Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2012/05/24 11:55 p.m.65 views

CVE-2011-2898

net/packet/af_packet.c in the Linux kernel before 2.6.39.3 does not properly restrict user-space access to certain packet data structures associated with VLAN Tag Control Information, which allows local users to obtain potentially sensitive information via a crafted application.

5.5CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2011/08/29 5:55 p.m.65 views

CVE-2011-2928

The befs_follow_link function in fs/befs/linuxvfs.c in the Linux kernel before 3.1-rc3 does not validate the length attribute of long symlinks, which allows local users to cause a denial of service (incorrect pointer dereference and OOPS) by accessing a long symlink on a malformed Be filesystem.

4.9CVSS7.5AI score0.00078EPSS
CVE
CVE
added 2013/06/08 1:5 p.m.65 views

CVE-2011-2942

A certain Red Hat patch to the __br_deliver function in net/bridge/br_forward.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by leveraging co...

6.8CVSS8.3AI score0.00342EPSS
CVE
CVE
added 2022/04/18 5:15 p.m.65 views

CVE-2011-4917

In the Linux kernel through 3.1 there is an information disclosure issue via /proc/stat.

5.5CVSS5.2AI score0.00058EPSS
CVE
CVE
added 2013/09/16 1:1 p.m.65 views

CVE-2013-2898

drivers/hid/hid-sensor-hub.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SENSOR_HUB is enabled, allows physically proximate attackers to obtain sensitive information from kernel memory via a crafted device.

1.9CVSS6.7AI score0.00063EPSS
CVE
CVE
added 2016/08/06 10:59 a.m.65 views

CVE-2014-9870

The Linux kernel before 3.11 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not properly consider user-space access to the TPIDRURW register, which allows local users to gain privileges via a crafted application, aka Android internal bug 28749743 and Qu...

9.3CVSS7.5AI score0.00075EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.65 views

CVE-2015-1339

Memory leak in the cuse_channel_release function in fs/fuse/cuse.c in the Linux kernel before 4.4 allows local users to cause a denial of service (memory consumption) or possibly have unspecified other impact by opening /dev/cuse many times.

6.2CVSS6.3AI score0.00032EPSS
CVE
CVE
added 2016/10/10 10:59 a.m.65 views

CVE-2016-5343

drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (memory corruption) or possibly have unspecified ot...

9.8CVSS9.3AI score0.00831EPSS
CVE
CVE
added 2016/12/08 5:59 p.m.65 views

CVE-2016-9919

The icmp6_send function in net/ipv6/icmp.c in the Linux kernel through 4.8.12 omits a certain check of the dst data structure, which allows remote attackers to cause a denial of service (panic) via a fragmented IPv6 packet.

7.8CVSS6.8AI score0.02704EPSS
CVE
CVE
added 2017/09/20 8:29 a.m.65 views

CVE-2017-12168

The access_pmu_evcntr function in arch/arm64/kvm/sys_regs.c in the Linux kernel before 4.8.11 allows privileged KVM guest OS users to cause a denial of service (assertion failure and host OS crash) by accessing the Performance Monitors Cycle Count Register (PMCCNTR).

6CVSS5.5AI score0.00052EPSS
CVE
CVE
added 2019/11/29 5:15 p.m.65 views

CVE-2019-19378

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

7.8CVSS7.2AI score0.00839EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.65 views

CVE-2021-47089

In the Linux kernel, the following vulnerability has been resolved: kfence: fix memory leak when cat kfence objects Hulk robot reported a kmemleak problem: unreferenced object 0xffff93d1d8cc02e8 (size 248): comm "cat", pid 23327, jiffies 4624670141 (age 495992.217s) hex dump (first 32 bytes): 00 40...

3.3CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.65 views

CVE-2021-47116

In the Linux kernel, the following vulnerability has been resolved: ext4: fix memory leak in ext4_mb_init_backend on error path. Fix a memory leak discovered by syzbot when a file system is corruptedwith an illegally large s_log_groups_per_flex.

5.5CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.65 views

CVE-2021-47148

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: fix a buffer overflow in otx2_set_rxfh_context() This function is called from ethtool_set_rxfh() and "*rss_context"comes from the user. Add some bounds checking to prevent memorycorruption.

7.8CVSS7.2AI score0.00022EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.65 views

CVE-2021-47159

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix a crash if ->get_sset_count() fails If ds->ops->get_sset_count() fails then it "count" is a negative errorcode such as -EOPNOTSUPP. Because "i" is an unsigned int, the negativeerror code is type promoted to a...

5.5CVSS6.7AI score0.00022EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.65 views

CVE-2021-47160

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mt7530: fix VLAN traffic leaks PCR_MATRIX field was set to all 1's when VLAN filtering is enabled, butwas not reset when it is disabled, which may cause traffic leaks: ip link add br0 type bridge vlan_filtering 1 ip link ...

7.1CVSS6.7AI score0.00013EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.65 views

CVE-2021-47175

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: fix OOB access in the traffic path the following script: tc qdisc add dev eth0 handle 0x1 root fq_pie flows 2 tc qdisc add dev eth0 clsact tc filter add dev eth0 egress matchall action skbedit priority 0x10002 pi...

7.1CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.65 views

CVE-2021-47214

In the Linux kernel, the following vulnerability has been resolved: hugetlb, userfaultfd: fix reservation restore on userfaultfd error Currently in the is_continue case in hugetlb_mcopy_atomic_pte(), if webail out using "goto out_release_unlock;" in the cases where idx >=size, or !huge_pte_none(...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.65 views

CVE-2021-47218

In the Linux kernel, the following vulnerability has been resolved: selinux: fix NULL-pointer dereference when hashtab allocation fails When the hash table slot array allocation fails in hashtab_init(),h->size is left initialized with a non-zero value, but the h->htablepointer is NULL. This m...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47245

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: Fix out of bounds when parsing TCP options The TCP option parser in synproxy (synproxy_parse_options) could readone byte out of bounds. When the length is 1, the execution flow getsinto the loop, reads one byte...

7.1CVSS6.7AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47263

In the Linux kernel, the following vulnerability has been resolved: gpio: wcd934x: Fix shift-out-of-bounds error bit-mask for pins 0 to 4 is BIT(0) to BIT(4) however we ended up with BIT(n - 1)which is not right, and this was caught by below usban check UBSAN: shift-out-of-bounds in drivers/gpio/gp...

5.5CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47270

In the Linux kernel, the following vulnerability has been resolved: usb: fix various gadgets null ptr deref on 10gbps cabling. This avoids a null pointer dereference inf_{ecm,eem,hid,loopback,printer,rndis,serial,sourcesink,subset,tcm}by simply reusing the 5gbps config for 10gbps.

5.5CVSS6.8AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47276

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read the ip address in ftrace_bug() It was reported that a bug on arm64 caused a bad ip address to be used forupdating into a nop in ftrace_init(), but the error path (rightfully)returned -EINVAL and not -EFA...

5.5CVSS6.5AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47283

In the Linux kernel, the following vulnerability has been resolved: net:sfc: fix non-freed irq in legacy irq mode SFC driver can be configured via modparam to work using MSI-X, MSI orlegacy IRQ interrupts. In the last one, the interrupt was not properlyreleased on module remove. It was not freed be...

5.5CVSS6.7AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47295

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix memory leak in tcindex_partial_destroy_work Syzbot reported memory leak in tcindex_set_parms(). The problem was innon-freed perfect hash in tcindex_partial_destroy_work(). In tcindex_set_parms() new tcindex_data is ...

7.5CVSS7.2AI score0.00185EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47309

In the Linux kernel, the following vulnerability has been resolved: net: validate lwtstate->data before returning from skb_tunnel_info() skb_tunnel_info() returns pointer of lwtstate->data as ip_tunnel_infotype without validation. lwtstate->data can have various types such asmpls_iptunnel_...

7.1CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47330

In the Linux kernel, the following vulnerability has been resolved: tty: serial: 8250: serial_cs: Fix a memory leak in error handling path In the probe function, if the final 'serial_config()' fails, 'info' isleaking. Add a resource handling path to free this memory.

5.5CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47340

In the Linux kernel, the following vulnerability has been resolved: jfs: fix GPF in diFree Avoid passing inode withJFS_SBI(inode->i_sb)->ipimap == NULL todiFree()[1]. GFP will appear: struct inode *ipimap = JFS_SBI(ip->i_sb)->ipimap; struct inomap *imap = JFS_IP(ipimap)->i_imap; JFS_...

5.5CVSS6.7AI score0.00013EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47351

In the Linux kernel, the following vulnerability has been resolved: ubifs: Fix races between xattr_{set|get} and listxattr operations UBIFS may occur some problems with concurrent xattr_{set|get} andlistxattr operations, such as assertion failure, memory corruption,stale xattr value[1]. Fix it by i...

5.5CVSS6.6AI score0.00024EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47382

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix deadlock during failing recovery Commit 0b9902c1fcc5 ("s390/qeth: fix deadlock during recovery") removedtaking discipline_mutex inside qeth_do_reset(), fixing potentialdeadlocks. An error path was missed though, that...

4.7CVSS6.7AI score0.00007EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47387

In the Linux kernel, the following vulnerability has been resolved: cpufreq: schedutil: Use kobject release() method to free sugov_tunables The struct sugov_tunables is protected by the kobject, so we can't freeit directly. Otherwise we would get a call trace like this:ODEBUG: free active (active s...

6.8AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47406

In the Linux kernel, the following vulnerability has been resolved: ext4: add error checking to ext4_ext_replay_set_iblocks() If the call to ext4_map_blocks() fails due to an corrupted filesystem, ext4_ext_replay_set_iblocks() can get stuck in an infiniteloop. This could be reproduced by running ge...

5.5CVSS7AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.65 views

CVE-2021-47424

In the Linux kernel, the following vulnerability has been resolved: i40e: Fix freeing of uninitialized misc IRQ vector When VSI set up failed in i40e_probe() as part of PF switch set updriver was trying to free misc IRQ vectors ini40e_clear_interrupt_scheme and produced a kernel Oops: Trying to fre...

6.5AI score0.00033EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.65 views

CVE-2021-47439

In the Linux kernel, the following vulnerability has been resolved: net: dsa: microchip: Added the condition for scheduling ksz_mib_read_work When the ksz module is installed and removed using rmmod, kernel crasheswith null pointer dereferrence error. During rmmod, ksz_switch_removefunction tries t...

5.5CVSS6.9AI score0.00016EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.65 views

CVE-2021-47471

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference crash on unload The mxsfb->crtc.funcs may already be NULL when unloading the driver,in which case calling mxsfb_irq_disable() via drm_irq_uninstall() frommxsfb_unload() leads to NULL poin...

5.5CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.65 views

CVE-2021-47480

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Put LLD module refcnt after SCSI device is released SCSI host release is triggered when SCSI device is freed. We have to makesure that the low-level device driver module won't be unloaded before SCSIhost instance is rel...

6.5AI score0.00037EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.65 views

CVE-2021-47562

In the Linux kernel, the following vulnerability has been resolved: ice: fix vsi->txq_map sizing The approach of having XDP queue per CPU regardless of user's settingexposed a hidden bug that could occur in case when Rx queue count differfrom Tx queue count. Currently vsi->txq_map's size is e...

5.5CVSS6.3AI score0.00021EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.65 views

CVE-2021-47585

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix memory leak in __add_inode_ref() Line 1169 (#3) allocates a memory chunk for victim_name by kmalloc(),but when the function returns in line 1184 (#4) victim_name allocatedby line 1169 (#3) is not freed, which will lead t...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.65 views

CVE-2021-47587

In the Linux kernel, the following vulnerability has been resolved: net: systemport: Add global locking for descriptor lifecycle The descriptor list is a shared resource across all of the transmit queues, andthe locking mechanism used today only protects concurrency across a giventransmit queue bet...

5.5CVSS7.2AI score0.00005EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.65 views

CVE-2021-47643

In the Linux kernel, the following vulnerability has been resolved: media: ir_toy: free before error exiting Fix leak in error path.

5.4AI score0.00044EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.65 views

CVE-2022-48645

In the Linux kernel, the following vulnerability has been resolved: net: enetc: deny offload of tc-based TSN features on VF interfaces TSN features on the ENETC (taprio, cbs, gate, police) are configuredthrough a mix of command BD ring messages and port registers:enetc_port_rd(), enetc_port_wr(). P...

6.7AI score0.00018EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.65 views

CVE-2022-48673

In the Linux kernel, the following vulnerability has been resolved: net/smc: Fix possible access to freed memory in link clear After modifying the QP to the Error state, all RX WR would be completedwith WC in IB_WC_WR_FLUSH_ERR status. Current implementation does notwait for it is done, but destroy...

5.5CVSS6.5AI score0.0001EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.65 views

CVE-2022-48712

In the Linux kernel, the following vulnerability has been resolved: ext4: fix error handling in ext4_fc_record_modified_inode() Current code does not fully takes care of krealloc() error case, whichcould lead to silent memory corruption or a kernel bug. This patchfixes that. Also it cleans up some ...

6.7AI score0.00037EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48728

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix AIP early init panic An early failure in hfi1_ipoib_setup_rn() can lead to the following panic: BUG: unable to handle kernel NULL pointer dereference at 00000000000001b0PGD 0 P4D 0Oops: 0002 [#1] SMP NOPTIWorkqueue: ev...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48734

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock between quota disable and qgroup rescan worker Quota disable ioctl starts a transaction before waiting for the qgrouprescan worker completes. However, this wait can be infinite and resultsin deadlock because of ...

5.5CVSS7.2AI score0.00009EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48740

In the Linux kernel, the following vulnerability has been resolved: selinux: fix double free of cond_list on error paths On error path from cond_read_list() and duplicate_policydb_cond_list()the cond_list_destroy() gets called a second time in caller functions,resulting in NULL pointer deref. Fix t...

7.8CVSS8.3AI score0.00015EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48748

In the Linux kernel, the following vulnerability has been resolved: net: bridge: vlan: fix memory leak in __allowed_ingress When using per-vlan state, if vlan snooping and stats are disabled,untagged or priority-tagged ingress frame will go to check pvid state.If the port state is forwarding and th...

7.5CVSS8.3AI score0.00031EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48759

In the Linux kernel, the following vulnerability has been resolved: rpmsg: char: Fix race between the release of rpmsg_ctrldev and cdev struct rpmsg_ctrldev contains a struct cdev. The current code freesthe rpmsg_ctrldev struct in rpmsg_ctrldev_release_device(), but thecdev is a managed object, the...

6.6AI score0.00039EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.65 views

CVE-2022-48761

In the Linux kernel, the following vulnerability has been resolved: usb: xhci-plat: fix crash when suspend if remote wake enable Crashed at i.mx8qm platform when suspend if enable remote wakeup Internal error: synchronous external abort: 96000210 [#1] PREEMPT SMPModules linked in:CPU: 2 PID: 244 Co...

5.3CVSS7AI score0.00027EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.65 views

CVE-2022-48793

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: nSVM: fix potential NULL derefernce on nested migration Turns out that due to review feedback and/or rebasesI accidentally moved the call to nested_svm_load_cr3 to be too early,before the NPT is enabled, which is very wro...

5.5CVSS6.9AI score0.00012EPSS
Total number of security vulnerabilities10926