Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2005/09/06 5:3 p.m.61 views

CVE-2005-2800

Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterat...

2.1CVSS4.9AI score0.00159EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.61 views

CVE-2005-3806

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

6.6CVSS4.8AI score0.00165EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.61 views

CVE-2006-0741

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."

1.2CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2006/07/10 7:5 p.m.61 views

CVE-2006-2936

The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.

7.8CVSS7AI score0.10179EPSS
CVE
CVE
added 2006/08/21 9:4 p.m.61 views

CVE-2006-4093

Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

4.9CVSS7AI score0.00062EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.61 views

CVE-2006-6054

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.

4CVSS7AI score0.00061EPSS
CVE
CVE
added 2007/05/14 5:19 p.m.61 views

CVE-2006-7203

The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs").

4CVSS6.9AI score0.00061EPSS
CVE
CVE
added 2008/09/04 5:41 p.m.61 views

CVE-2007-6716

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

5.5CVSS5.1AI score0.00042EPSS
CVE
CVE
added 2017/04/24 6:59 a.m.61 views

CVE-2007-6761

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321.

7.8CVSS4.7AI score0.00135EPSS
CVE
CVE
added 2008/02/12 9:0 p.m.61 views

CVE-2008-0009

The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.

2.1CVSS5.9AI score0.01003EPSS
CVE
CVE
added 2009/08/14 3:16 p.m.61 views

CVE-2009-2767

The init_posix_timers function in kernel/posix-timers.c in the Linux kernel before 2.6.31-rc6 allows local users to cause a denial of service (OOPS) or possibly gain privileges via a CLOCK_MONOTONIC_RAW clock_nanosleep call that triggers a NULL pointer dereference.

7.2CVSS7.3AI score0.00132EPSS
CVE
CVE
added 2010/01/27 5:30 p.m.61 views

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash ch...

7.8CVSS6.9AI score0.0181EPSS
CVE
CVE
added 2010/01/26 6:30 p.m.61 views

CVE-2010-0006

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

7.1CVSS6.5AI score0.05055EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.61 views

CVE-2010-1187

The Transparent Inter-Process Communication (TIPC) functionality in Linux kernel 2.6.16-rc1 through 2.6.33, and possibly other versions, allows local users to cause a denial of service (kernel OOPS) by sending datagrams through AF_TIPC before entering network mode, which triggers a NULL pointer der...

4.9CVSS6.3AI score0.00066EPSS
CVE
CVE
added 2010/12/29 6:0 p.m.61 views

CVE-2010-4343

drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of service (system crash) via read operations on an fc_host statistics file.

5.5CVSS4.9AI score0.00073EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.61 views

CVE-2011-0716

The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface.

4.7CVSS7AI score0.00068EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.61 views

CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

3.6CVSS7AI score0.2603EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.61 views

CVE-2011-4324

The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.

4.9CVSS5.5AI score0.00158EPSS
CVE
CVE
added 2013/01/22 11:55 p.m.61 views

CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

5CVSS7.7AI score0.01565EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.61 views

CVE-2013-3227

The caif_seqpkt_recvmsg function in net/caif/caif_socket.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.2AI score0.00073EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.61 views

CVE-2015-4177

The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 syst...

5.5CVSS5.2AI score0.00042EPSS
CVE
CVE
added 2017/06/28 6:29 a.m.61 views

CVE-2017-9986

The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "dou...

7.8CVSS7.6AI score0.00096EPSS
CVE
CVE
added 2018/04/12 6:29 p.m.61 views

CVE-2018-10074

The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval.

5.5CVSS5.1AI score0.00038EPSS
CVE
CVE
added 2018/06/24 11:29 p.m.61 views

CVE-2018-12714

An issue was discovered in the Linux kernel through 4.17.2. The filter parsing in kernel/trace/trace_events_filter.c could be called with no filter, which is an N=0 case when it expected at least one line to have been read, thus making the N-1 index invalid. This allows attackers to cause a denial ...

10CVSS9.5AI score0.01204EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.61 views

CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s) hex dump (first 32 bytes): 00 40...

3.3CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.61 views

CVE-2021-47145

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not BUG_ON in link_to_fixup_dir While doing error injection testing I got the following panic kernel BUG at fs/btrfs/tree-log.c:1862!invalid opcode: 0000 [#1] SMP NOPTICPU: 1 PID: 7836 Comm: mount Not tainted 5.13.0-rc1+ ...

5.5CVSS6.8AI score0.00008EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.61 views

CVE-2021-47150

In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it shouldfree the memory allocated for the queues, otherwise it causesmemory leak. And if the memory allocated for the queue...

5.5CVSS6.4AI score0.00009EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.61 views

CVE-2021-47180

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.Fix this by freeing hci_dev in nci_free_device. BUG: memory leakunreferenced object 0xffff888111ea6800 (size 1024...

5.5CVSS6.4AI score0.00008EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.61 views

CVE-2021-47192

In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero afterofflinining device") The problem is that after iSCSI recovery, iscsi...

5.3CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.61 views

CVE-2021-47198

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver:"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg...

7.8CVSS6.4AI score0.00014EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.61 views

CVE-2021-47206

In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL,we need check the return value.

5.5CVSS6.5AI score0.00008EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.61 views

CVE-2021-47215

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix crash in RX resync flow For the TLS RX resync flow, we maintain a list of TLS contextsthat require some attention, to communicate their resync informationto the HW.Here we fix list corruptions, by protecting th...

5.5CVSS6.4AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47233

In the Linux kernel, the following vulnerability has been resolved: regulator: rt4801: Fix NULL pointer dereference if priv->enable_gpios is NULL devm_gpiod_get_array_optional may return NULL if no GPIO was assigned.

5.5CVSS6.7AI score0.00053EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47261

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQfragments buffer cq->buf, or the temporary cq->resize_buf that is filledduring CQ resize operation. Howev...

7.8CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47302

In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning theTX ring. Failure to do so can cause invalid memory accesses. If igc_poll() runswhile the controller is being reset this...

7.8CVSS6.7AI score0.00005EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47305

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sync_file: Don't leak fences on merge failure Each add_fence() call does a dma_fence_get() on the relevant fence. Inthe error path, we weren't calling dma_fence_put() so all those fencesgot leaked. Also, in the krealloc_arr...

5.5CVSS6.7AI score0.00005EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47335

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 (in kfence-#10):kmem_cache_destroy+0x...

5.5CVSS6.7AI score0.00031EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47361

In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: If ida_simple_get() fails then this code calls put_device(carrier)but we haven't yet called get_device(carrier) and probably thatleads to a use after free. After device...

7.8CVSS6.8AI score0.00013EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47364

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix memory leak in compat_insnlist() compat_insnlist() handles the 32-bit version of the COMEDI_INSNLISTioctl (whenwhen CONFIG_COMPAT is enabled). It allocates memory totemporarily hold an array of struct comedi_insn conver...

5.5CVSS6.5AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47396

In the Linux kernel, the following vulnerability has been resolved: mac80211-hwsim: fix late beacon hrtimer handling Thomas explained in https://lore.kernel.org/r/87mtoeb4hb.ffs@tglxthat our handling of the hrtimer here is wrong: If the timer fireslate (e.g. due to vCPU scheduling, as reported by D...

6.7AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47398

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsignedlong long' and printed with %llx. Change %llx to %p to print the securedpointer.

6.6AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47417

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix memory leak in strset Free struct strset itself, not just its internal parts.

5.5CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47422

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should becalled, otherwise the 'op' allocated in single_open() will be leaked.

5.5CVSS6.8AI score0.00016EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47431

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched withcorrespoding gart_enbale function in SRIOV case. This willlead to gart.bo pin_count leak on driver unload.

6.6AI score0.00033EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.61 views

CVE-2021-47477

In the Linux kernel, the following vulnerability has been resolved: comedi: dt9812: fix DMA buffers on stack USB transfer buffers are typically mapped for DMA and must not beallocated on the stack or transfers will fail. Allocate proper transfer buffers in the various command helpers andreturn an e...

5.3CVSS7AI score0.00213EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.61 views

CVE-2021-47481

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but anerrant set to desc_size in reg_create() causes a crash: BUG: unable to handle page fault for address: ...

6.5AI score0.00046EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.61 views

CVE-2021-47504

In the Linux kernel, the following vulnerability has been resolved: io_uring: ensure task_work gets run as part of cancelations If we successfully cancel a work item but that work item needs to beprocessed through task_work, then we can be sleeping uninterruptiblyin io_uring_cancel_generic() and ne...

6.6AI score0.00026EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.61 views

CVE-2021-47540

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix NULL pointer dereference in mt7915_get_phy_mode Fix the following NULL pointer dereference in mt7915_get_phy_moderoutine adding an ibss interface to the mt7915 driver. [ 101.137097] wlan0: Trigger new scan to find...

5.5CVSS6.8AI score0.00018EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.61 views

CVE-2021-47587

In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, andthe locking mechanism used today only protects concurrency across a giventransmit queue bet...

5.5CVSS7.2AI score0.00006EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.61 views

CVE-2021-47616

In the Linux kernel, the following vulnerability has been resolved: RDMA: Fix use-after-free in rxe_queue_cleanup On error handling path in rxe_qp_from_init() qp->sq.queue is freed andthen rxe_create_qp() will drop last reference to this object. qp clean upfunction will try to free this queue on...

7.8CVSS8.4AI score0.00027EPSS
Total number of security vulnerabilities10741