Lucene search
K
LinuxLinux Kernel

14430 matches found

CVE
CVE
added 2025/06/18 11:1 a.m.95 views

CVE-2022-50033

CVE-2022-50033: In the Linux kernel USB host OHCI PPC OF driver, of_find_compatible_node() may return a node with an incremented refcount and of_node_put() must be used when not needed. The issue is a refcount leak in ohci_hcd_ppc_of_probe(). Affected: Linux kernel (ohci-ppc-of path). Impact is a...

5.5CVSS6.5AI score0.00164EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.95 views

CVE-2022-50039

The CVE-2022-50039 entry concerns the Linux kernel’s stmmac Intel dwmac driver. The vulnerability arises from a missing clk_disable_unprepare() call in intel_eth_pci_remove(), introduced by earlier clock-handling changes and related removals in commits such as 09f012e64e4b and ac322f86b56c, which...

5.5CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.95 views

CVE-2022-50054

The CVE-2022-50054 entry concerns a Linux kernel vulnerability in the iavf driver: a NULL pointer dereference in iavf_get_link_ksettings when vf_res has been freed in iavf_init_get_resources. The issue arises after a regression that could allow netdev to call ethtool_ops while vf_res is gone, lea...

5.5CVSS6.2AI score0.0014EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.95 views

CVE-2022-50091

CVE-2022-50091 concerns the Linux kernel where the boot-time parameter csdlock_debug was parsed via early_param, enabling static_branch in a manner that could dereference NULL under specific sparse memory configurations (arm64 with CONFIG_SPARSEMEM and SPARSEMEM_VMEMMAP settings, and powerpc due ...

5.5CVSS6.5AI score0.00208EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.95 views

CVE-2022-50115

CVE-2022-50115 : In the Linux kernel, the ASoC: SOF: ipc3-topology vulnerability caused potential memory corruption due to a double free of ipc_control_data in error/rollback paths when load_bytes-related validation fails. The issue arose because scontrol->ipc_control_data could be freed but n...

7.8CVSS6.9AI score0.00166EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.95 views

CVE-2022-50146

CVE-2022-50146 concerns the Linux kernel PCI-DWC stack. If dw_pcie_ep_init() initializes EPC memory and allocates MSI memory but fails to perform a subsequent action, the MSI region leak is not cleaned up, creating a memory leak. The fix, described in the commit log referenced by multiple advisor...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2023/09/04 2:27 a.m.95 views

CVE-2023-20844

CVE-2023-20844 affects the imgsys_cmdq component in MediaTek devices. The issue is an out-of-bounds read caused by missing valid range checking, potentially enabling local information disclosure with system-execution privileges required. Exploitation requires user interaction. The vulnerability i...

4.2CVSS4AI score0.00091EPSS
CVE
CVE
added 2024/03/02 9:52 p.m.95 views

CVE-2023-52527

CVE-2023-52527 involves the Linux kernel IPv4/IPv6 path: the handling of transhdrlen in __ip{,6}_append_data() could inflate the length when a packet is only partially filled (e.g., after MSG_MORE), risking duplicate transport header accounting. The issue can arise when splicing into an L2TP sock...

5.5CVSS6.4AI score0.00226EPSS
CVE
CVE
added 2024/05/17 2:24 p.m.95 views

CVE-2023-52678

CVE-2023-52678 involves the Linux kernel with a fix in the AMD expose path for KFD topology. The vulnerability was due to using list_first_entry on a list that could be empty; the corrected code now checks that the list is non-empty before access and returns -ENODATA when empty. This change mitig...

5.5CVSS6.6AI score0.00232EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.95 views

CVE-2023-52708

CVE-2023-52708 affects the Linux kernel MMC SPI code. The issue stems from error handling in mmc_spi_probe(): if mmc_add_host() fails, the code previously could call mmc_remove_host() and dereference a null device, causing a crash. The fix routes control to the fail_glue_init path on mmc_add_host...

5.5CVSS6.6AI score0.0025EPSS
CVE
CVE
added 2024/05/21 3:23 p.m.95 views

CVE-2023-52742

The CVE-2023-52742 entry concerns the Linux kernel USB plusb driver. The vulnerability arises from treating a zero-length control-OUT transfer as a read instead of a write, triggering a WARNING in urb.c when usb_submit_urb is executed. The provided connected details specify the root cause as inco...

5.5CVSS6.5AI score0.00251EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.95 views

CVE-2023-52829

The CVE affects Linux kernel wifi driver ath12k (ext_hal_reg_caps path). A reg_cap.phy_id value extracted from a WMI event could be unexpected after errors, enabling an out-of-bounds write to soc->hal_reg_cap. The public description states the issue is corrected by validating reg_cap.phy_id be...

6.2CVSS6.8AI score0.00251EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.95 views

CVE-2023-52862

CVE-2023-52862 is a Linux kernel vulnerability in the DRM/AMD display path (Display Core) where a null pointer dereference could occur when printing the error message if the DC fails to initialize. The fix prevents dereferencing a DC version field that may be undefined when DC initialization has ...

4.1CVSS6.3AI score0.0023EPSS
CVE
CVE
added 2024/06/20 11:54 a.m.95 views

CVE-2023-52883

CVE-2023-52883 : In the Linux kernel, a null pointer dereference could occur in the AMDGPU driver. The issue arises in drm/amdgpu_vm_bo_update where abo->tbo.resource may be NULL, enabling an attacker-controlled or unintended path to trigger a crash. The vulnerability is fixed by the kernel pa...

7.5CVSS7.9AI score0.00561EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.95 views

CVE-2023-52985

The CVE-2023-52985 entry relates to the Linux kernel, specifically arm64 systems with imx8mm-verdin support. The vulnerability concerns the fec driver attempting to power down the ethernet PHY during suspend (freeze or memory state), which can crash the kernel. The underlying cause is that the PH...

5.5CVSS6.5AI score0.00204EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.95 views

CVE-2023-53005

CVE-2023-53005 concerns a Linux kernel vulnerability in trace_events_hist where create_hist_field could be called recursively and return NULL, risking a NULL pointer dereference. The fixed advisory notes adding a check for the return value of create_hist_field (trace_events_hist.c:1954). Related ...

5.5CVSS6.7AI score0.00247EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.95 views

CVE-2023-53023

The CVE-2023-53023 entry describes a use-after-free in the Linux kernel NFC local_cleanup path. Specifically, kfree_skb() can be invoked twice during nfc daemon teardown (e.g., neard) after detaching an NFC device, because local_cleanup() frees local->rx_pending and decrements local->ref tw...

7.8CVSS6.6AI score0.0018EPSS
Web
CVE
CVE
added 2024/03/27 1:53 p.m.95 views

CVE-2024-26652

CVE-2024-26652: Linux kernel net/pds_core fixes a possible double free in the error path when auxiliary_device_add() fails and later calls auxiliary_device_uninit(); the callback pdsc_auxbus_dev_release calls kfree(padev) and the patch removes the redundant kfree and moves error handling back to ...

4.1CVSS6.4AI score0.00301EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.95 views

CVE-2024-26721

In CVE-2024-26721, the Linux kernel’s drm/i915 dsc: PPS register address macro was wrong after PPS 11. The patch fixes the address calculation by adding an offset of 12 for PPS >= 12, correcting PPS 12–16 addresses that previously caused incorrect DSC PPS parameter reads/writes and potential D...

5.5CVSS6.6AI score0.00196EPSS
CVE
CVE
added 2024/04/17 3:59 p.m.95 views

CVE-2024-26914

CVE-2024-26914 concerns the Linux kernel DRM/AMD display path. The root cause is an incorrect mpc_combine array size:MAX_SURFACES was used instead of MAX_PLANES, causing an overflow when more than 3 planes are present. The patch uses MAX_PLANES as the array size, addressing the issue. The vulnera...

7.8CVSS7.1AI score0.00216EPSS
CVE
CVE
added 2024/05/20 9:47 a.m.95 views

CVE-2024-35994

CVE-2024-35994 (Linux kernel, qcom uefisecapp): The vulnerability stems from memory handling in QSEECOM app calls where APP_SEND buffers for request and response were treated as separate regions. The root cause was two consecutive kzalloc() allocations that could yield adjacent memory, causing un...

5.5CVSS6.9AI score0.00183EPSS
CVE
CVE
added 2024/06/25 2:22 p.m.95 views

CVE-2024-39296

CVE-2024-39296 affects the Linux kernel bonding subsystem. The issue is a race during module removal (rmmod bonding) caused by a removed NULL check in the bonding debugfs cleanup path, which can lead to an oops in bond_uninit()/bond_debug_unregister() via debugfs_remove or recursive removal. The ...

4.7CVSS7AI score0.00165EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.95 views

CVE-2024-40938

CVE-2024-40938 affects the Linux kernel Landlock component, addressing a d_parent walk issue when linking a root mount point. The root cause was a WARN_ON_ONCE triggered by using the source directory’s d_parent even if the source is mounted, because the VFS check runs after security_path_link(). ...

5.5CVSS6.4AI score0.00249EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.95 views

CVE-2024-40944

CVE-2024-40944 affects the Linux kernel (x86/kexec). The vulnerability is a bug in call depth tracking where calling cc_platform_has() may fault if depth tracking is active because GS_BASE is reset to 0 by load_segments(). The mitigation described in the documentation is to invoke cc_platform_has...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.95 views

CVE-2024-42108

CVE-2024-42108 affects the Linux kernel rswitch path (net: rswitch) where use-after-free occurs in rswitch_poll() due to inlining of rswitch_tx_free(); skb and gq->skbs[..] reference the same pointer, freeing skb with dev_kfree_skb_any() before skb->len is used for interface statistics. The...

5.5CVSS6.6AI score0.00232EPSS
CVE
CVE
added 2024/08/17 9:9 a.m.95 views

CVE-2024-42303

The CVE-2024-42303 issue affects the Linux kernel media imx-pxp driver. The root cause is an ERR_PTR dereference in pxp_probe() when devm_regmap_init_mmio() can fail, due to a missing check and bail‑out path. The patch adds a null/error check and exits gracefully, preventing a dereference and pot...

5.5CVSS6.6AI score0.0021EPSS
CVE
CVE
added 2024/08/26 10:10 a.m.95 views

CVE-2024-43887

The CVE-2024-43887 entry relates to the Linux kernel (net/tcp) TCP-AO static key handling. The vulnerability arises because the lifetime of the TCP-AO static_key is tied to the last tcp_ao_info, and, if an RCU grace period is delayed, a CPU may observe a tcp_ao_info that is about to be deallocate...

4.7CVSS6.6AI score0.00189EPSS
CVE
CVE
added 2024/10/21 11:53 a.m.95 views

CVE-2024-47676

CVE-2024-47676 affects the Linux kernel’s hugetlb fault pathway. Syzbot observed a use-after-free of the VMA in hugetlb_fault() caused by vmf_anon_prepare() releasing the per-VMA lock before hugetlb_vma_unlock_read() is called. The patched fix uses a modified vmf_anon_prepare() that does not rele...

7.8CVSS8.1AI score0.00242EPSS
CVE
CVE
added 2024/10/21 11:53 a.m.95 views

CVE-2024-47680

CVE-2024-47680 affects the Linux kernel’s f2fs discard handling for conventional zones on zoned block devices. The root cause is that f2fs relied on a discard capability check performed by bdev_max_discard_sectors() and bdev_is_zoned(), which bypasses to discard even when a device doesn’t support...

5.5CVSS7.1AI score0.0023EPSS
CVE
CVE
added 2024/10/21 11:53 a.m.95 views

CVE-2024-47708

CVE-2024-47708 : In the Linux kernel, the netkit driver missed assigning the required bpf_net_context during XDP-redirect handling, causing a NULL pointer dereference when NETKIT_REDIRECT invokes skb_do_redirect() and accesses per-CPU variables. The fix is to set the bpf_net_context before callin...

5.5CVSS6.8AI score0.00175EPSS
CVE
CVE
added 2024/10/21 6:2 p.m.95 views

CVE-2024-49943

CVE-2024-49943 affects the Linux kernel DRM XE/guc_submit path. A missing locking around wedged_fini can let a non-wedged queue with zero refcount be dereferenced concurrently with an async queue destroy, enabling a Use-After-Free. The fix keeps the submission_state lock held during the wedge-sta...

5.5CVSS5.3AI score0.00152EPSS
CVE
CVE
added 2024/10/21 6:2 p.m.95 views

CVE-2024-49979

CVE-2024-49979 concerns the Linux kernel TCP GSO fraglist handling. The issue arises when TK fraglist SKBs are composed of a head_skb (headers + first gso_size) and one or more frag_list SKBs (one segment each) where data can be modified by datapath hooks (e.g., NAT/BPF), breaking invariants. In ...

5.5CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2024/10/21 6:2 p.m.95 views

CVE-2024-49984

CVE-2024-49984 : In the Linux kernel DRM/V3D, there was an out-of-bounds access bug in the performance query extensions. The issue arises from copying IDs when validating the number of perfmon userspace inputs for the copy and reset extensions; the kernel did not adequately bound-check the destin...

7.8CVSS7.8AI score0.00242EPSS
CVE
CVE
added 2024/10/21 6:2 p.m.95 views

CVE-2024-49990

CVE-2024-49990 is described in the initial document as a Linux kernel issue in drm/xe/hdcp where xe_gsc could be null when performing an HDCP capability check. The vulnerability was addressed by adding a GSC structure validity check to avoid a NULL pointer dereference. The Nessus plugin UNPATCHED...

5.5CVSS5.3AI score0.00229EPSS
CVE
CVE
added 2024/11/05 5:4 p.m.95 views

CVE-2024-50092

The CVE affects the Linux kernel netconsole code path. A warning is erroneously emitted when this_chunk equals zero in net: netconsole, instead of only when this_chunk is negative; userdata handling remains valid across iterations. This could mislead operators but the underlying userdata path is ...

3.3CVSS3.9AI score0.00197EPSS
CVE
CVE
added 2024/11/05 5:10 p.m.95 views

CVE-2024-50122

CVE-2024-50122 is a Linux kernel vulnerability in the PCI subsystem (power control code) where a race between the power-control device rescanning and host controller probe can leave two incomplete devices and trigger a crash when removing the device via sysfs. The root cause is not fully detailed...

5.5CVSS5.2AI score0.00186EPSS
CVE
CVE
added 2024/11/07 9:31 a.m.95 views

CVE-2024-50144

The CVE-2024-50144 issue affects the Linux kernel DRM/XE path. Root cause: an unbalanced rpm put() can occur if fence_fini() is invoked twice on error while handling GuC CT for a tlb request, because the code path signals the fence and then returns an error, causing the caller to run fini() again...

5.5CVSS5.3AI score0.002EPSS
CVE
CVE
added 2024/11/09 10:15 a.m.95 views

CVE-2024-50254

CVE-2024-50254 : In the Linux kernel, the bpf_iter_bits_destroy() path incorrectly used kit->nr_bits bit = kit->nr_bits on completion, uses !nr_bits || bits >= nr_bits to determine completion, and keeps nr_bits > 64 to indicate dynamic allocation. It also changes kit->nr_bits from ...

5.5CVSS5.5AI score0.00176EPSS
CVE
CVE
added 2024/12/27 1:50 p.m.95 views

CVE-2024-53225

The CVE-2024-53225 issue affects the Linux kernel IOMMU/tegra241-cmdqv path. A misconfiguration with PAGE_SIZE=4KB and CMA alignment could cause VM CMDQ alignment tests to fail, triggering a WARN_ON in arm-smmu-v3.c during queue initialization (arm_smmu_init_one_queue). The root cause is an align...

5.5CVSS6.4AI score0.00193EPSS
CVE
CVE
added 2025/02/27 8:0 p.m.95 views

CVE-2025-21801

Technical details for CVE-2025-21801 are not provided in the connected documents. Publicly available information within these sources is insufficient to describe affected products/versions, root cause, or mitigations. Monitor for updates from the connected feeds.

5.5CVSS6.5AI score0.00178EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.95 views

CVE-2025-22084

CVE-2025-22084 : In the Linux kernel, a NULL pointer dereference can occur in the serdev path due to a race: w1_uart_probe() calls w1_uart_serdev_open() (which includes devm_serdev_device_open()) before configuring client ops with serdev_device_set_client_ops(), causing serdev->ops to be unini...

5.5CVSS6.5AI score0.00175EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.95 views

CVE-2025-22096

CVE-2025-22096 is a Linux kernel vulnerability resolved in the drm/msm/gem path. The root cause was in error handling: the SUBMIT_ERROR() macro made an error code negative, and an extra “-” turned it back to a positive EINVAL. The positive value was passed to ERR_PTR(), which is not an IS_ERR(), ...

5.5CVSS6.7AI score0.00148EPSS
CVE
CVE
added 2025/05/01 1:7 p.m.95 views

CVE-2025-37774

CVE-2025-37774 relates to the Linux kernel slab allocator where slab->obj_exts was not zeroed on newly allocated slabs. The fix initializes slab->obj_exts during slab page allocation to prevent invalid dereferences of slab->obj_exts bits, which could lead to a local memory corruption/NUL...

5.5CVSS6.1AI score0.00152EPSS
CVE
CVE
added 2025/05/20 3:21 p.m.95 views

CVE-2025-37907

CVE-2025-37907 is a Linux kernel issue affecting the ivpu accelerator path. The vulnerability stems from a lock-order inversion between ivpu_job_submit() and the file_priv/context_list_lock when aborting jobs, which could deadlock (two-thread scenario shown). The fixed condition: change the locki...

5.5CVSS6.5AI score0.00119EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.95 views

CVE-2025-38007

CVE-2025-38007 affects HID uclogic in the Linux kernel. Root cause: uclogic_input_configured() dereferences a NULL after devm_kasprintf() returns NULL due to allocation failure. Mitigation: a NULL check is added after devm_kasprintf() to prevent the dereference. Described fixes are documented in ...

5.5CVSS6.4AI score0.00162EPSS
CVE
CVE
added 2025/06/30 7:29 a.m.95 views

CVE-2025-38087

The CVE-2025-38087 entry refers to a Linux kernel vulnerability in net/sched: taprio_dev_notifier, where a race with advance_sched could cause a use-after-free because taprio_dev_notifier() was not protected by an RCU read-side critical section. The issue is resolved by adding an rcu_read_lock() ...

7.8CVSS6.5AI score0.00144EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.95 views

CVE-2025-38220

CVE-2025-38220 affects the Linux kernel ext4 subsystem. The vulnerability occurs when processing an orphan-list symlink inode during truncation; partial block zeroing calls ext4_dirty_journalled_data() which invokes folio_mark_dirty() via mapping->a_ops->dirty_folio(), but symlink inodes la...

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.95 views

CVE-2025-38226

CVE-2025-38226 targets the Linux kernel, specifically the media/v4l2-tpg path used by vivid. The issue is a KASAN-detected vmalloc-out-of-bounds access in tpg_fill_plane_pattern and tpg_fill_plane_buffer (v4l2-tpg-core.c:2608 and 2705), causing a write of size 1440 to a kernel address during vivi...

7.8CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/04/18 1:50 p.m.95 views

CVE-2025-40364

CVE-2025-40364 : In the Linux kernel, the io_uring path titled “io_req_prep_async with provided buffers” has been resolved. The issue allowed io_req_prep_async() to import provided buffers and then commit the ring state by giving up on that path, with the buffers potentially being reimported late...

7.8CVSS6.7AI score0.00249EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.94 views

CVE-1999-0317

CVE-1999-0317 concerns a buffer overflow in the Linux su command that enables local users to gain root privileges. The core vulnerability is described as a buffer overflow affecting su, leading to full compromise of the local system. The provided connected documents reiterate the issue in differe...

7.2CVSS7.2AI score0.00414EPSS
Total number of security vulnerabilities14430