mode#PF: error_code(0x0...

4.7CVSS6.6AI score0.0007EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.64 views

CVE-2024-42306

In the Linux kernel, the following vulnerability has been resolved: udf: Avoid using corrupted block bitmap buffer When the filesystem block bitmap is corrupted, we detect the corruptionwhile loading the bitmap and fail the allocation with error. However thenext allocation from the same bitmap will...

6.8AI score0.00301EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.64 views

CVE-2024-42313

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free in vdec_close There appears to be a possible use after free with vdec_close().The firmware will add buffer release work to the work queue throughHFI callbacks as a normal part of decoding. Randomly ...

7.8CVSS6.9AI score0.00055EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.64 views

CVE-2024-44969

In the Linux kernel, the following vulnerability has been resolved: s390/sclp: Prevent release of buffer in I/O When a task waiting for completion of a Store Data operation isinterrupted, an attempt is made to halt this operation. If this attemptfails due to a hardware or firmware problem, there is...

5.5CVSS6.2AI score0.00052EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.64 views

CVE-2024-44972

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not clear page dirty inside extent_write_locked_range() [BUG]For subpage + zoned case, the following workload can lead to rsv dataleak at unmount time: mkfs.btrfs -f -s 4k $dev mount $dev $mnt fsstress -w -n 8 -d $mnt -s ...

5.5CVSS6.2AI score0.00042EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.64 views

CVE-2024-45007

In the Linux kernel, the following vulnerability has been resolved: char: xillybus: Don't destroy workqueue from work item running on it Triggered by a kref decrement, destroy_workqueue() may be called fromwithin a work item for destroying its own workqueue. This illegalsituation is averted by addi...

6.9AI score0.00137EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.64 views

CVE-2024-46726

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Ensure index calculation will not overflow [WHY & HOW]Make sure vmid0p72_idx, vnom0p8_idx and vmax0p9_idx calculation willnever overflow and exceess array size. This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues re...

5.5CVSS6.3AI score0.00056EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.64 views

CVE-2024-47695

In the Linux kernel, the following vulnerability has been resolved: RDMA/rtrs-clt: Reset cid to con_num - 1 to stay in bounds In the function init_conns(), after the create_con() and create_cm() forloop if something fails. In the cleanup for loop after the destroy tag, weaccess out of bound memory ...

7.8CVSS7.3AI score0.00045EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.64 views

CVE-2024-47711

In the Linux kernel, the following vulnerability has been resolved: af_unix: Don't return OOB skb in manage_oob(). syzbot reported use-after-free in unix_stream_recv_urg(). [0] The scenario is send(MSG_OOB) recv(MSG_OOB)-> The consumed OOB remains in recv queue send(MSG_OOB) recv()-> manage_o...

7.8CVSS8.2AI score0.00042EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.64 views

CVE-2024-49874

In the Linux kernel, the following vulnerability has been resolved: i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition In the svc_i3c_master_probe function, &master->hj_work is bound withsvc_i3c_master_hj_work, &master->ibi_work is bound withsvc_...

7CVSS6.5AI score0.00045EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.64 views

CVE-2024-49880

In the Linux kernel, the following vulnerability has been resolved: ext4: fix off by one issue in alloc_flex_gd() Wesley reported an issue: ==================================================================EXT4-fs (dm-5): resizing filesystem from 7168 to 786432 blocks------------[ cut here ]-------...

7.8CVSS7.3AI score0.0003EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.64 views

CVE-2024-53187

In the Linux kernel, the following vulnerability has been resolved: io_uring: check for overflows in io_pin_pages WARNING: CPU: 0 PID: 5834 at io_uring/memmap.c:144 io_pin_pages+0x149/0x180 io_uring/memmap.c:144CPU: 0 UID: 0 PID: 5834 Comm: syz-executor825 Not tainted 6.12.0-next-20241118-syzkaller...

5.5CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.64 views

CVE-2024-56621

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcd_remove() Currently, RTC work is only cancelled during __ufshcd_wl_suspend(). Whenufshcd is removed in ufshcd_remove(), RTC work is not cancelled. Due tothis, any further trigger of the...

5.5CVSS6.3AI score0.00032EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.64 views

CVE-2024-56628

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Add architecture specific huge_pte_clear() When executing mm selftests run_vmtests.sh, there is such an error: BUG: Bad page state in process uffd-unit-tests pfn:00000page: refcount:0 mapcount:0 mapping:0000000000000000 ...

6.2AI score0.00054EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.64 views

CVE-2024-56632

In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix the memleak while create new ctrl failed Now while we create new ctrl failed, we have not free thetagset occupied by admin_q, here try to fix it.

5.5CVSS6.6AI score0.00028EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.64 views

CVE-2024-56652

In the Linux kernel, the following vulnerability has been resolved: drm/xe/reg_sr: Remove register pool That pool implementation doesn't really work: if the krealloc happens tomove the memory and return another address, the entries in the xarraybecome invalid, leading to use-after-free later: BUG: ...

7.8CVSS6.7AI score0.00035EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.64 views

CVE-2024-56698

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: gadget: Fix looping of queued SG entries The dwc3_request->num_queued_sgs is decremented on completion. If apartially completed request is handled, then thedwc3_request->num_queued_sgs no longer reflects the total ...

5.5CVSS6.5AI score0.0004EPSS
CVE
CVE
added 2025/01/19 12:15 p.m.64 views

CVE-2024-57926

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err The pointer need to be set to NULL, otherwise KASAN complains aboutuse-after-free. Because in mtk_drm_bind, all private's drm are setas fo...

7.8CVSS6.3AI score0.00026EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.64 views

CVE-2024-58054

In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712module: Unable to handle kernel paging request at virtual address 00007375746174dbMem abort info:E...

7AI score0.00049EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2025-21714

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix implicit ODP use after free Prevent double queueing of implicit ODP mr destroy work by using__xa_cmpxchg() to make sure this is the only time we are destroying thisspecific mr. Without this change, we could try to in...

7.8CVSS6.6AI score0.00017EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2025-21723

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Fix possible crash when setting up bsg fails If bsg_setup_queue() fails, the bsg_queue is assigned a non-NULL value.Consequently, in mpi3mr_bsg_exit(), the condition "if(!mrioc->bsg_queue)"will not be satisfied, pr...

5.5CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2025-21725

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will alwaysbe set by the server, so the client must handle any values and thenprevent oopses like below from happening: Oops: ...

6.3AI score0.00049EPSS
CVE
CVE
added 2025/02/27 8:16 p.m.64 views

CVE-2025-21821

In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether l...

6.6AI score0.00034EPSS
CVE
CVE
added 2025/03/27 3:15 p.m.64 views

CVE-2025-21875

In the Linux kernel, the following vulnerability has been resolved: mptcp: always handle address removal under msk socket lock Syzkaller reported a lockdep splat in the PM control path: WARNING: CPU: 0 PID: 6693 at ./include/net/sock.h:1711 sock_owned_by_me include/net/sock.h:1711 [inline]WARNING: ...

6.9AI score0.00068EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.64 views

CVE-2025-22040

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix session use-after-free in multichannel connection There is a race condition between session setup andksmbd_sessions_deregister. The session can be freed before the connectionis added to channel list of session.This patch...

7.8CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-22090

In the Linux kernel, the following vulnerability has been resolved: x86/mm/pat: Fix VM_PAT handling when fork() fails in copy_page_range() If track_pfn_copy() fails, we already added the dst VMA to the mapletree. As fork() fails, we'll cleanup the maple tree, and stumble overthe dst VMA for which w...

6AI score0.00027EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-22119

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: init wiphy_work before allocating rfkill fails syzbort reported a uninitialize wiphy_work_lock in cfg80211_dev_free. [1] After rfkill allocation fails, the wiphy release process will be performed,which will cause cf...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-23137

In the Linux kernel, the following vulnerability has been resolved: cpufreq/amd-pstate: Add missing NULL ptr check in amd_pstate_update Check if policy is NULL before dereferencing it in amd_pstate_update.

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.64 views

CVE-2025-23163

In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================[ 1.211571] WARNING: possible recursive locking detected[ 1.2...

6.2AI score0.00049EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.64 views

CVE-2025-37792

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btrtl: Prevent potential NULL dereference The btrtl_initialize() function checks that rtl_load_file() eitherhad an error or it loaded a zero length file. However, if it loadeda zero length file then the error code is not...

6.6AI score0.00036EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.64 views

CVE-2025-37819

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pcisubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtimeduring a PCI host bridge probe. ...

5.3AI score0.00053EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.64 views

CVE-2025-37860

In the Linux kernel, the following vulnerability has been resolved: sfc: fix NULL dereferences in ef100_process_design_param() Since cited commit, ef100_probe_main() and hence alsoef100_check_design_params() run before efx->net_dev is created;consequently, we cannot netif_set_tso_max_size() or _...

5.5CVSS6.8AI score0.00019EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.63 views

CVE-1999-0183

Linux implementations of TFTP would allow access to files outside the restricted directory.

6.4CVSS6.7AI score0.00725EPSS
CVE
CVE
added 2003/06/16 4:0 a.m.63 views

CVE-2003-0246

The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.

3.6CVSS6AI score0.00122EPSS
CVE
CVE
added 2006/05/31 10:0 a.m.63 views

CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.

4.9CVSS5.6AI score0.00058EPSS
CVE
CVE
added 2004/12/06 5:0 a.m.63 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.63 views

CVE-2004-1137

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function...

10CVSS7.8AI score0.15821EPSS
Total number of security vulnerabilities10741