Lucene search
K
LinuxLinux Kernel

14001 matches found

CVE
CVE
added 2025/07/09 10:42 a.m.92 views

CVE-2025-38248

CVE-2025-38248 : In the Linux kernel, a use-after-free flaw occurs in bridge multicast routing port handling. When per-VLAN multicast snooping is active, per-port multicast context is disabled and ports are removed from the global router port list, but can be re-added, leaving stale entries. This...

7.8CVSS6.5AI score0.00248EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.92 views

CVE-2025-38472

In CVE-2025-38472, the issue is in the Linux kernel nf_conntrack path (netfilter) where a race during removal of a conntrack entry can result in a crash when unlinking from the hash bucket list. The crash is linked to a partially initialised nf_conn struct and mis-handling of the conntrack entry’...

5.5CVSS6.3AI score0.00148EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.91 views

CVE-1999-0317

CVE-1999-0317 concerns a buffer overflow in the Linux su command that enables local users to gain root privileges. The core vulnerability is described as a buffer overflow affecting su, leading to full compromise of the local system. The provided connected documents reiterate the issue in differe...

7.2CVSS7.2AI score0.00414EPSS
CVE
CVE
added 2006/05/03 10:0 p.m.91 views

CVE-2006-1527

CVE-2006-1527 affects the SCTP-netfilter code in the Linux kernel; an invalid SCTP chunk size can cause for_each_sctp_chunk to loop indefinitely, enabling a remote attacker to trigger a denial of service. The issue is in kernels prior to 2.6.16.13 and is addressed by the upstream 2.6.16.13 patch....

5CVSS7.1AI score0.03815EPSS
CVE
CVE
added 2006/10/09 11:0 p.m.91 views

CVE-2006-4997

CVE-2006-4997 involves the Linux kernel ATM subsystem (clip_mkip in net/atm/clip.c). The issue allows a remote attacker to trigger a denial of service (panic) by causing the ATM subsystem to dereference memory of socket buffers after they have been freed. This is triggered by memory access patter...

7.5CVSS7AI score0.04601EPSS
CVE
CVE
added 2007/01/09 1:0 a.m.91 views

CVE-2006-5755

CVE-2006-5755 affects the Linux kernel on x86_64 where, during a context switch, EFLAGS were not properly saved/restored. This can allow a local user to trigger a denial-of-service crash by causing SYSENTER to set an NT flag, which may crash on the IRET of the next task. The vulnerability is docu...

4.9CVSS5.3AI score0.00396EPSS
CVE
CVE
added 2007/03/16 10:0 p.m.91 views

CVE-2007-1496

CVE-2007-1496 affects nfnetlink_log in the Linux kernel prior to 2.6.20.3. The issue is triggered via netfilter’s nfnetlink path (nfulnl_recv_config) when handling netlink messages, including cases with multiple packets per netlink message and bridged packets, leading to a NULL pointer dereferenc...

4.9CVSS6AI score0.00426EPSS
CVE
CVE
added 2007/08/09 9:0 p.m.91 views

CVE-2007-3843

The CVE-2007-3843 issue affects the Linux kernel (pre-2.6.23-rc1) CIFS handling: the mount option sec= is checked against the wrong global variable, which could allow remote attackers to spoof CIFS network traffic intended to be signed with security signatures (e.g., lack of signing despite sec=n...

4.3CVSS6AI score0.02624EPSS
CVE
CVE
added 2007/08/14 5:0 p.m.91 views

CVE-2007-3848

CVE-2007-3848 affects the Linux kernel (notably 2.4.35 and other versions) by allowing a local user to send arbitrary signals to a higher-privilege child process via a setuid-root parent dying and delivering an attacker-controlled death signal (PR_SET_PDEATHSIG). The issue is listed in advisories...

1.9CVSS5.3AI score0.00363EPSS
CVE
CVE
added 2007/09/26 9:0 p.m.91 views

CVE-2007-5093

The CVE-2007-5093 issue affects the Linux kernel pwc (Philips USB Webcam) driver in 2.6.x up to 2.6.22.5, where disconnect relies on user space to close the device. This can allow a user-assisted local attacker to cause a denial of service (USB subsystem hang and khubd CPU usage) by not closing t...

4CVSS5AI score0.00347EPSS
CVE
CVE
added 2007/12/15 1:0 a.m.91 views

CVE-2007-6151

CVE-2007-6151 affects the Linux kernel ISDN subsystem (ISDN ioctl path). The description in the Initial document states a local user can trigger a denial-of-service via a crafted ioctl struct where iocts is not null-terminated, causing a buffer overflow in isdn_common.c. Connected documents (RHSA...

7.2CVSS5.1AI score0.00556EPSS
CVE
CVE
added 2019/07/27 9:39 p.m.91 views

CVE-2007-6762

The vulnerability is in the Linux kernel before 2.6.20, caused by an off-by-one error in net/netlabel/netlabel_cipso_v4.c that can overflow the doi_def->tags[] array. Affected component is the kernel’s netlabel CipSO v4 handling. The provided connected sources confirm the off-by-one overflow c...

9.8CVSS9.2AI score0.02976EPSS
CVE
CVE
added 2009/01/15 5:0 p.m.91 views

CVE-2009-0029

This CVE affects the Linux kernel 2.6.28 and earlier on s390, powerpc, sparc64, and mips 64-bit platforms. The root cause is that a 32-bit user-space argument in a 64‑bit register was not verifiably sign-extended when passed to a system call, allowing local users to crash the kernel or potentiall...

7.2CVSS4.7AI score0.00418EPSS
CVE
CVE
added 2010/04/06 10:0 p.m.91 views

CVE-2010-1085

CVE-2010-1085 affects the Linux kernel before 2.6.32.x/2.6.33-rc4 on the AMD780V chipset. The vulnerability is in the azx_position_ok function in hda_intel.c, where certain inputs can trigger a divide-by-zero and cause a crash (DoS). Public advisories from MiracleLinux and Oracle Linux list this ...

7.1CVSS6.9AI score0.02917EPSS
CVE
CVE
added 2011/05/26 4:0 p.m.91 views

CVE-2010-4805

CVE-2010-4805 affects the Linux kernel socket backlog handling in net/core/sock.c prior to 2.6.35, allowing remote DoS via large traffic (backlog management related to sk_add_backlog and sk_rmem_alloc). The entry notes this vulnerability exists due to an incomplete fix for CVE-2010-4251. The conn...

7.8CVSS7AI score0.03586EPSS
CVE
CVE
added 2012/06/13 10:0 a.m.91 views

CVE-2012-2383

CVE-2012-2383 affects the Linux kernel DRM/i915 component: an integer overflow in i915_gem_execbuffer2() within drivers/gpu/drm/i915/i915_gem_execbuffer.c. On 32-bit platforms and prior to kernel 3.3.5, this allows a local user to trigger an out-of-bounds write via a crafted ioctl, leading to a p...

4.9CVSS6.7AI score0.00458EPSS
CVE
CVE
added 2013/09/13 6:0 p.m.91 views

CVE-2013-2895

CVE-2013-2895 affects the Linux kernel HID Logitech DJ driver (drivers/hid/hid-logitech-dj.c) up to version 3.11 when CONFIG_HID_LOGITECH_DJ is enabled. The vulnerability allows physically proximate attackers to cause a denial of service via a NULL pointer dereference and OOPS, or to read sensiti...

5.4CVSS6.1AI score0.00383EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.91 views

CVE-2014-9410

The CVE-2014-9410 entry affects the MSM-VFE31 driver for the Linux kernel 3.x (as used in Qualcomm Innovation Center Android contributions). The vulnerability is in vfe31_proc_general, which does not validate a specific id value, enabling a local attacker to gain privileges or cause memory corrup...

9.8CVSS8.8AI score0.01298EPSS
CVE
CVE
added 2017/09/25 9:0 p.m.91 views

CVE-2015-5327

CVE-2015-5327 affects the Linux kernel (4.3-rc1 and later); the flaw is an out-of-bounds memory read in x509_decode_time within x509_cert_parser.c. Impact is partially confidentiality (per CVSS2) and high confidentiality (per CVSS3); the issue is fixed by kernel patches (as noted in referenced ad...

6.5CVSS6.6AI score0.01631EPSS
CVE
CVE
added 2016/04/27 5:0 p.m.91 views

CVE-2016-3135

CVE-2016-3135 is an integer overflow in xt_alloc_table_info (net/netfilter/x_tables.c) of the Linux kernel up to 4.5.2 on 32-bit platforms, enabling local privilege escalation or heap corruption leading to DoS via IPT_SO_SET_REPLACE. Connected documents corroborate the 32-bit overflow in xt_alloc...

7.8CVSS7.3AI score0.01009EPSS
CVE
CVE
added 2018/04/02 3:0 a.m.91 views

CVE-2018-1095

CVE-2018-1095 concerns the Linux kernel up to 4.15.15, where ext4_xattr_check_entries in fs/ext4/xattr.c fails to validate xattr sizes, causing misinterpretation of a size as an error code. This can enable a crafted ext4 image to trigger a get_acl NULL pointer dereference and crash the system, i....

7.1CVSS5.1AI score0.01456EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.91 views

CVE-2021-47134

CVE-2021-47134 affects the Linux kernel boot path: if no valid FDT is found, setup_arch() calls efi_init()->efi_get_fdt_params() and initial_boot_params becomes NULL, causing a panic. The patch fixes this by stopping further FDT processing when no valid FDT is found (observed on riscv). Remedi...

5.5CVSS6.5AI score0.00232EPSS
CVE
CVE
added 2024/05/21 2:20 p.m.91 views

CVE-2021-47275

CVE-2021-47275 concerns the Linux kernel w.r.t. the bcache cache-miss path. In cached_dev_cache_miss(), the calculation of the read size for missing cache data can overflow the 16-bit size field embedded in the bkey (via the sectors value), causing oversized inserts into the internal B+ tree. Thi...

5.5CVSS6.5AI score0.00196EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.91 views

CVE-2021-47335

CVE-2021-47335 (Linux kernel, f2fs) : A race on the global fsync_entry_slab across multi filesystem instances caused a use-after-free in the slab cache during f2fs recovery. The root cause is concurrent access to the slab pointer when multiple f2fs mounts exist, leading to a use-after-free during...

5.5CVSS6.7AI score0.00232EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.91 views

CVE-2021-47339

In CVE-2021-47339, the Linux kernel fix targets media: v4l2-core, addressing uninitialized kernel stack data that could be used as input for driver ioctl handlers due to mistakes in compat ioctl implementation. The resolution requires explicitly clearing the entire ioctl input buffer before conve...

5.5CVSS6.5AI score0.00236EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.91 views

CVE-2021-47357

CVE-2021-47357 : In the Linux kernel, the atm: iphase removal path calls del_timer(), which can leave a timer handler running after the driver remove completes, causing a possible use-after-free. The fix uses del_timer_sync() to wait for the timer handler to finish and prevent rescheduling. Conne...

7.8CVSS6.6AI score0.00247EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.91 views

CVE-2021-47368

CVE-2021-47368 concerns a Linux kernel vulnerability in enetc where irq_set_affinity_hit() stores a cpumask_t reference in an irq descriptor, referencing memory on the stack. This leads to illegal accesses when the affinity_hint is read via procfs, potentially causing paging oops. The issue is mi...

8.1CVSS8.3AI score0.00936EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.91 views

CVE-2021-47376

CVE-2021-47376 is a Linux kernel issue where an oversize allocation in kmalloc path could trigger a warning during BPF verification. The provided description and connected advisories indicate the fix adds an oversize check before kvcalloc() via the commit that introduces the guard in mm/kvmalloc(...

5.5CVSS6.8AI score0.00254EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.91 views

CVE-2021-47382

The CVE-2021-47382 entry concerns the Linux kernel component s390/qeth. Root cause: a deadlock risk in qeth_do_reset() where discipline_mutex could be held on an error path, preserving the original deadlock potential when a qeth channel path is offline. The vulnerability arises from a race betwee...

4.7CVSS6.7AI score0.00152EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.91 views

CVE-2021-47395

CVE-2021-47395 : Linux kernel/mac80211 vulnerability where the rate limiting for injected VHT MCS/NSS in ieee80211_parse_tx_radiotap was tightened to fix a syzkaller warning. Affected component: mac80211 (ieee80211_parse_tx_radiotap, ieee80211_rate_set_vht). Reported impact in the public docs is ...

5.5CVSS6.7AI score0.0024EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.91 views

CVE-2021-47399

Technical details about CVE-2021-47399 (ixgbe NULL pointer dereference) are not provided in the supplied documents. Monitor for updates from vendors; no concrete technical details are included here.

5.5CVSS6.7AI score0.00239EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.91 views

CVE-2021-47409

CVE-2021-47409 concerns a Linux kernel vulnerability in the USB: dwc2 subsystem where a NULL return from platform_get_resource() could lead to a NULL pointer dereference. The issue is triggered when the return value is not checked, as described in the CVE entry and echoed in connected advisories ...

5.5CVSS6.7AI score0.00244EPSS
CVE
CVE
added 2024/05/22 8:19 a.m.91 views

CVE-2021-47493

CVE-2021-47493 is a Linux kernel issue affecting ocfs2 where a race between searching chunks and releasing journal_head from a buffer_head can lead to a page fault or panic. The root cause is a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head(), with bg_bh->b_priv...

4.7CVSS6.8AI score0.00164EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.91 views

CVE-2021-47542

CVE-2021-47542 affects the Linux kernel’s qlcnic logic for certain 83xx devices. In function qlcnic_83xx_add_rings() , the indirect call through ahw->hw_ops->alloc_mbx_args() can return NULL on allocation failure, and the code could dereference this NULL pointer. The patch adds a guard to v...

5.5CVSS7.2AI score0.00251EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.91 views

CVE-2021-47546

CVE-2021-47546 is a Linux kernel vulnerability affecting IPv6 nftables rules. When a fib6_rule_suppress path and a suppress_prefix rule exist, memory leaks occur in ip6_dst_cache per-packet allocations. The root cause is a mismatch between generic FIB_LOOKUP_NOREF and the IPv6-specific RT6_LOOKUP...

5.5CVSS6.2AI score0.00222EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.91 views

CVE-2021-47552

CVE-2021-47552 – Linux kernel : The vulnerability stems from blk-mq dispatch cancellation logic. Previously, blk_mq_quiesce_queue() was not invoked in blk_cleanup_queue(), delaying cancellation to disk_release(), which allowed a race where a scsi_device could be freed before blk_release_queue() r...

5.5CVSS6.5AI score0.00199EPSS
CVE
CVE
added 2024/06/20 11:8 a.m.91 views

CVE-2021-47619

CVE-2021-47619 concerns the i40e Linux kernel XDP path. A PF queue pile fragmentation caused by placing a flow director VSI immediately after the main VSI could prevent the main VSI from resizing its queue allocation when XDP is enabled on systems with many CPUs and an X722 NIC, leading to a NULL...

5.5CVSS6.8AI score0.0022EPSS
CVE
CVE
added 2022/06/01 12:0 a.m.91 views

CVE-2022-1943

CVE-2022-1943 describes an out-of-bounds memory write in the Linux kernel UDF file system, triggered by user-initiated file operations that invoke udf_write_fi(). The flaw could allow a local attacker to crash the system (and, per connected advisories, is associated with Ubuntu and other mappings...

7.8CVSS7.2AI score0.00282EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.91 views

CVE-2022-48824

CVE-2022-48824 : In the Linux kernel, the scsi myrs driver can crash during error handling. If privdata->hw_init() fails non‑zero, myrs_detect() leaves cs->disable_intr as NULL and myrs_cleanup() dereferences a NULL pointer, causing a kernel crash with a NULL pointer dereference. The issue ...

5.5CVSS6.6AI score0.00268EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.91 views

CVE-2022-48826

Mode C: CVE-2022-48826 affects the Linux kernel drm/vc4, where a deadlock can occur during DSI device attach error when the host device lock is held. Specifically, in the device attach error path, un-registering the host can deadlock with a call trace involving device_del/unregister, mipi_dsi_hos...

5.5CVSS6.2AI score0.00198EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.91 views

CVE-2022-49061

The CVE-2022-49061 issue affects the Linux kernel net: ethernet: stmmac altr_tse_pcs when using a fixed-link. The driver crashes with a null-pointer dereference because phy_device is not provided to tse_pcs_fix_mac_speed. The patch adds a check for phy_dev before calling tse_pcs_fix_mac_speed() a...

5.5CVSS6.5AI score0.0024EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.91 views

CVE-2022-49089

CVE-2022-49089 (Linux kernel) resolves a race condition in IB/rdmavt code by adding a lock around a call to rvt_error_qp, which the function’s documentation requires both r_lock and s_lock to be held. The issue occurred because a commit in Fixes left the rvt_error_qp call in rvt_ruc_loopback unco...

4.7CVSS5.4AI score0.00156EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.91 views

CVE-2022-49232

CVE-2022-49232 is a Linux kernel vulnerability in the DRM/AMD display path. In amdgpu_dm_connector_add_common_modes(), the code assigns the result of amdgpu_dm_create_common_mode() to mode and then passes it to drm_mode_probed_add(). If amdgpu_dm_create_common_mode() fails, mode may be NULL and d...

5.5CVSS6.4AI score0.00247EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.91 views

CVE-2022-49269

The CVE-2022-49269 issue affects the Linux kernel CAN subsystem: isotp_bind() incorrectly validates CAN IDs, allowing a state machine path that can be reached with non-standard IDs (ex: 0x6000001 and 0xC28001) that map to 11-bit IDs 0x001. The fix sanitizes SFF/EFF CAN ID values before address ch...

5.5CVSS5.2AI score0.00246EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.91 views

CVE-2022-49352

CVE-2022-49352 relates to the Linux kernel ext4: fix warning in ext4_handle_inode_extension, where a write path can trigger inode size accounting inconsistencies under memory pressure. The issue describes an observed sequence where inode.i_size is 4096, but EXT4_I(inode)->i_disksize is set to ...

5.5CVSS6.5AI score0.00266EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.91 views

CVE-2022-49432

CVE-2022-49432 affects the Linux kernel on PowerPC/xics: a refcount leak in icp_opal_init() was fixed. The root cause is that of_find_compatible_node() returns a node pointer with refcount already incremented, and the fix is to call of_node_put() on it when done. The upstream description notes th...

5.5CVSS5.3AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.91 views

CVE-2022-49438

CVE-2022-49438 : In the Linux kernel, the refcount leak occurs in the path handling for device tree lookups. Specifically, of_find_node_by_path() using of_find_node_opts_by_path() returns a node pointer with an incremented refcount, but the code did not call of_node_put() when done, causing a ref...

5.5CVSS5.3AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.91 views

CVE-2022-49446

CVE-2022-49446 affects the Linux kernel’s NVDIMM path, describing deadlock risks in CXL/NVDIMM interactions. The advisory notes possible unsafe locking scenarios involving nd_region keys, nvdimm_bus->reconfig_mutex, system_transition_mutex, and cxl_root/acpi_scan_lock chains, triggered by hold...

5.5CVSS5.4AI score0.00187EPSS
CVE
CVE
added 2025/02/26 2:14 a.m.91 views

CVE-2022-49555

The CVE-2022-49555 issue affects the Linux kernel’s Bluetooth hci_qca path. The root cause is use of del_timer() before freeing a timer, risking timer-list corruption; the fix applies del_timer_sync() before freeing and adjusts wake_retrans_timer/work queue destruction by moving the workqueue des...

5.5CVSS5.5AI score0.0024EPSS
CVE
CVE
added 2025/02/26 2:14 a.m.91 views

CVE-2022-49556

The CVE-2022-49556 issue affects the Linux kernel KVM: SVM sev ioctl interfaces. It could cause leakage of uninitialized kernel memory when the length parameter is between SEV_FW_BLOB_MAX_SIZE and the returned data, due to using kmalloc. The fix uses kzalloc for sev ioctl interfaces to allocate c...

7.1CVSS5.4AI score0.00252EPSS
Total number of security vulnerabilities14001