Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2017/04/07 10:59 p.m.68 views

CVE-2017-0568

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.00254EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.68 views

CVE-2017-0630

An information disclosure vulnerability in the kernel trace subsystem could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Ker...

4.7CVSS3.6AI score0.00316EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.68 views

CVE-2017-17856

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging the lack of stack-pointer alignment enforcement.

7.8CVSS7.5AI score0.00071EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.68 views

CVE-2019-18810

A memory leak in the komeda_wb_connector_add() function in drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c in the Linux kernel before 5.3.8 allows attackers to cause a denial of service (memory consumption) by triggering drm_writeback_connector_init() failures, aka CID-a0ecd6fdbf5d.

7.8CVSS7.7AI score0.0122EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.68 views

CVE-2019-18812

A memory leak in the sof_dfsentry_write() function in sound/soc/sof/debug.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-c0a333d842ef.

7.8CVSS7.5AI score0.00554EPSS
CVE
CVE
added 2025/05/07 2:15 p.m.68 views

CVE-2020-36791

In the Linux kernel, the following vulnerability has been resolved: net_sched: keep alloc_hash updated after hash allocation In commit 599be01ee567 ("net_sched: fix an OOB access in cls_tcindex")I moved cp->hash calculation before the firsttcindex_alloc_perfect_hash(), but cp->alloc_hash is l...

5.3AI score0.00049EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.68 views

CVE-2021-47117

In the Linux kernel, the following vulnerability has been resolved: ext4: fix bug on in ext4_es_cache_extent as ext4_split_extent_at failed We got follow bug_on when run fsstress with injecting IO fault:[130747.323114] kernel BUG at fs/ext4/extents_status.c:762![130747.323117] Internal error: Oops ...

5.5CVSS6.4AI score0.00007EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.68 views

CVE-2021-47158

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: add error handling in sja1105_setup() If any of sja1105_static_config_load(), sja1105_clocking_setup() orsja1105_devlink_setup() fails, we can't just return in the middle ofsja1105_setup() or memory will leak. Ad...

5.5CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.68 views

CVE-2021-47187

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: msm8998: Fix CPU/L2 idle state latency and residency The entry/exit latency and minimum residency in state for the idlestates of MSM8998 were ..bad: first of all, for all of them thetimings were written for CPU sl...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.68 views

CVE-2021-47205

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: Unregister clocks/resets when unbinding Currently, unbinding a CCU driver unmaps the device's MMIO region, whileleaving its clocks/resets and their providers registered. This can causea page fault later when some clo...

5.5CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47254

In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix use-after-free in gfs2_glock_shrink_scan The GLF_LRU flag is checked under lru_lock in gfs2_glock_remove_from_lru() toremove the glock from the lru list in __gfs2_glock_put(). On the shrink scan path, the same flag is cle...

7.8CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47275

In the Linux kernel, the following vulnerability has been resolved: bcache: avoid oversized read request in cache missing code path In the cache missing code path of cached device, if a proper locationfrom the internal B+ tree is matched for a cache miss range, functioncached_dev_cache_miss() will ...

5.5CVSS6.5AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47291

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix another slab-out-of-bounds in fib6_nh_flush_exceptions While running the self-tests on a KASAN enabled kernel, I observed aslab-out-of-bounds splat very similar to the one reported incommit 821bbf79fe46 ("ipv6: Fix KASAN:...

7.1CVSS6.7AI score0.00049EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47376

In the Linux kernel, the following vulnerability has been resolved: bpf: Add oversize check before call kvcalloc() Commit 7661809d493b ("mm: don't allow oversized kvmalloc() calls") add theoversize check. When the allocation is larger than what kmalloc() supports,the following warning triggered: WA...

6.8AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47419

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_taprio: properly cancel timer from taprio_destroy() There is a comment in qdisc_create() about us not calling ops->reset()in some cases. err_out4:/** Any broken qdiscs that would require a ops->reset() here?* T...

5.5CVSS7AI score0.00028EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.68 views

CVE-2021-47425

In the Linux kernel, the following vulnerability has been resolved: i2c: acpi: fix resource leak in reconfiguration device addition acpi_i2c_find_adapter_by_handle() calls bus_find_device() which takes areference on the adapter which is never released which will result in areference count leak and ...

6.7AI score0.00033EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.68 views

CVE-2021-47478

In the Linux kernel, the following vulnerability has been resolved: isofs: Fix out of bound access for corrupted isofs image When isofs image is suitably corrupted isofs_read_inode() can read databeyond the end of buffer. Sanity-check the directory entry length beforeusing it.

5.5CVSS7.1AI score0.00008EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.68 views

CVE-2021-47482

In the Linux kernel, the following vulnerability has been resolved: net: batman-adv: fix error handling Syzbot reported ODEBUG warning in batadv_nc_mesh_free(). The problem wasin wrong error handling in batadv_mesh_init(). Before this patch batadv_mesh_init() was calling batadv_mesh_free() in caseo...

5.3CVSS7.1AI score0.00148EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.68 views

CVE-2021-47578

In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Don't call kcalloc() if size arg is zero If the size arg to kcalloc() is zero, it returns ZERO_SIZE_PTR. Because ofthat, for a following NULL pointer check to work on the returned pointer,kcalloc() must not be cal...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.68 views

CVE-2021-47619

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix queues reservation for XDP When XDP was configured on a system with large number of CPUsand X722 NIC there was a call trace with NULL pointer dereference. i40e 0000:87:00.0: failed to get tracking for 256 queues for VSI 0...

5.5CVSS6.8AI score0.00016EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.68 views

CVE-2021-47635

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix to add refcount once page is set private MM defined the rule [1] very clearly that once page was set with PG_privateflag, we should increment the refcount in that page, also main flows likepageout(), migrate_page() will ...

5.2AI score0.00044EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.68 views

CVE-2022-48635

In the Linux kernel, the following vulnerability has been resolved: fsdax: Fix infinite loop in dax_iomap_rw() I got an infinite loop and a WARNING report when executing a tail commandin virtiofs. WARNING: CPU: 10 PID: 964 at fs/iomap/iter.c:34 iomap_iter+0x3a2/0x3d0Modules linked in:CPU: 10 PID: 9...

6.2CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.68 views

CVE-2022-48654

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_osf: fix possible bogus match in nf_osf_find() nf_osf_find() incorrectly returns true on mismatch, this leads tocopying uninitialized memory area in nft_osf which can be used to leakstale kernel stack data to u...

5.5CVSS6.2AI score0.00012EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.68 views

CVE-2022-48693

In the Linux kernel, the following vulnerability has been resolved: soc: brcmstb: pm-arm: Fix refcount leak and __iomem leak bugs In brcmstb_pm_probe(), there are two kinds of leak bugs: (1) we need to add of_node_put() when for_each__matching_node() breaks(2) we need to add iounmap() for each ioma...

5.5CVSS6.4AI score0.00008EPSS
CVE
CVE
added 2024/05/03 4:15 p.m.68 views

CVE-2022-48698

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix memory leak when using debugfs_lookup() When calling debugfs_lookup() the result must have dput() called on it,otherwise the memory will leak over time. Fix this up by properlycalling dput().

5.3CVSS6.6AI score0.00019EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.68 views

CVE-2022-48708

In the Linux kernel, the following vulnerability has been resolved: pinctrl: single: fix potential NULL dereference Added checking of pointer "function" in pcs_set_mux().pinmux_generic_get_function() can return NULL and the pointer"function" was dereferenced without checking against NULL. Found by ...

5.5CVSS6.7AI score0.00009EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.68 views

CVE-2022-48711

In the Linux kernel, the following vulnerability has been resolved: tipc: improve size validations for received domain records The function tipc_mon_rcv() allows a node to receive and processdomain_record structs from peer nodes to track their views of thenetwork topology. This patch verifies that ...

5.3CVSS7AI score0.56494EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.68 views

CVE-2022-48850

In the Linux kernel, the following vulnerability has been resolved: net-sysfs: add check for netdevice being present to speed_show When bringing down the netdevice or system shutdown, a panic can betriggered while accessing the sysfs path because the device is alreadyremoved. [ 755.549084] mlx5_cor...

5.5CVSS6AI score0.00016EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.68 views

CVE-2022-48852

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: hdmi: Unregister codec device on unbind On bind we will register the HDMI codec device but we don't unregisterit on unbind, leading to a device leakage. Unregister our device atunbind.

3.3CVSS6AI score0.00019EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.68 views

CVE-2022-48879

In the Linux kernel, the following vulnerability has been resolved: efi: fix NULL-deref in init error path In cases where runtime services are not supported or have been disabled,the runtime services workqueue will never have been allocated. Do not try to destroy the workqueue unconditionally in th...

5.5CVSS6.5AI score0.00048EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.68 views

CVE-2022-49021

In the Linux kernel, the following vulnerability has been resolved: net: phy: fix null-ptr-deref while probe() failed I got a null-ptr-deref report as following when doing fault injection test: BUG: kernel NULL pointer dereference, address: 0000000000000058Oops: 0000 [#1] PREEMPT SMP KASAN PTICPU: ...

5.5CVSS5AI score0.00053EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.68 views

CVE-2022-49025

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When having multiple dests with termination tables and second oneor afterwards fails the driver reverts usage of term tables butdoesn't reset the assignment in attr-&gt...

7.8CVSS7.4AI score0.00075EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49051

In the Linux kernel, the following vulnerability has been resolved: net: usb: aqc111: Fix out-of-bounds accesses in RX fixup aqc111_rx_fixup() contains several out-of-bounds accesses that can betriggered by a malicious (or defective) USB device, in particular: The metadata array (desc_offset..desc_...

5.4AI score0.00044EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49059

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: add flush_workqueue to prevent uaf Our detector found a concurrent use-after-free bug when detaching anNCI device. The main reason for this bug is the unexpected schedulingbetween the used delayed mechanism (timer and wor...

7.8CVSS5.4AI score0.00014EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49092

In the Linux kernel, the following vulnerability has been resolved: net: ipv4: fix route with nexthop object delete warning FRR folks have hit a kernel warning[1] while deleting routes[2] which iscaused by trying to delete a route pointing to a nexthop id withoutspecifying nhid but matching on an i...

5.2AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49095

In the Linux kernel, the following vulnerability has been resolved: scsi: zorro7xx: Fix a resource leak in zorro7xx_remove_one() The error handling path of the probe releases a resource that is not freedin the remove function. In some cases, a ioremap() must be undone. Add the missing iounmap() cal...

5.4AI score0.00102EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of the three connection complete events is received multipletimes for the same handle, the device is registered multiple times whichleads to memory corruptions. Th...

5.4AI score0.00051EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49144

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix memory leak of uid in files registration When there are no files for __io_sqe_files_scm() to process in therange, it'll free everything and return. However, it forgets to put uid.

5.5CVSS5.4AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49193

In the Linux kernel, the following vulnerability has been resolved: ice: fix 'scheduling while atomic' on aux critical err interrupt There's a kernel BUG splat on processing aux critical errorinterrupts in ice_misc_intr(): [ 2100.917085] BUG: scheduling while atomic: swapper/15/0/0x00010000...[ 210...

5.3AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.68 views

CVE-2022-49218

In the Linux kernel, the following vulnerability has been resolved: drm/dp: Fix OOB read when handling Post Cursor2 register The link_status array was not large enough to read the Adjust RequestPost Cursor2 register, so remove the common helper function to avoidan OOB read, found with a -Warray-bou...

7.1CVSS5.3AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49337

In the Linux kernel, the following vulnerability has been resolved: ocfs2: dlmfs: fix error handling of user_dlm_destroy_lock When user_dlm_destroy_lock failed, it didn't clean up the flags it setbefore exit. For USER_LOCK_IN_TEARDOWN, if this function fails because oflock is still in used, next ti...

5AI score0.00102EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49392

In the Linux kernel, the following vulnerability has been resolved: serial: 8250_aspeed_vuart: Fix potential NULL dereference in aspeed_vuart_probe platform_get_resource() may fail and return NULL, so we shouldbetter check it's return value to avoid a NULL pointer dereference.

5.5CVSS5.3AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49424

In the Linux kernel, the following vulnerability has been resolved: iommu/mediatek: Fix NULL pointer dereference when printing dev_name When larbdev is NULL (in the case I hit, the node is incorrectly setiommus = ), it will cause device_link_add() fail andkernel crashes when we try to print dev_nam...

5.3AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49446

In the Linux kernel, the following vulnerability has been resolved: nvdimm: Fix firmware activation deadlock scenarios Lockdep reports the following deadlock scenarios for CXL root devicepower-management, device_prepare(), operations, and device_shutdown()operations for 'nd_region' devices: Chain e...

5.5CVSS5.4AI score0.00019EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49476

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix kernel crash at mt7921_pci_remove The crash log shown it is possible that mt7921_irq_handler is called whiledevm_free_irq is being handled so mt76_free_device need to be postponeduntil devm_free_irq is completed t...

5.5CVSS5.1AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49488

In the Linux kernel, the following vulnerability has been resolved: drm/msm/mdp5: Return error code in mdp5_mixer_release when deadlock is detected There is a possibility for mdp5_get_global_state to return-EDEADLK when acquiring the modeset lock, but currently global_state inmdp5_mixer_release doe...

5.5AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49529

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/pm: fix the null pointer while the smu is disabled It needs to check if the pp_funcs is initialized while release thecontext, otherwise it will trigger null pointer panic while the softwaresmu is not enabled. [ 1109.4045...

5.5CVSS5.1AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49530

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix double free in si_parse_power_table() In function si_parse_power_table(), array adev->pm.dpm.ps and its memberis allocated. If the allocation of each member fails, the array itselfis freed and returned with an er...

7.8CVSS5.5AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49555

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_qca: Use del_timer_sync() before freeing While looking at a crash report on a timer list being corrupted, whichusually happens when a timer is freed while still active. This iscommonly triggered by code calling del_t...

5.5AI score0.00044EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.68 views

CVE-2022-49613

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: Fix PM usage_count for console handover When console is enabled, univ8250_console_setup() callsserial8250_console_setup() before .dev is set to uart_port. Therefore,it will not call pm_runtime_get_sync(). Later, when ...

5.3AI score0.00041EPSS
Total number of security vulnerabilities10926