Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2025/04/16 3:16 p.m.67 views

CVE-2025-22091

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result tounsigned long to support values larger than 31 and avoid overflow. For example: If we try to register 4GB of memory tha...

6.3AI score0.00034EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.67 views

CVE-2025-22123

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid accessing uninitialized curseg syzbot reports a f2fs bug as below: F2FS-fs (loop3): Stopped filesystem due to reason: 7kworker/u8:7: attempt to access beyond end of deviceBUG: unable to handle page fault for addr...

6.5AI score0.0004EPSS
CVE
CVE
added 2025/05/16 1:15 p.m.67 views

CVE-2025-37890

In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child qdisc As described in Gerrard's report [1], we have a UAF case when an hfsc classhas a netem child qdisc. The crux of the issue is that hfsc is assumingthat chec...

6.4AI score0.00053EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.66 views

CVE-2001-0317

Race condition in ptrace in Linux kernel 2.4 and 2.2 allows local users to gain privileges by using ptrace to track and modify a running setuid process.

3.7CVSS6.5AI score0.00175EPSS
CVE
CVE
added 2004/03/03 5:0 a.m.66 views

CVE-2004-0010

Stack-based buffer overflow in the ncp_lookup function for ncpfs in Linux kernel 2.4.x allows local users to gain privileges.

7.2CVSS6.4AI score0.0008EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.66 views

CVE-2005-2459

The huft_build function in inflate.c in the zlib routines in the Linux kernel before 2.6.12.5 returns the wrong value, which allows remote attackers to cause a denial of service (kernel crash) via a certain compressed file that leads to a null pointer dereference, a different vulnerability than CVE...

5CVSS5.9AI score0.12945EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.66 views

CVE-2005-2555

Linux kernel 2.6.x does not properly restrict socket policy access to users with the CAP_NET_ADMIN capability, which could allow local users to conduct unauthorized activities via (1) ipv4/ip_sockglue.c and (2) ipv6/ipv6_sockglue.c.

4.6CVSS5.3AI score0.00093EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.66 views

CVE-2005-3272

Linux kernel before 2.6.12 allows remote attackers to poison the bridge forwarding table using frames that have already been dropped by filtering, which can cause the bridge to forward spoofed packets.

5CVSS5.7AI score0.01652EPSS
CVE
CVE
added 2005/10/21 1:2 a.m.66 views

CVE-2005-3276

The sys_get_thread_area function in process.c in Linux 2.6 before 2.6.12.4 and 2.6.13 does not clear a data structure before copying it to userspace, which might allow a user process to obtain sensitive information.

2.1CVSS5.6AI score0.0011EPSS
CVE
CVE
added 2006/01/23 10:0 p.m.66 views

CVE-2005-3356

The mq_open system call in Linux kernel 2.6.9, in certain situations, can decrement a counter twice ("double decrement") as a result of multiple calls to the mntput function when the dentry_open function call fails, which allows local users to cause a denial of service (panic) via unspecified attac...

2.1CVSS4.5AI score0.00068EPSS
CVE
CVE
added 2006/03/27 12:2 a.m.66 views

CVE-2006-1066

Linux kernel 2.6.16-rc2 and earlier, when running on x86_64 systems with preemption enabled, allows local users to cause a denial of service (oops) via multiple ptrace tasks that perform single steps, which can cause corruption of the DEBUG_STACK stack during the do_debug function call.

1.2CVSS5.2AI score0.0006EPSS
CVE
CVE
added 2006/04/19 6:18 p.m.66 views

CVE-2006-1525

ip_route_input in Linux kernel 2.6 before 2.6.16.8 allows local users to cause a denial of service (panic) via a request for a route for a multicast IP address, which triggers a null dereference.

4.9CVSS5.7AI score0.00092EPSS
CVE
CVE
added 2007/05/18 10:30 p.m.66 views

CVE-2007-2764

The embedded Linux kernel in certain Sun-Brocade SilkWorm switches before 20070516 does not properly handle a situation in which a non-root user creates a kernel process, which allows attackers to cause a denial of service (oops and device reboot) via unspecified vectors.

7.8CVSS6.4AI score0.00956EPSS
CVE
CVE
added 2008/09/11 1:13 a.m.66 views

CVE-2008-3915

Buffer overflow in nfsd in the Linux kernel before 2.6.26.4, when NFSv4 is enabled, allows remote attackers to have an unknown impact via vectors related to decoding an NFSv4 acl.

9.3CVSS5.3AI score0.05797EPSS
CVE
CVE
added 2008/12/22 3:30 p.m.66 views

CVE-2008-5701

Array index error in arch/mips/kernel/scall64-o32.S in the Linux kernel before 2.6.28-rc8 on 64-bit MIPS platforms allows local users to cause a denial of service (system crash) via an o32 syscall with a small syscall number, which leads to an attempted read operation outside the bounds of the sysc...

4.7CVSS5.7AI score0.0006EPSS
CVE
CVE
added 2008/12/22 3:30 p.m.66 views

CVE-2008-5702

Buffer underflow in the ibwdt_ioctl function in drivers/watchdog/ib700wdt.c in the Linux kernel before 2.6.28-rc1 might allow local users to have an unknown impact via a certain /dev/watchdog WDIOC_SETTIMEOUT IOCTL call.

7.2CVSS4.5AI score0.00061EPSS
CVE
CVE
added 2009/06/08 1:0 a.m.66 views

CVE-2009-1961

The inode double locking code in fs/ocfs2/file.c in the Linux kernel 2.6.30 before 2.6.30-rc3, 2.6.27 before 2.6.27.24, 2.6.29 before 2.6.29.4, and possibly other versions down to 2.6.19 allows local users to cause a denial of service (prevention of file creation and removal) via a series of splice...

4.7CVSS4.4AI score0.00133EPSS
CVE
CVE
added 2009/10/29 2:30 p.m.66 views

CVE-2009-3638

Integer overflow in the kvm_dev_ioctl_get_supported_cpuid function in arch/x86/kvm/x86.c in the KVM subsystem in the Linux kernel before 2.6.31.4 allows local users to have an unspecified impact via a KVM_GET_SUPPORTED_CPUID request to the kvm_arch_dev_ioctl function.

7.2CVSS6.9AI score0.00061EPSS
CVE
CVE
added 2009/12/02 4:30 p.m.66 views

CVE-2009-4026

The mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (panic) via a crafted Delete Block ACK (aka DELBA) packet, related to an erroneous "code shuffling patch."

7.8CVSS6.5AI score0.01292EPSS
CVE
CVE
added 2010/06/03 2:30 p.m.66 views

CVE-2010-1643

mm/shmem.c in the Linux kernel before 2.6.28-rc3, when strict overcommit is enabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspecified other impact via unknown ...

6.9CVSS7.2AI score0.00093EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.66 views

CVE-2010-4648

The orinoco_ioctl_set_auth function in drivers/net/wireless/orinoco/wext.c in the Linux kernel before 2.6.37 does not properly implement a TKIP protection mechanism, which makes it easier for remote attackers to obtain access to a Wi-Fi network by reading Wi-Fi frames.

3.3CVSS5.7AI score0.00228EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.66 views

CVE-2011-1023

The Reliable Datagram Sockets (RDS) subsystem in the Linux kernel before 2.6.38 does not properly handle congestion map updates, which allows local users to cause a denial of service (BUG_ON and system crash) via vectors involving (1) a loopback (aka loop) transmit operation or (2) an InfiniBand (a...

4.9CVSS6.8AI score0.00151EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.66 views

CVE-2011-1477

Multiple array index errors in sound/oss/opl3.c in the Linux kernel before 2.6.39 allow local users to cause a denial of service (heap memory corruption) or possibly gain privileges by leveraging write access to /dev/sequencer.

7.2CVSS8.1AI score0.00075EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.66 views

CVE-2011-4097

Integer overflow in the oom_badness function in mm/oom_kill.c in the Linux kernel before 3.1.8 on 64-bit platforms allows local users to cause a denial of service (memory consumption or process termination) by using a certain large amount of memory.

5.5CVSS6.1AI score0.00077EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.66 views

CVE-2011-4914

The ROSE protocol implementation in the Linux kernel before 2.6.39 does not verify that certain data-length values are consistent with the amount of data sent, which might allow remote attackers to obtain sensitive information from kernel memory or cause a denial of service (out-of-bounds read) via...

6.4CVSS5.8AI score0.01278EPSS
CVE
CVE
added 2012/12/21 11:47 a.m.66 views

CVE-2012-5517

The online_pages function in mm/memory_hotplug.c in the Linux kernel before 3.6 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact in opportunistic circumstances by using memory that was hot-added by an administrator...

4CVSS7.4AI score0.00043EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.66 views

CVE-2013-3223

The ax25_recvmsg function in net/ax25/af_ax25.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.7AI score0.00076EPSS
CVE
CVE
added 2013/12/09 6:55 p.m.66 views

CVE-2013-7026

Multiple race conditions in ipc/shm.c in the Linux kernel before 3.12.2 allow local users to cause a denial of service (use-after-free and system crash) or possibly have unspecified other impact via a crafted application that uses shmctl IPC_RMID operations in conjunction with other shm system call...

4.7CVSS7.7AI score0.00009EPSS
CVE
CVE
added 2016/08/06 10:59 a.m.66 views

CVE-2014-9892

The snd_compr_tstamp function in sound/core/compress_offload.c in the Linux kernel through 4.7, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly initialize a timestamp data structure, which allows attackers to obtain sensitive information via a crafted applica...

5.5CVSS5.3AI score0.00162EPSS
CVE
CVE
added 2016/08/30 5:59 p.m.66 views

CVE-2016-5342

Heap-based buffer overflow in the wcnss_wlan_write function in drivers/net/wireless/wcnss/wcnss_wlan.c in the wcnss_wlan device driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial ...

7.8CVSS7.9AI score0.00614EPSS
CVE
CVE
added 2017/01/05 11:59 a.m.66 views

CVE-2016-9754

The ring_buffer_resize function in kernel/trace/ring_buffer.c in the profiling subsystem in the Linux kernel before 4.6.1 mishandles certain integer calculations, which allows local users to gain privileges by writing to the /sys/kernel/debug/tracing/buffer_size_kb file.

7.8CVSS7.3AI score0.00101EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.66 views

CVE-2017-0428

An elevation of privilege vulnerability in the NVIDIA GPU driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the ope...

9.3CVSS7.2AI score0.00135EPSS
CVE
CVE
added 2017/02/06 6:59 a.m.66 views

CVE-2017-5550

Off-by-one error in the pipe_advance function in lib/iov_iter.c in the Linux kernel before 4.9.5 allows local users to obtain sensitive information from uninitialized heap-memory locations in opportunistic circumstances by reading from a pipe after an incorrect buffer-release decision.

5.5CVSS5.5AI score0.0008EPSS
CVE
CVE
added 2018/05/18 4:29 a.m.66 views

CVE-2018-11232

The etm_setup_aux function in drivers/hwtracing/coresight/coresight-etm-perf.c in the Linux kernel before 4.10.2 allows attackers to cause a denial of service (panic) because a parameter is incorrectly used as a local variable.

5.5CVSS5.1AI score0.0011EPSS
CVE
CVE
added 2019/04/30 6:29 p.m.66 views

CVE-2018-20510

The print_binder_transaction_ilocked function in drivers/android/binder.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "*from *code *flags" lines in a debugfs file.

5.5CVSS5.6AI score0.00056EPSS
CVE
CVE
added 2019/11/07 4:15 p.m.66 views

CVE-2019-18807

Two memory leaks in the sja1105_static_config_upload() function in drivers/net/dsa/sja1105/sja1105_spi.c in the Linux kernel before 5.3.5 allow attackers to cause a denial of service (memory consumption) by triggering static_config_buf_prepare_for_upload() or sja1105_inhibit_tx() failures, aka CID-...

7.5CVSS7.1AI score0.01186EPSS
CVE
CVE
added 2022/09/01 6:15 p.m.66 views

CVE-2020-27784

A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printer_ioctl() printer_ioctl() tries to access of a printer_dev instance. However, use-after-free arises because it had been freed by gprinter_free().

5.5CVSS5.9AI score0.00017EPSS
CVE
CVE
added 2025/04/17 6:15 p.m.66 views

CVE-2020-36789

In the Linux kernel, the following vulnerability has been resolved: can: dev: can_get_echo_skb(): prevent call to kfree_skb() in hard IRQ context If a driver calls can_get_echo_skb() during a hardware IRQ (which is often, butnot always, the case), the 'WARN_ON(in_irq)' innet/core/skbuff.c#skb_relea...

5.5CVSS6.4AI score0.00023EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.66 views

CVE-2021-47189

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory ordering between normal and ordered work functions Ordered work functions aren't guaranteed to be handled by the same threadwhich executed the normal work functions. The only way execution betweennormal/ordered fu...

6.3CVSS6.3AI score0.00183EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47231

In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: fix memory leak in mcba_usb Syzbot reported memory leak in SocketCAN driver for Microchip CAN BUSAnalyzer Tool. The problem was in unfreed usb_coherent. In mcba_usb_start() 20 coherent buffers are allocated and there...

5.5CVSS7AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47262

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Ensure liveliness of nested VM-Enter fail tracepoint message Use the __string() machinery provided by the tracing subystem to make acopy of the string literals consumed by the "nested VM-Enter failed"tracepoint. A complet...

7.1CVSS6.8AI score0.00022EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47277

In the Linux kernel, the following vulnerability has been resolved: kvm: avoid speculation-based attacks from out-of-range memslot accesses KVM's mechanism for accessing guest memory translates a guest physicaladdress (gpa) to a host virtual address using the right-shifted gpa(also known as gfn) an...

7.1CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47319

In the Linux kernel, the following vulnerability has been resolved: virtio-blk: Fix memory leak among suspend/resume procedure The vblk->vqs should be freed before we call init_vqs()in virtblk_restore().

5.5CVSS6.7AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47327

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak when arm_smmu_rpm_get fails arm_smmu_rpm_get() invokes pm_runtime_get_sync(), which increases therefcount of the "smmu" even though the return value is less than 0. The reference co...

7.1CVSS6.6AI score0.00047EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47329

In the Linux kernel, the following vulnerability has been resolved: scsi: megaraid_sas: Fix resource leak in case of probe failure The driver doesn't clean up all the allocated resources properly whenscsi_add_host(), megasas_start_aen() function fails during the PCI deviceprobe. Clean up all those ...

6.2CVSS7.4AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47365

In the Linux kernel, the following vulnerability has been resolved: afs: Fix page leak There's a loop in afs_extend_writeback() that adds extra pages to a writewe want to make to improve the efficiency of the writeback by making itlarger. This loop stops, however, if we hit a page we can't write ba...

5.5CVSS6.8AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47390

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Fix stack-out-of-bounds memory access from ioapic_write_indirect() KASAN reports the following issue: BUG: KASAN: stack-out-of-bounds in kvm_make_vcpus_request_mask+0x174/0x440 [kvm]Read of size 8 at addr ffffc9001364f638...

7.1CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47392

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix listener leak in rdma_cma_listen_on_all() failure If cma_listen_on_all() fails it leaves the per-device ID still on thelisten_list but the state is not set to RDMA_CM_ADDR_BOUND. When the cmid is eventually destroyed ...

6.6AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47394

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unlink table before deleting it syzbot reports following UAF:BUG: KASAN: use-after-free in memcmp+0x18f/0x1c0 lib/string.c:955nla_strcmp+0xf2/0x130 lib/nlattr.c:836nft_table_lookup.part.0+0x1a2/0x460 net/netfi...

7.8CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.66 views

CVE-2021-47414

In the Linux kernel, the following vulnerability has been resolved: riscv: Flush current cpu icache before other cpus On SiFive Unmatched, I recently fell onto the following BUG when booting: [ 0.000000] ftrace: allocating 36610 entries in 144 pages[ 0.000000] Oops - illegal instruction [#1][ 0.000...

6.6AI score0.00042EPSS
Total number of security vulnerabilities10926