Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2024/09/18 7:15 a.m.64 views

CVE-2024-46727

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why]Coverity reports NULL_RETURN warning. [How]Add otg_master NULL check.

5.5CVSS6.1AI score0.00047EPSS
CVE
CVE
added 2024/10/09 3:15 p.m.64 views

CVE-2024-47662

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection [Why]These registers should not be read from driver and triggering thesecurity violation when DMCUB work times out and diagnostics arecollected blocks Z8 entry...

5.5CVSS5.2AI score0.00047EPSS
CVE
CVE
added 2024/10/21 1:15 p.m.64 views

CVE-2024-49854

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing waker_bfqq after splitting After commit 42c306ed7233 ("block, bfq: don't break merge chain inbfq_split_bfqq()"), if the current procress is the last holder of bfqq,the bfqq can be freed after bfq_s...

7.8CVSS7.3AI score0.00048EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.64 views

CVE-2024-49910

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add NULL check for function pointer in dcn401_set_output_transfer_func This commit adds a null check for the set_output_gamma function pointerin the dcn401_set_output_transfer_func function. Previously,set_output_g...

5.5CVSS5.1AI score0.00047EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.64 views

CVE-2024-49947

In the Linux kernel, the following vulnerability has been resolved: net: test for not too small csum_start in virtio_net_hdr_to_skb() syzbot was able to trigger this warning [1], after injecting amalicious packet through af_packet, setting skb->csum_start and thusthe transport header to an incor...

5.5CVSS6.7AI score0.00053EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.64 views

CVE-2024-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nr_words in bpf_iter_bits_new() Check the validity of nr_words in bpf_iter_bits_new(). Without thischeck, when multiplication overflow occurs for nr_bits (e.g., whennr_words = 0x0400-0001, nr_bits becomes...

5.5CVSS5.6AI score0.00034EPSS
CVE
CVE
added 2024/11/19 2:16 a.m.64 views

CVE-2024-50292

In the Linux kernel, the following vulnerability has been resolved: ASoC: stm32: spdifrx: fix dma channel release in stm32_spdifrx_remove In case of error when requesting ctrl_chan DMA channel, ctrl_chan is notnull. So the release of the dma channel leads to the following issue:[ 4.879000] st,stm32...

5.5CVSS6.4AI score0.0006EPSS
CVE
CVE
added 2024/12/02 2:15 p.m.64 views

CVE-2024-53107

In the Linux kernel, the following vulnerability has been resolved: fs/proc/task_mmu: prevent integer overflow in pagemap_scan_get_args() The "arg->vec_len" variable is a u64 that comes from the user at the startof the function. The "arg->vec_len * sizeof(struct page_region))"multiplication c...

5.5CVSS6.8AI score0.0003EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.64 views

CVE-2024-53182

In the Linux kernel, the following vulnerability has been resolved: Revert "block, bfq: merge bfq_release_process_ref() into bfq_put_cooperator()" This reverts commit bc3b1e9e7c50e1de0f573eea3871db61dd4787de. The bic is associated with sync_bfqq, and bfq_release_process_ref cannotbe put into bfq_pu...

7.8CVSS7AI score0.00035EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.64 views

CVE-2024-53211

In the Linux kernel, the following vulnerability has been resolved: net/l2tp: fix warning in l2tp_exit_net found by syzbot In l2tp's net exit handler, we check that an IDR is empty beforedestroying it: WARN_ON_ONCE(!idr_is_empty(&pn->l2tp_tunnel_idr)); idr_destroy(&pn->l2tp_tunnel_idr); By fo...

6.4AI score0.00042EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.64 views

CVE-2024-56560

In the Linux kernel, the following vulnerability has been resolved: slab: Fix too strict alignment check in create_cache() On m68k, where the minimum alignment of unsigned long is 2 bytes: Kernel panic - not syncing: __kmem_cache_create_args: Failed to create slab 'io_kiocb'. Error -22 CPU: 0 UID: ...

6.6AI score0.00042EPSS
CVE
CVE
added 2025/01/19 12:15 p.m.64 views

CVE-2024-57923

In the Linux kernel, the following vulnerability has been resolved: btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path Since the input data length passed to zlib_compress_folios() can bearbitrary, always setting strm.avail_in to a multiple of PAGE_SIZE maycause read-in bytes to excee...

6.2AI score0.00042EPSS
CVE
CVE
added 2025/01/21 1:15 p.m.64 views

CVE-2024-57941

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the (non-)cancellation of copy when cache is temporarily disabled When the caching for a cookie is temporarily disabled (e.g. due to a DIOwrite on that file), future copying to the cache for that file is disableduntil al...

6.6AI score0.0004EPSS
CVE
CVE
added 2025/01/21 1:15 p.m.64 views

CVE-2024-57942

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix ceph copy to cache on write-begin At the end of netfs_unlock_read_folio() in which folios are markedappropriately for copying to the cache (either with by being marked dirtyand having their private data set or by having ...

6.5AI score0.0004EPSS
CVE
CVE
added 2025/01/21 1:15 p.m.64 views

CVE-2024-57943

In the Linux kernel, the following vulnerability has been resolved: exfat: fix the new buffer was not zeroed before writing Before writing, if a buffer_head marked as new, its data mustbe zeroed, otherwise uninitialized data in the page cache willbe written. So this commit uses folio_zero_new_buffe...

7.8CVSS6.7AI score0.0003EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2024-57990

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: fix off by one in mt7925_load_clc() This comparison should be >= instead of > to prevent an out of boundsread and write.

7.8CVSS6.6AI score0.00022EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2024-57993

In the Linux kernel, the following vulnerability has been resolved: HID: hid-thrustmaster: Fix warning in thrustmaster_probe by adding endpoint check syzbot has found a type mismatch between a USB pipe and the transferendpoint, which is triggered by the hid-thrustmaster driver[1].There is a number ...

6.6AI score0.00064EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.64 views

CVE-2025-21710

In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealeda problem in the way tcp handles window advertising in extreme memorysqueeze situations. Under memory pressure, a so...

6.3AI score0.00041EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.64 views

CVE-2025-21895

In the Linux kernel, the following vulnerability has been resolved: perf/core: Order the PMU list to fix warning about unordered pmu_ctx_list Syskaller triggers a warning due to prev_epc->pmu != next_epc->pmu inperf_event_swap_task_ctx_data(). vmcore shows that two lists have the sameperf_eve...

7AI score0.00034EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.64 views

CVE-2025-21976

In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Allow graceful removal of framebuffer When a Hyper-V framebuffer device is unbind, hyperv_fb driver tries torelease the framebuffer forcefully. If this framebuffer is in use itproduce the following WARN and hence ...

7.1AI score0.00032EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.64 views

CVE-2025-21985

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bound accesses [WHAT & HOW]hpo_stream_to_link_encoder_mapping has size MAX_HPO_DP2_ENCODERS(=4),but location can have size up to 6. As a result, it is necessary tocheck location against MAX_HPO_DP2_ENCOD...

7.1AI score0.00032EPSS
CVE
CVE
added 2025/04/16 11:15 a.m.64 views

CVE-2025-22023

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs arereturned when isoc ring is stopped") in v6.11, the driver didn't skipmissed isochronous TDs when handling Stoppe...

6.5AI score0.00034EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-22076

In the Linux kernel, the following vulnerability has been resolved: exfat: fix missing shutdown check xfstests generic/730 test failed because after deleting the devicethat still had dirty data, the file could still be read withoutreturning an error. The reason is the missing shutdown check in->...

6.4AI score0.00034EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-22077

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 ("smb: client: fix TCP timers deadlock afterrmmod") is intended to fix a null-ptr-deref in ...

5.2AI score
CVE
CVE
added 2025/04/16 3:16 p.m.64 views

CVE-2025-22101

In the Linux kernel, the following vulnerability has been resolved: net: libwx: fix Tx L4 checksum The hardware only supports L4 checksum offload for TCP/UDP/SCTP protocol.There was a bug to set Tx checksum flag for the other protocol that resultsin Tx ring hang. Fix to compute software checksum fo...

6.5AI score0.0004EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.64 views

CVE-2025-37852

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: handle amdgpu_cgs_create_device() errors in amd_powerplay_create() Add error handling to propagate amdgpu_cgs_create_device() failuresto the caller. When amdgpu_cgs_create_device() fails, release hwmgrand return -ENOMEM...

7AI score0.00036EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.64 views

CVE-2025-37873

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix missing ring index trim on error path Commit under Fixes converted tx_prod to be free running but missedmasking it on the Tx error path. This crashes on error conditions,for example when DMA mapping fails.

6.9AI score0.00025EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.64 views

CVE-2025-37887

In the Linux kernel, the following vulnerability has been resolved: pds_core: handle unsupported PDS_CORE_CMD_FW_CONTROL result If the FW doesn't support the PDS_CORE_CMD_FW_CONTROL commandthe driver might at the least print garbage and at the worstcrash when the user runs the "devlink dev info" de...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.64 views

CVE-2025-37893

In the Linux kernel, the following vulnerability has been resolved: LoongArch: BPF: Fix off-by-one error in build_prologue() Vincent reported that running BPF progs with tailcalls on LoongArchcauses kernel hard lockup. Debugging the issues shows that the JITedimage missing a jirl instruction at the...

5.5CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.64 views

CVE-2025-37967

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: displayport: Fix deadlock This patch introduces the ucsi_con_mutex_lock / ucsi_con_mutex_unlockfunctions to the UCSI driver. ucsi_con_mutex_lock ensures the connectormutex is only locked if a connection is establi...

6.5AI score0.00053EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.63 views

CVE-1999-0183

Linux implementations of TFTP would allow access to files outside the restricted directory.

6.4CVSS6.7AI score0.00725EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.63 views

CVE-1999-0656

The ugidd RPC interface, by design, allows remote attackers to enumerate valid usernames by specifying arbitrary UIDs that ugidd maps to local user and group names.

5CVSS6.7AI score0.00554EPSS
CVE
CVE
added 2003/06/16 4:0 a.m.63 views

CVE-2003-0246

The ioperm system call in Linux kernel 2.4.20 and earlier does not properly restrict privileges, which allows local users to gain read or write access to certain I/O ports.

3.6CVSS6AI score0.00122EPSS
CVE
CVE
added 2006/05/31 10:0 a.m.63 views

CVE-2004-0138

The ELF loader in Linux kernel 2.4 before 2.4.25 allows local users to cause a denial of service (crash) via a crafted ELF file with an interpreter with an invalid arch (architecture), which triggers a BUG() when an invalid VMA is unmapped.

4.9CVSS5.6AI score0.00058EPSS
CVE
CVE
added 2004/12/06 5:0 a.m.63 views

CVE-2004-0565

Floating point information leak in the context switch code for Linux 2.4.x only checks the MFH bit but does not verify the FPH owner, which allows local users to read register values of other processes by setting the MFH bit.

2.1CVSS5.7AI score0.00074EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.63 views

CVE-2004-1137

Multiple vulnerabilities in the IGMP functionality for Linux kernel 2.4.22 to 2.4.28, and 2.6.x to 2.6.9, allow local and remote attackers to cause a denial of service or execute arbitrary code via (1) the ip_mc_source function, which decrements a counter to -1, or (2) the igmp_marksources function...

10CVSS7.8AI score0.15821EPSS
CVE
CVE
added 2005/03/14 5:0 a.m.63 views

CVE-2005-0504

Buffer overflow in the MoxaDriverIoctl function for the moxa serial driver (moxa.c) in Linux 2.2.x, 2.4.x, and 2.6.x before 2.6.22 allows local users to execute arbitrary code via a certain modified length value.

4.6CVSS5.9AI score0.00148EPSS
CVE
CVE
added 2005/11/20 10:3 p.m.63 views

CVE-2005-2709

The sysctl functionality (sysctl.c) in Linux kernel before 2.6.14.1 allows local users to cause a denial of service (kernel oops) and possibly execute code by opening an interface file in /proc/sys/net/ipv4/conf/, waiting until the interface is unregistered, then obtaining and modifying function po...

4.6CVSS4.8AI score0.00219EPSS
CVE
CVE
added 2005/10/18 10:2 p.m.63 views

CVE-2005-3257

The VT implementation (vt_ioctl.c) in Linux kernel 2.6.12, and possibly other versions including 2.6.14.4, allows local users to use the KDSKBSENT ioctl on terminals of other users and gain privileges, as demonstrated by modifying key bindings using loadkeys.

4.6CVSS5.1AI score0.00385EPSS
CVE
CVE
added 2006/04/25 10:2 p.m.63 views

CVE-2006-1863

Directory traversal vulnerability in CIFS in Linux 2.6.16 and earlier allows local users to escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences, a similar vulnerability to CVE-2006-1864.

2.1CVSS7.2AI score0.00302EPSS
CVE
CVE
added 2006/08/21 9:4 p.m.63 views

CVE-2006-4093

Linux kernel 2.x.6 before 2.6.17.9 and 2.4.x before 2.4.33.1 on PowerPC PPC970 systems allows local users to cause a denial of service (crash) related to the "HID0 attention enable on PPC970 at boot time."

4.9CVSS7AI score0.00062EPSS
CVE
CVE
added 2007/01/30 7:28 p.m.63 views

CVE-2006-5753

Unspecified vulnerability in the listxattr system call in Linux kernel, when a "bad inode" is present, allows local users to cause a denial of service (data corruption) and possibly gain privileges via unknown vectors.

7.2CVSS5.9AI score0.00081EPSS
CVE
CVE
added 2006/11/09 11:7 a.m.63 views

CVE-2006-5823

The zlib_inflate function in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via a malformed filesystem that uses zlib compression that triggers memory corruption, as demonstrated using cramfs.

4CVSS6.9AI score0.00101EPSS
CVE
CVE
added 2007/05/03 5:19 p.m.63 views

CVE-2007-2480

The _udp_lib_get_port function in net/ipv4/udp.c in Linux kernel 2.6.21 and earlier does not prevent a bind to a port with a local address when there is already a bind to that port with a wildcard local address, which might allow local users to intercept local traffic for daemons or other applicati...

4.6CVSS6.3AI score0.00137EPSS
CVE
CVE
added 2007/05/08 11:19 p.m.63 views

CVE-2007-2525

Memory leak in the PPP over Ethernet (PPPoE) socket implementation in the Linux kernel before 2.6.21-git8 allows local users to cause a denial of service (memory consumption) by creating a socket using connect, and releasing it before the PPPIOCGCHAN ioctl is initialized.

4.9CVSS6.9AI score0.00088EPSS
CVE
CVE
added 2007/07/12 4:30 p.m.63 views

CVE-2007-3719

The process scheduler in the Linux kernel 2.6.16 gives preference to "interactive" processes that perform voluntary sleeps, which allows local users to cause a denial of service (CPU consumption), as described in "Secretly Monopolizing the CPU Without Superuser Privileges."

2.1CVSS6AI score0.00065EPSS
CVE
CVE
added 2007/11/09 6:46 p.m.63 views

CVE-2007-5904

Multiple buffer overflows in CIFS VFS in Linux kernel 2.6.23 and earlier allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via long SMB responses that trigger the overflows in the SendReceive function.

6.8CVSS7.4AI score0.01972EPSS
CVE
CVE
added 2008/05/29 4:32 p.m.63 views

CVE-2008-2137

The (1) sparc_mmap_check function in arch/sparc/kernel/sys_sparc.c and the (2) sparc64_mmap_check function in arch/sparc64/kernel/sys_sparc.c, in the Linux kernel 2.4 before 2.4.36.5 and 2.6 before 2.6.25.3, omit some virtual-address range (aka span) checks when the mmap MAP_FIXED bit is not set, w...

4.4CVSS5.8AI score0.00088EPSS
CVE
CVE
added 2009/07/05 4:30 p.m.63 views

CVE-2009-1388

The ptrace_start function in kernel/ptrace.c in the Linux kernel 2.6.18 does not properly handle simultaneous execution of the do_coredump function, which allows local users to cause a denial of service (deadlock) via vectors involving the ptrace system call and a coredumping thread.

5.5CVSS5AI score0.00059EPSS
CVE
CVE
added 2009/09/18 10:30 a.m.63 views

CVE-2009-1883

The z90crypt_unlocked_ioctl function in the z90crypt driver in the Linux kernel 2.6.9 does not perform a capability check for the Z90QUIESCE operation, which allows local users to leverage euid 0 privileges to force a driver outage.

4.4CVSS5.5AI score0.00077EPSS
Total number of security vulnerabilities10926