Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2024/05/22 7:15 a.m.62 views

CVE-2021-47440

In the Linux kernel, the following vulnerability has been resolved: net: encx24j600: check error in devm_regmap_init_encx24j600 devm_regmap_init may return error which caused by like out of memory,this will results in null pointer dereference later when readingor writing register: general protectio...

2.3CVSS5.9AI score0.00003EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.62 views

CVE-2021-47444

In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read In commit e11f5bd8228f ("drm: Add support for DP 1.4 Compliance edidcorruption test") the function connector_bad_edid() started assumingthat the memory for the EDI...

6.6AI score0.00018EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.62 views

CVE-2021-47467

In the Linux kernel, the following vulnerability has been resolved: kunit: fix reference count leak in kfree_at_end The reference counting issue happens in the normal path ofkfree_at_end(). When kunit_alloc_and_get_resource() is invoked, thefunction forgets to handle the returned resource object, w...

5.3CVSS6.8AI score0.00086EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.62 views

CVE-2021-47476

In the Linux kernel, the following vulnerability has been resolved: comedi: ni_usb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanitychecks on the sizes. This can lead to zero-size-pointer dereferences oroverflowed transfer buffers in ni6501_p...

4.6CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.62 views

CVE-2021-47494

In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix management registrations locking The management registrations locking was broken, the list waslocked for each wdev, but cfg80211_mgmt_registrations_update()iterated it without holding all the correct spinlocks, causin...

6.7AI score0.0005EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.62 views

CVE-2021-47506

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. Adelegation break runs a callback which immediately (innfsd4_cb_recall_prepare) adds the delegation to del_recall...

7.8CVSS6.8AI score0.00012EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.62 views

CVE-2021-47552

In the Linux kernel, the following vulnerability has been resolved: blk-mq: cancel blk-mq dispatch work in both blk_cleanup_queue and disk_release() For avoiding to slow down queue destroy, we don't callblk_mq_quiesce_queue() in blk_cleanup_queue(), instead of delaying tocancel dispatch work in blk...

5.5CVSS6.5AI score0.00004EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.62 views

CVE-2021-47562

In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's settingexposed a hidden bug that could occur in case when Rx queue count differfrom Tx queue count. Currently vsi->txq_map's size is e...

5.5CVSS6.3AI score0.00021EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.62 views

CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Don't call kcalloc() if size arg is zero If the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because ofthat, for a following NULL pointer check to work on the returned pointer,kcalloc() must not be cal...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.62 views

CVE-2021-47597

In the Linux kernel, the following vulnerability has been resolved: inet_diag: fix kernel-infoleak for UDP sockets KMSAN reported a kernel-infoleak [1], that can exploitedby unpriv users. After analysis it turned out UDP was not initializingr->idiag_expires. Other users of inet_sk_diag_fill()mig...

5.5CVSS7AI score0.00015EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.62 views

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() methodfrom init(), because core stack already does that. syzbot was able to trigger use after free: DEBUG_LOCKS_WARN_ON(lock-...

7.8CVSS7.7AI score0.00016EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.62 views

CVE-2021-47599

In the Linux kernel, the following vulnerability has been resolved: btrfs: use latest_dev in btrfs_show_devname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs]CPU: 2 PID: 1 Comm: systemd Tainted: G W O 5.14....

4.7CVSS5.5AI score0.00009EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.62 views

CVE-2021-47635

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix to add refcount once page is set private MM defined the rule [1] very clearly that once page was set with PG_privateflag, we should increment the refcount in that page, also main flows likepageout(), migrate_page() will ...

5.2AI score0.00034EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.62 views

CVE-2022-48645

In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configuredthrough a mix of command BD ring messages and port registers:enetc_port_rd(), enetc_port_wr(). P...

6.7AI score0.00018EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.62 views

CVE-2022-48647

In the Linux kernel, the following vulnerability has been resolved: sfc: fix TX channel offset when using legacy interrupts In legacy interrupt mode the tx_channel_offset was hardcoded to 1, butthat's not correct if efx_sepparate_tx_channels is false. In that case,the offset is 0 because the tx que...

5.5CVSS6.2AI score0.00011EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.62 views

CVE-2022-48691

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: clean up hook list when offload flags check fails splice back the hook list so nft_chain_release_hook() has a chance torelease the hooks. BUG: memory leakunreferenced object 0xffff88810180b100 (size 96):comm "...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.62 views

CVE-2022-48692

In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Set scmnd->result only when scmnd is not NULL This change fixes the following kernel NULL pointer dereferencewhich is reproduced by blktests srp/007 occasionally. BUG: kernel NULL pointer dereference, address: 00000000...

5.5CVSS6.2AI score0.00011EPSS
CVE
CVE
added 2024/05/03 6:15 p.m.62 views

CVE-2022-48705

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run mac_reset severaltimes. The sequence would trigger system crash as the log below. Because we do not re-enable/schedule "tx_napi"...

6.6AI score0.00026EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.62 views

CVE-2022-48715

In the Linux kernel, the following vulnerability has been resolved: scsi: bnx2fc: Make bnx2fc_recv_frame() mp safe Running tests with a debug kernel shows that bnx2fc_recv_frame() ismodifying the per_cpu lport stats counters in a non-mpsafe way. Just boota debug kernel and run the bnx2fc driver wit...

6.6AI score0.00037EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48728

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0PGD 0 P4D 0Oops: 0002 [#1] SMP NOPTIWorkqueue: ev...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48732

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix off by one in BIOS boundary checking Bounds checking when parsing init scripts embedded in the BIOS rejectaccess to the last byte. This causes driver initialization to fail onApple eMac's with GeForce 2 MX GPUs, le...

7.8CVSS8.3AI score0.00015EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48748

In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using per-vlan state, if vlan snooping and stats are disabled,untagged or priority-tagged ingress frame will go to check pvid state.If the port state is forwarding and th...

7.5CVSS8.3AI score0.00031EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48766

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Wrap dcn301_calculate_wm_and_dlg for FPU. Mirrors the logic for dcn30. Cue lots of WARNs and somekernel panics without this fix.

5.5CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.62 views

CVE-2022-48810

In the Linux kernel, the following vulnerability has been resolved: ipmr,ip6mr: acquire RTNL before calling ip[6]mr_free_table() on failure path ip[6]mr_free_table() can only be called under RTNL lock. RTNL: assertion failed at net/core/dev.c (10367)WARNING: CPU: 1 PID: 5890 at net/core/dev.c:10367...

6.5AI score0.00109EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.62 views

CVE-2022-48838

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: Fix use-after-free bug by not setting udc->dev.driver The syzbot fuzzer found a use-after-free bug: BUG: KASAN: use-after-free in dev_uevent+0x712/0x780 drivers/base/core.c:2320Read of size 8 at addr ffff88802b93409...

5.5CVSS6.8AI score0.00048EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.62 views

CVE-2022-48849

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: bypass tiling flag check in virtual display case (v2) vkms leverages common amdgpu framebuffer creation, andalso as it does not support FB modifier, there is no needto check tiling flags when initing framebuffer when vi...

5.5CVSS6.9AI score0.00033EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.62 views

CVE-2022-48920

In the Linux kernel, the following vulnerability has been resolved: btrfs: get rid of warning on transaction commit when using flushoncommit When using the flushoncommit mount option, during almost every transactioncommit we trigger a warning from __writeback_inodes_sb_nr(): $ cat fs/fs-writeback.c...

5.5CVSS6.4AI score0.0003EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.62 views

CVE-2022-49001

In the Linux kernel, the following vulnerability has been resolved: riscv: fix race when vmap stack overflow Currently, when detecting vmap stack overflow, riscv firstly switchesto the so called shadow stack, then use this shadow stack to call theget_overflow_stack() to get the overflow stack. Howe...

7CVSS6.8AI score0.00023EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.62 views

CVE-2022-49027

In the Linux kernel, the following vulnerability has been resolved: iavf: Fix error handling in iavf_init_module() The iavf_init_module() won't destroy workqueue when pci_register_driver()failed. Call destroy_workqueue() when pci_register_driver() failed toprevent the resource leak. Similar to the ...

5.5CVSS5.2AI score0.00065EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49052

In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed page mapping with zram swap Two processes under CLONE_VM cloning, user process can be corrupted byseeing zeroed page unexpectedly. CPU A CPU B do_swap_page do_swap_pageSWP_SYNCHRONOUS_IO path SWP_SYNCHRONO...

5.3AI score0.00044EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching anNCI device. The main reason for this bug is the unexpected schedulingbetween the used delayed mechanism (timer and wor...

7.8CVSS5.4AI score0.00012EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49089

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition The documentation of the function rvt_error_qp says both r_lock and s_lockneed to be held when calling that function. It also asserts using lockdepthat both of...

5.4AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49117

In the Linux kernel, the following vulnerability has been resolved: mips: ralink: fix a refcount leak in ill_acc_of_setup() of_node_put(np) needs to be called when pdev == NULL.

5.5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49118

In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Free irq vectors in order for v3 HW If the driver probe fails to request the channel IRQ or fatal IRQ, thedriver will free the IRQ vectors before freeing the IRQs in free_irq(),and this will cause a kernel BUG like ...

5.2AI score0.00034EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49166

In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocationsize. It triggers one BUG in the __ntfs_malloc function. Fix this by adding sanity check on ni->attr_list_size.

6.5AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49191

In the Linux kernel, the following vulnerability has been resolved: mxser: fix xmit_buf leak in activate when LSR == 0xff When LSR is 0xff in ->activate() (rather unlike), we return an error.Provided ->shutdown() is not called when ->activate() fails, nothingactually frees the buffer in th...

5.5AI score0.00096EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49200

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtksdio: Fix kernel oops in btmtksdio_interrupt Fix the following kernel oops in btmtksdio_interrrupt [ 14.339134] btmtksdio_interrupt+0x28/0x54[ 14.339139] process_sdio_pending_irqs+0x68/0x1a0[ 14.339144] sdio_irq_wor...

6.4AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49208

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Prevent some integer underflows My static checker complains that: drivers/infiniband/hw/irdma/ctrl.c:3605 irdma_sc_ceq_init() warn: can subtract underflow 'info->dev->hmc_fpm_misc.max_ceqs'? It appears that "info-...

5.5CVSS5.4AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49219

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: fix memory leak during D3hot to D0 transition If 'vfio_pci_core_device::needs_pm_restore' is set (PCI device doesnot have No_Soft_Reset bit set in its PMCSR config register), thenthe current PCI state will be saved locall...

5.5CVSS6.4AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49230

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix possible memory leak in mt7915_mcu_add_sta Free allocated skb in mt7915_mcu_add_sta routine in case of failures.

5.5CVSS5.4AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49246

In the Linux kernel, the following vulnerability has been resolved: ASoC: atmel: Fix error handling in snd_proto_probe The device_node pointer is returned by of_parse_phandle() with refcountincremented. We should use of_node_put() on it when done. This function only calls of_node_put() in the regul...

5.4AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49320

In the Linux kernel, the following vulnerability has been resolved: dmaengine: zynqmp_dma: In struct zynqmp_dma_chan fix desc_size data type In zynqmp_dma_alloc/free_chan_resources functions there is apotential overflow in the below expressions. dma_alloc_coherent(chan->dev, (2 * chan->desc_s...

5.6AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49324

In the Linux kernel, the following vulnerability has been resolved: mips: cpc: Fix refcount leak in mips_cpc_default_phys_base Add the missing of_node_put() to release the refcount incrementedby of_find_compatible_node().

5.5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49480

In the Linux kernel, the following vulnerability has been resolved: ASoC: imx-hdmi: Fix refcount leak in imx_hdmi_probe of_find_device_by_node() takes reference, we should use put_device()to release it. when devm_kzalloc() fails, it doesn't have aput_device(), it will cause refcount leak.Add missin...

5.5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49485

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Fix null pointer dereference of pointer perfmon In the unlikely event that pointer perfmon is null the WARN_ON return pathoccurs after the pointer has already been deferenced. Fix this by onlydereferencing perfmon after it...

5.5CVSS6.6AI score0.00031EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49529

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the pp_funcs is initialized while release thecontext, otherwise it will trigger null pointer panic while the softwaresmu is not enabled. [ 1109.4045...

5.5CVSS5.1AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, whichusually happens when a timer is freed while still active. This iscommonly triggered by code calling del_t...

5.5AI score0.00034EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49658

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix insufficient bounds propagation from adjust_scalar_min_max_vals Kuee reported a corner case where the tnum becomes constant after the callto __reg_bound_offset(), but the register's bounds are not, that is, itsmin bounds a...

5.2AI score0.00041EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.62 views

CVE-2022-49740

In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Check the count value of channel spec to prevent out-of-bounds reads This patch fixes slab-out-of-bounds reads in brcmfmac that occur inbrcmf_construct_chaninfo() and brcmf_enable_bw40_2g() when the countvalue of ch...

7.1CVSS6.5AI score0.00021EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.62 views

CVE-2022-49749

In the Linux kernel, the following vulnerability has been resolved: i2c: designware: use casting of u64 in clock multiplication to avoid overflow In functions i2c_dw_scl_lcnt() and i2c_dw_scl_hcnt() may have overflowby depending on the values of the given parameters including the ic_clk.For example...

5.5CVSS6.6AI score0.00021EPSS
Total number of security vulnerabilities10741