Lucene search
K
LinuxLinux Kernel

14430 matches found

CVE
CVE
added 2025/07/04 1:37 p.m.95 views

CVE-2025-38220

CVE-2025-38220 affects the Linux kernel ext4 subsystem. The vulnerability occurs when processing an orphan-list symlink inode during truncation; partial block zeroing calls ext4_dirty_journalled_data() which invokes folio_mark_dirty() via mapping->a_ops->dirty_folio(), but symlink inodes la...

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.95 views

CVE-2025-38226

CVE-2025-38226 targets the Linux kernel, specifically the media/v4l2-tpg path used by vivid. The issue is a KASAN-detected vmalloc-out-of-bounds access in tpg_fill_plane_pattern and tpg_fill_plane_buffer (v4l2-tpg-core.c:2608 and 2705), causing a write of size 1440 to a kernel address during vivi...

7.8CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/04/18 1:50 p.m.95 views

CVE-2025-40364

CVE-2025-40364 : In the Linux kernel, the io_uring path titled “io_req_prep_async with provided buffers” has been resolved. The issue allowed io_req_prep_async() to import provided buffers and then commit the ring state by giving up on that path, with the buffers potentially being reimported late...

7.8CVSS6.7AI score0.00249EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.94 views

CVE-1999-0317

CVE-1999-0317 concerns a buffer overflow in the Linux su command that enables local users to gain root privileges. The core vulnerability is described as a buffer overflow affecting su, leading to full compromise of the local system. The provided connected documents reiterate the issue in differe...

7.2CVSS7.2AI score0.00414EPSS
CVE
CVE
added 2004/06/08 4:0 a.m.94 views

CVE-2004-0535

CVE-2004-0535 relates to the Linux kernel's e1000 NIC driver (2.4.x and earlier) where memory used by the driver was not properly initialized before access. This could permit a local attacker to read portions of kernel memory. The issue is documented and linked to several vendor advisories (e.g.,...

2.1CVSS5.7AI score0.0047EPSS
CVE
CVE
added 2006/08/23 7:0 p.m.94 views

CVE-2006-3745

CVE-2006-3745 affects the SCTP implementation in Linux 2.6.x (before 2.6.17.10) and 2.4.x (up to 2.4.33). The vulnerability resides in sctp_make_abort_user and allows a local user to cause a denial of service (panic) and potentially gain root privileges via unspecified attack vectors. Connected s...

7.2CVSS7.2AI score0.00423EPSS
CVE
CVE
added 2006/10/31 7:0 p.m.94 views

CVE-2006-5619

The CVE-2006-5619 issue is a Linux kernel 2.6.x vulnerability (up to 2.6.18-stable) where the /proc/net/ip6_flowlabel path handling can trigger an infinite loop while searching for flowlabels, allowing local users to cause a denial of service (hang or oops). Affected components are the ip6_fl_get...

2.1CVSS7.1AI score0.00407EPSS
CVE
CVE
added 2007/03/22 7:0 p.m.94 views

CVE-2007-1592

The CVE-2007-1592 vulnerability affects the Linux kernel (2.6.x up to 2.6.21-rc3) in net/ipv6/tcp_ipv6.c, where ipv6_fl_socklist is inadvertently shared from a listening IPv6 socket to child sockets. This can allow a local user to cause a denial of service (OOPS) or a double free by attaching a f...

4.9CVSS5.7AI score0.00405EPSS
CVE
CVE
added 2007/09/14 1:0 a.m.94 views

CVE-2007-3740

CVE-2007-3740 describes a flaw in the CIFS filesystem of the Linux kernel prior to 2.6.22 where Unix extension support can fail to honor the process umask, enabling a local user to gain privileges. Affected are kernels with CIFS Unix extensions enabled; impact is local privilege escalation. Remed...

4.4CVSS5.8AI score0.0038EPSS
CVE
CVE
added 2008/01/31 8:0 p.m.94 views

CVE-2007-4998

CVE-2007-4998 is a local, user‑assisted vulnerability in cp when preserving symlinks across multiple OSes. The issue allows an attacker to cause a race/symlink attack that can overwrite arbitrary files by crafting directories with multiple source files copied to the same destination. Multiple con...

6.9CVSS6.5AI score0.00347EPSS
CVE
CVE
added 2007/09/26 9:0 p.m.94 views

CVE-2007-5093

The CVE-2007-5093 issue affects the Linux kernel pwc (Philips USB Webcam) driver in 2.6.x up to 2.6.22.5, where disconnect relies on user space to close the device. This can allow a user-assisted local attacker to cause a denial of service (USB subsystem hang and khubd CPU usage) by not closing t...

4CVSS5AI score0.00347EPSS
CVE
CVE
added 2019/07/27 9:39 p.m.94 views

CVE-2007-6762

The vulnerability is in the Linux kernel before 2.6.20, caused by an off-by-one error in net/netlabel/netlabel_cipso_v4.c that can overflow the doi_def->tags[] array. Affected component is the kernel’s netlabel CipSO v4 handling. The provided connected sources confirm the off-by-one overflow c...

9.8CVSS9.2AI score0.02976EPSS
CVE
CVE
added 2008/03/26 12:0 a.m.94 views

CVE-2008-1514

CVE-2008-1514 affects the Linux kernel on IBM System z (s390) where a local user can cause a kernel panic via the 31‑bit ptrace padding test. The issue is in arch/s390/kernel/ptrace.c and occurs in kernels from 2.6.9 and in versions older than 2.6.27-rc6. The vulnerability arises from an invalid ...

4.9CVSS5AI score0.00529EPSS
CVE
CVE
added 2008/08/12 11:0 p.m.94 views

CVE-2008-3275

The CVE-2008-3275 issue affects the Linux kernel before 2.6.25.15, where the real_lookup and __lookup_hash functions in fs/namei.c fail to prevent creating a child dentry for a deleted (S_DEAD) directory. This enables a local attacker to trigger a denial of service by repeatedly creating files wi...

5.5CVSS5.2AI score0.00509EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.94 views

CVE-2010-4074

CVE-2010-4074 affects Linux kernel USB subsystem prior to 2.6.36-rc5, where several structure members were not properly initialized. This can let local users read potentially sensitive data from kernel stack memory via TIOCGICOUNT-related ioctl paths, specifically mos7720_ioctl and mos7840_ioctl ...

1.9CVSS6.8AI score0.0038EPSS
CVE
CVE
added 2012/05/24 11:0 p.m.94 views

CVE-2011-4081

CVE-2011-4081 affects the Linux kernel crypto/ghash-generic.c. The vulnerability arises when a missing or failed ghash_setkey is followed by ghash_update or ghash_final (demonstrated via AF_ALG socket write), potentially causing a NULL pointer dereference and OOPS. Connected advisories (e.g., Mir...

5.5CVSS5.9AI score0.00456EPSS
CVE
CVE
added 2012/07/03 4:0 p.m.94 views

CVE-2012-2100

The CVE-2012-2100 issue affects the Linux kernel before 3.2.2, on x86 (and unspecified other) platforms, via the ext4_fill_flex_info function in fs/ext4/super.c. It allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and potentially cause a denial of service throu...

7.1CVSS6.1AI score0.02678EPSS
CVE
CVE
added 2013/01/22 11:0 p.m.94 views

CVE-2012-2137

CVE-2012-2137 describes a buffer overflow in virt/kvm/irq_comm.c within the Linux kernel's KVM subsystem, exploitable by local users on kernel versions before 3.2.24. The flaw enables denial of service (crash) and potentially arbitrary code execution via vectors involving Message Signaled Interru...

6.9CVSS7.5AI score0.00521EPSS
CVE
CVE
added 2014/01/06 11:0 a.m.94 views

CVE-2013-7269

The CVE-2013-7269 vulnerability affects the Linux kernel (affected area: net/netrom/af_netrom.c) before 3.12.4. The issue arises when nr_recvmsg updates a length value without ensuring the associated data structure is initialized, enabling local attackers to read kernel memory via recvfrom, recvm...

4.9CVSS4.7AI score0.00452EPSS
CVE
CVE
added 2017/09/25 9:0 p.m.94 views

CVE-2015-5327

CVE-2015-5327 affects the Linux kernel (4.3-rc1 and later); the flaw is an out-of-bounds memory read in x509_decode_time within x509_cert_parser.c. Impact is partially confidentiality (per CVSS2) and high confidentiality (per CVSS3); the issue is fixed by kernel patches (as noted in referenced ad...

6.5CVSS6.6AI score0.01631EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.94 views

CVE-2016-2070

CVE-2016-2070 affects Linux kernels prior to 4.3.5. The tcp_cwnd_reduction function in net/ipv4/tcp_input.c can be triggered by crafted TCP traffic to cause a divide-by-zero DoS and system crash. According to connected advisories, upgrading to kernel 4.3.5 (as cited in ChangeLog-4.3.5) is the rem...

7.8CVSS7AI score0.03322EPSS
CVE
CVE
added 2016/04/27 5:0 p.m.94 views

CVE-2016-3135

CVE-2016-3135 is an integer overflow in xt_alloc_table_info (net/netfilter/x_tables.c) of the Linux kernel up to 4.5.2 on 32-bit platforms, enabling local privilege escalation or heap corruption leading to DoS via IPT_SO_SET_REPLACE. Connected documents corroborate the 32-bit overflow in xt_alloc...

7.8CVSS7.3AI score0.01009EPSS
CVE
CVE
added 2016/05/23 10:0 a.m.94 views

CVE-2016-4558

CVE-2016-4558 : The Linux kernel BPF subsystem before 4.5.5 mishandles reference counts, enabling a local attacker to trigger a denial-of-service via use-after-free, with possible other impact on systems with large memory (32 GB+ and 1 TB mentioned in the advisory). The Nessus/NVD documents confi...

7CVSS7AI score0.00865EPSS
CVE
CVE
added 2017/10/01 3:0 a.m.94 views

CVE-2017-14954

CVE-2017-14954 affects the Linux kernel: the waitid implementation in waitid.c? actually kernel/exit.c in the Linux kernel up to 4.13.4 accesses rusage data structures in unintended cases, enabling local users to obtain sensitive information and bypass the KASLR protection via a crafted system ca...

5.5CVSS5.5AI score0.01018EPSS
CVE
CVE
added 2018/10/08 5:0 p.m.94 views

CVE-2018-17977

CVE-2018-17977 affects Linux kernel 4.14.67, where interaction between XFRM Netlink messages, IPPROTO_AH, and IPPROTO_IP can be exploited locally (with root) to trigger memory exhaustion and system hang; demonstrated on CentOS 7. The provided documents do not specify a fix or patch version.

4.9CVSS4.7AI score0.00379EPSS
CVE
CVE
added 2019/11/04 2:13 p.m.94 views

CVE-2019-18680

Mode C: Affected software is Linux kernel 4.4.x (before 4.4.195). The vulnerability is a NULL pointer dereference in rds_tcp_kill_sock() inside net/rds/tcp.c, which leads to denial of service. Mitigation/workaround: apply the patch from Linux stable 4.4.195 (ChangeLog-4.4.195) or update to a fixe...

7.8CVSS7.8AI score0.03638EPSS
CVE
CVE
added 2020/07/20 6:54 p.m.94 views

CVE-2020-15852

CVE-2020-15852 affects Linux kernel 5.5–5.7.9 (and Xen via 4.13.x for x86 PV guests). The issue stems from mishandling of tss_invalidate_io_bitmap, causing desynchronization between TSS I/O bitmaps and Xen, which may let an attacker gain I/O port permissions of an unrelated task. Public advisorie...

7.8CVSS7.3AI score0.00325EPSS
CVE
CVE
added 2024/06/25 2:20 p.m.94 views

CVE-2021-4440

CVE-2021-4440 (Linux kernel) fixed by commit afd30525a659ac0ae0904f0cb4a2ca75522c3123 upstream: in x86/xen, the paravirt USERGS_SYSRET64 path was dropped and the exit from user space now uses the iret exit from the start instead of sysret, avoiding stack-mangling prerequisites in Xen PV guests. T...

8.8CVSS8.2AI score0.00227EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.94 views

CVE-2021-47231

CVE-2021-47231 describes a memory leak in the Linux kernel SocketCAN driver (mcba_usb). The issue arises in mcba_usb_start() where 20 usb_coherent buffers are allocated but not freed; callbacks resubmit the URB and disconnect handling doesn’t free or mark URB_FREE_BUFFER for coherent buffers. Thi...

5.5CVSS7AI score0.00226EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.94 views

CVE-2021-47254

In CVE-2021-47254, the Linux kernel gfs2 subsystem has a use-after-free in gfs2_glock_shrink_scan. The GLF_LRU flag is checked under lru_lock to remove the glock from the lru list in __gfs2_glock_put(), but cond_resched_lock(&lru_lock) allows progress on the put side without deleting the glock fr...

7.8CVSS6.7AI score0.00243EPSS
CVE
CVE
added 2024/05/21 2:20 p.m.94 views

CVE-2021-47281

CVE-2021-47281 affects the Linux kernel ALSA seq subsystem: snd_seq_timer_open() has a race on timeri allocation per queue, allowing a later concurrent call to override the timer and cause a use-after-free until the queue closes. The vulnerability is caused by missing protection when checking the...

7CVSS6.7AI score0.00234EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.94 views

CVE-2021-47350

Affected software: Linux kernel on PowerPC. The issue stems from is_exec_fault() returning false for exec faults taken by the kernel, causing set_access_flags_filter() not to set PAGE_EXEC and leading to a perpetual minor exec fault. Root cause traced through a sequence of commits (notably d7df24...

5.5CVSS7AI score0.00181EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.94 views

CVE-2021-47357

CVE-2021-47357 : In the Linux kernel, the atm: iphase removal path calls del_timer(), which can leave a timer handler running after the driver remove completes, causing a possible use-after-free. The fix uses del_timer_sync() to wait for the timer handler to finish and prevent rescheduling. Conne...

7.8CVSS6.6AI score0.00247EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.94 views

CVE-2021-47389

CVE-2021-47389 is a Linux kernel/KVM SVM issue related to SevReceiveStart and SEV context decommission. The root cause was a missing SEV decommission step when ASID binding fails after RECEIVE_START, which can leak firmware memory and eventually prevent allocating new SEV guest contexts, causing ...

5.1CVSS6.9AI score0.00213EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.94 views

CVE-2021-47395

CVE-2021-47395 : Linux kernel/mac80211 vulnerability where the rate limiting for injected VHT MCS/NSS in ieee80211_parse_tx_radiotap was tightened to fix a syzkaller warning. Affected component: mac80211 (ieee80211_parse_tx_radiotap, ieee80211_rate_set_vht). Reported impact in the public docs is ...

5.5CVSS6.7AI score0.0024EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.94 views

CVE-2021-47424

The CVE-2021-47424 issue affects the Linux kernel i40e driver. When VSI setup fails during PF switch in i40e_probe(), the code attempted to free misc IRQ vectors in i40e_clear_interrupt_scheme, potentially freeing an IRQ that had not been allocated yet, leading to a kernel Oops (example trace sho...

5.5CVSS6.5AI score0.00222EPSS
CVE
CVE
added 2024/05/22 6:19 a.m.94 views

CVE-2021-47452

CVE-2021-47452: In the Linux kernel, nf_tables netdev event handling during net namespace removal could lead to a redundant UNREGISTER notifier action because the base hook was removed too late. The issue is a sequence/order problem in the notifier vs .pre_exit hook, which could cause an attempt ...

5.5CVSS6.6AI score0.00196EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.94 views

CVE-2021-47521

CVE-2021-47521 affects the Linux kernel via can: sja1000: fix use after free in ems_pcmcia_add_card(). The fix ensures that when the last channel is unavailable, dev is freed and pdev->irq can be used instead, with an additional check that at least one channel was set up. In the available docu...

7.8CVSS8.5AI score0.00242EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.94 views

CVE-2021-47522

CVE-2021-47522 affects the Linux kernel HID bigbenff handling in uhid. When emulating the device, if no output reports exist, report_field may be NULL, risking a NULL pointer dereference. The issue has been resolved in the Linux kernel (as described in connected Astra Linux advisory blocks). Impa...

5.5CVSS7AI score0.00239EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.94 views

CVE-2021-47558

The CVE-2021-47558 issue affects Linux kernel’s net:stmmac driver. The bug occurred because Tx queues were not disabled when stopping an interface to apply new configuration, potentially causing a kernel panic during: (1) reconfiguring queue numbers (ethtool -L), (2) resizing ring buffers (ethtoo...

5.5CVSS6.5AI score0.00183EPSS
CVE
CVE
added 2024/05/24 3:12 p.m.94 views

CVE-2021-47565

The CVE-2021-47565 issue is in the Linux kernel, specifically the scsi: mpt3sas path. The root cause is a race/NULL-check problem when iterating over a host (shost) sdev list: a drive may be removed and its sas_target object freed while its sdev remains, allowing code to access sas_target->sas...

7.8CVSS6.6AI score0.00229EPSS
CVE
CVE
added 2024/06/20 11:8 a.m.94 views

CVE-2021-47619

CVE-2021-47619 concerns the i40e Linux kernel XDP path. A PF queue pile fragmentation caused by placing a flow director VSI immediately after the main VSI could prevent the main VSI from resizing its queue allocation when XDP is enabled on systems with many CPUs and an X722 NIC, leading to a NULL...

5.5CVSS6.8AI score0.0022EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.94 views

CVE-2021-47635

CVE-2021-47635 is a Linux kernel/UBIFS issue where, after ubifs sets a page private, UBIFS did not increase the page refcount, causing page migration to erroneously move a in-use page. The description in the connected advisories explains that if a page is private, the kernel expects an extra refe...

5.5CVSS5.2AI score0.00231EPSS
CVE
CVE
added 2024/10/21 8:5 p.m.94 views

CVE-2022-48972

CVE-2022-48972 affects the Linux kernel’s mac802154 code path. The issue arises in ieee802154_if_add() where a wpan_dev private data structure’s list is not initialized, potentially leading to a NULL pointer dereference during notifier handling (cfg802154_netdev_notifier_call) as devices are regi...

5.5CVSS5.2AI score0.0028EPSS
CVE
CVE
added 2025/02/26 2:10 a.m.94 views

CVE-2022-49310

CVE-2022-49310 corresponds to a Linux kernel vulnerability in the xillybus driver where a refcount leak occurs in cleanup_dev(). The root cause is the sequence: usb_get_dev is acquired in xillyusb_probe and usb_put_dev is not paired before xdev is released, leading to a potential resource leak. T...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.94 views

CVE-2022-49438

CVE-2022-49438 : In the Linux kernel, the refcount leak occurs in the path handling for device tree lookups. Specifically, of_find_node_by_path() using of_find_node_opts_by_path() returns a node pointer with an incremented refcount, but the code did not call of_node_put() when done, causing a ref...

5.5CVSS5.3AI score0.00259EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.94 views

CVE-2022-49440

CVE-2022-49440 affects the Linux kernel (PowerPC RTAS path). The root cause is MSR[RI] not being preserved when entering RTAS, while RTAS runs in real mode and may trigger a panic/ watchdog lockup if MSR[RI] is unset. The fix updates how MSR is computed before calling RTAS, ensuring a hardcoded v...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.94 views

CVE-2022-49444

CVE-2022-49444: Linux kernel vulnerability in module loading (e_shstrndx).sh_size) leading to an out-of-bounds access; described as exploitable by crafting a module. The issue is resolved by a patch that was rebased onto modules-next. Affected systems require updating to a kernel version containi...

7.1CVSS6.3AI score0.00282EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.94 views

CVE-2022-49498

CVE-2022-49498 affects the Linux kernel, specifically the ALSA PCM path. The issue: a pointer substream could be dereferenced before a null check (PCM_RUNTIME_CHECK), risking a crash/denial of service if triggered locally. The connected advisories (e.g., Astra Linux, SUSE SU-2025 updates) confirm...

5.5CVSS5.4AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.94 views

CVE-2022-49530

CVE-2022-49530 affects the Linux kernel DRM/AMD power management code. The vulnerability arises in si_parse_power_table() where allocations for adev->pm.dpm.ps and its elements can be followed by a second free in si_dpm_fini() if an allocation fails, causing a potential double-free of adev-&gt...

7.8CVSS5.5AI score0.00267EPSS
Total number of security vulnerabilities14430