Lucene search
K
LinuxLinux Kernel

14409 matches found

CVE
CVE
added 2024/04/28 1:0 p.m.93 views

CVE-2022-48652

In CVE-2022-48652, the Linux kernel ICE driver fixes a crash when TC/channels are updated beyond allocated queues. The issue occurred when less queues were configured than TCs and later more TCs were added (e.g., via LLDP), leaving dirty num_txq/rxq and tc_cfg in the VSI and risking invalid point...

5.5CVSS6.6AI score0.00197EPSS
CVE
CVE
added 2024/08/22 1:30 a.m.93 views

CVE-2022-48910

The CVE-2022-48910 case concerns the Linux kernel IPv6 addrconf path: when NETDEV_DOWN is triggered for reasons other than actual interface down, repeated calls can leak one ifmcaddr6 per multicast group by leaking idev->mc_tomb. The fix is to ensure ipv6_mc_down() runs at most once per state ...

5.5CVSS6.6AI score0.0021EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.93 views

CVE-2022-49667

The CVE-2022-49667 issue is a Linux kernel net bonding use-after-free bug triggered by 802.3ad slave unbind. The flaw occurs when bond_3ad_unbind_slave clears an aggregator while there are still ports referencing freed memory, due to ad_clear_agg being invoked even when the port count in a group ...

7.8CVSS6.5AI score0.00281EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.93 views

CVE-2022-50085

The CVE-2022-50085 issue is present in the Linux kernel’s dm-raid path and affects the raid_resume flow. A KASAN warning is triggered when lvmetad tests exercise mddev->raid_disks vs rs->raid_disks, causing an out-of-bounds access in the raid resume loop. The connected OpenVAS/Nessus entrie...

7.8CVSS6.5AI score0.0017EPSS
CVE
CVE
added 2014/01/06 11:0 a.m.92 views

CVE-2013-7268

The CVE-2013-7268 vulnerability affects the Linux kernel up to version 3.12.3, where ipx_recvmsg in net/ipx/af_ipx.c writes a length value without confirming the associated data structure is initialized. This can allow local attackers to read kernel memory via recvfrom/recvmmsg/recvmsg. The issue...

4.9CVSS4.7AI score0.00434EPSS
CVE
CVE
added 2014/04/01 1:0 a.m.92 views

CVE-2014-2673

CVE-2014-2673 : Linux kernel TM implementation on PowerPC has a flaw in arch_dup_task_struct interacting with clone/fork. In kernels before 3.13.7, this can allow a local user to trigger a denial of service (Program Check and system crash) by executing instructions while the processor is in Trans...

4.7CVSS6.8AI score0.00401EPSS
CVE
CVE
added 2017/02/06 6:4 a.m.92 views

CVE-2016-10150

CVE-2016-10150 is a use-after-free in kvm_ioctl_create_device (virt/kvm/kvm_main.c) of the Linux kernel before 4.8.13, allowing a local host user to crash the host or possibly gain privileges via crafted ioctl calls on /dev/kvm. The fix is provided in kernel version 4.8.13 and later; remediation ...

10CVSS9AI score0.10177EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.92 views

CVE-2016-5340

CVE-2016-5340 is tied to a vulnerability in the KGSL Linux Graphics Module exposed by a QuIC Android patch for Linux kernel 3.x. The issue arises from the function is_ashmem_file in drivers/staging/android/ashmem.c, where pointer validation is mishandled. This design flaw can allow an attacker to...

7.8CVSS7.1AI score0.00303EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.92 views

CVE-2021-47122

CVE-2021-47122 refers to a Linux kernel issue in the CAIF stack where, on caif_enroll_dev() failure, the allocated link_support was not assigned to the target structure, leading to a memory leak in caif_device_notify. The fix adds a safe deallocation path to free the allocated pointer when an err...

5.5CVSS6.5AI score0.00228EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.92 views

CVE-2021-47123

CVE-2021-47123 concerns a Linux kernel use-after-free risk caused by an io_uring timeout path: a double free can occur if a linked timeout is not removed from the master request link list, potentially leading to use-after-free scenarios. The description states the fix is to always remove linked t...

7.8CVSS6.7AI score0.00219EPSS
CVE
CVE
added 2024/04/10 6:56 p.m.92 views

CVE-2021-47205

CVE-2021-47205 affects the Linux kernel clk: sunxi-ng component (CCU clocks/resets). The root cause is that during unbinding of a CCU driver, the device MMIO region is unmapped while clocks/resets and their providers remain registered, which can lead to page faults when clock operations access MM...

5.5CVSS6.3AI score0.00196EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.92 views

CVE-2021-47252

CVE-2021-47252 affects the Linux kernel batman-adv subsystem. The soft/batadv interface for a queued OGM could be modified between queuing and transmission, with WARN_ON used for kernel bugs rather than warnings. The vulnerability’s description and fixes are documented in connected advisories; th...

5.5CVSS6.7AI score0.00226EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.92 views

CVE-2021-47253

CVE-2021-47253 affects the Linux kernel’s DRM/AMD display path, where DMUB hw_init could leak memory on suspend/resume due to kzalloc allocation without guard. The fix ensures the DC wrapper memory is only allocated if it was not previously allocated, avoiding reallocation on suspend/resume. Docu...

5.5CVSS6.6AI score0.00225EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.92 views

CVE-2021-47314

CVE-2021-47314 refers to a Linux kernel issue in the fsl_ifc memory handling: on probe failure the driver could leak private memory. The connected Astra/OpenVAS/Nessus advisories reproduce that the fix was to switch to resource-managed allocation to free memory when probe errors occur, mitigating...

5.5CVSS6.8AI score0.00245EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.92 views

CVE-2021-47355

CVE-2021-47355 relates to the Linux kernel ATM nicstar driver. The issue is a use-after-free in nicstar_cleanup() caused by removing a timer with del_timer() instead of del_timer_sync(), which may allow the timer handler to still run after the device removal. The fix ensures the timer finishes an...

7.8CVSS6.6AI score0.00247EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.92 views

CVE-2021-47409

CVE-2021-47409 concerns a Linux kernel vulnerability in the USB: dwc2 subsystem where a NULL return from platform_get_resource() could lead to a NULL pointer dereference. The issue is triggered when the return value is not checked, as described in the CVE entry and echoed in connected advisories ...

5.5CVSS6.7AI score0.00244EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.92 views

CVE-2021-47423

CVE-2021-47423 is about the Linux kernel component drm/nouveau/debugfs. The root cause is a memory leak where, when using single_open() for opening, single_release() is not invoked, causing the 'op' allocated in single_open() to leak. The connected documents indicate this fix has been applied in ...

5.5CVSS6.8AI score0.00223EPSS
CVE
CVE
added 2024/05/22 8:19 a.m.92 views

CVE-2021-47477

CVE-2021-47477 is documented in connected advisories as a Linux kernel issue affecting comedi: dt9812. The root cause is DMA buffers being allocated on the stack for USB transfers; the fix allocates proper transfer buffers in the command helpers and returns an error on short transfers instead of ...

7.8CVSS7AI score0.00721EPSS
CVE
CVE
added 2024/05/24 3:1 p.m.92 views

CVE-2021-47499

CVE-2021-47499 – Linux kernel, iio: accel: kxcjk-1013 : The issue was a memory leak in the probe path for iio_triggered_buffer_setup, caused when ACPI type is ACPI_SMO8500 and data->dready_trig was not set, preventing freeing of allocated memory. The root cause is the probe-path logic leaving ...

5.5CVSS6.7AI score0.0024EPSS
CVE
CVE
added 2024/05/24 3:1 p.m.92 views

CVE-2021-47504

CVE-2021-47504 affects the Linux kernel io_uring cancel path. If a canceled work item also requires task_work processing, the item could sleep uninterruptibly in io_uring_cancel_generic() and never complete, blocking forward progress. The fix is within io_uring handling to ensure task_work runs d...

5.5CVSS6.6AI score0.00205EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.92 views

CVE-2021-47537

CVE-2021-47537 affects the Linux kernel in the octeontx2-af component, where in rvu_mbox_init() the mbox_regions pointer could be leaked on the switch-default path. The bug was a memory leak due to not freeing or returning the regions, and it is fixed by replacing a plain return err with a goto f...

5.5CVSS7.2AI score0.00193EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.92 views

CVE-2021-47542

CVE-2021-47542 affects the Linux kernel’s qlcnic logic for certain 83xx devices. In function qlcnic_83xx_add_rings() , the indirect call through ahw->hw_ops->alloc_mbx_args() can return NULL on allocation failure, and the code could dereference this NULL pointer. The patch adds a guard to v...

5.5CVSS7.2AI score0.00251EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.92 views

CVE-2021-47651

Summary : CVE-2021-47651 involves the Linux kernel driver path soc: qcom: rpmpd, where data->domains could be NULL if an allocation fails. The vulnerability stems from not validating a possible NULL return from devm_kcalloc, risking a NULL pointer dereference later. The public description indi...

5.5CVSS5.4AI score0.00232EPSS
CVE
CVE
added 2024/04/28 1:1 p.m.92 views

CVE-2022-48658

CVE-2022-48658 affects the Linux kernel:mm/slub: flush_cpu_slab()/__free_slab() invocations were moved out of IRQ context into a global workqueue. When flush_all_cpu_locked() runs from task context, a WQ_MEM_RECLAIM-enabled workqueue may flush the global workqueue, causing a dependency issue duri...

7.8CVSS6.4AI score0.00242EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.92 views

CVE-2022-48761

CVE-2022-48761 affects the Linux kernel USB xhci-plat code. The issue occurs on platforms like i.MX8QM during suspend with remote wake enabled, where xhci_suspend disables the hub wake and then accesses registers after the device clock is gated by run-time suspend. The underlying root cause was t...

5.3CVSS7AI score0.00212EPSS
CVE
CVE
added 2024/07/16 12:25 p.m.92 views

CVE-2022-48846

CVE-2022-48846 affects the Linux kernel block layer. The root cause was a memory leak in rq QoS structures added by blkcg_init_queue() when a request queue could lack a disk (e.g., unpresent SCSI LUNs or NVMe admin queue) after a patch moved rq_qos_exit() into del_gendisk(). The fix restores prop...

5.5CVSS7AI score0.00219EPSS
CVE
CVE
added 2024/07/16 12:25 p.m.92 views

CVE-2022-48850

CVE-2022-48850 concerns the Linux kernel vulnerability in net-sysfs, where speed_show could panic when a netdevice is in the process of being shut down or already removed. The root cause described is a missing check for the netdevice’s presence, which could lead to a NULL pointer dereference in d...

5.5CVSS6AI score0.00211EPSS
CVE
CVE
added 2024/07/16 12:25 p.m.92 views

CVE-2022-48865

CVE-2022-48865 affects the Linux kernel TIPc bearer path; root cause is a race where monitoring data is not yet allocated when a bearer is enabled, leading to a NULL pointer dereference (mon->dom_gen) during tipc_mon_prep(). The issue was fixed by allocating the monitoring data before enabling...

5.5CVSS6AI score0.00259EPSS
CVE
CVE
added 2024/10/21 8:5 p.m.92 views

CVE-2022-48950

CVE-2022-48950 affects the Linux kernel: perf_pending_task() UaF could run after the event is freed. The root cause involves two situations: (1) task_work already queued before destroying the event; (2) destroying the event queues task_work. The documented fix is to extend the perf_event lifetime...

7.8CVSS7.3AI score0.00253EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.92 views

CVE-2022-49073

Summary (CVE-2022-49073): In the Linux kernel, the sata_dwc_460ex/PCIe SATA controller driver had an OOB write crash due to incorrect use of libata tag values. The patch increases ATA_TAG_INTERNAL to 32 and fixes SATA_DWC_QCMD_MAX to account for that, setting it to ATA_MAX_QUEUE + 1 to avoid out-...

7.8CVSS6.6AI score0.0026EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.92 views

CVE-2022-49092

CVE-2022-49092 concerns a Linux kernel net/ipv4 routing issue where deleting a route that points to a nexthop ID (without nhid) triggers a warning in fib_nh_match when a nexthop object is present. The root cause is a match operation on a fib_info with a nexthop object; the fix is to skip such mat...

5.5CVSS5.2AI score0.00254EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.92 views

CVE-2022-49095

CVE-2022-49095 : In the Linux kernel, the zorro7xx SCSI driver had a resource leak in zorro7xx_remove_one() where an allocated resource was not freed in the remove path. Some error paths required undoing an ioremap(). A missing iounmap() call was added in the remove function to fix the leak. Vers...

5.5CVSS5.4AI score0.00244EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.92 views

CVE-2022-49157

CVE-2022-49157 affects the Linux kernel scsi/qla2xxx driver. After a recoverable PCI error is detected and recovered, the qla2xxx driver may perform premature hardware access if the error condition persists or resume signaling is not yet received. The description and logs show a PCI disconnect an...

5.5CVSS5.4AI score0.00252EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.92 views

CVE-2022-49243

CVE-2022-49243 is a Linux kernel vulnerability affecting ASoC: atmel via the at91sam9g20ek_audio_probe path. The issue is a refcount mismatch: of_parse_phandle() returns a node pointer with a refcount that is incremented in the probe function, but a missing of_node_put() caused a leak. A fix was ...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.92 views

CVE-2022-49359

CVE-2022-49359 : In Linux kernel’s DRM Panfrost handling, a use-after-free occurs when a panfrost_priv is freed but a job structure continues to reference it to obtain the MMU context. The fix drops the panfrost_priv reference from the job and adds a direct reference to the MMU structure that is ...

7.8CVSS5.4AI score0.00258EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.92 views

CVE-2022-49431

CVE-2022-49431 concerns the Linux kernel powerpc iommu: a missing of_node_put in iommu_init_early_dart leads to a refcount leak for the device_node returned by of_find_compatible_node. The issue is local in scope (AV:L, AC:L, PR:L, UI:N) with a high impact on availability and a moderate base scor...

5.5CVSS5.3AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.92 views

CVE-2022-49570

CVE-2022-49570 affecting the Linux kernel gpio-xilinx driver. The issue is an integer overflow/overflow-prone data type that prevents configuring more than 32 pins; the fix casts to unsigned long to handle larger pin counts. Public references point to kernel stable tree patches (e.g., git.kernel....

5.5CVSS6.5AI score0.00243EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.92 views

CVE-2022-49694

The CVE-2022-49694 vulnerability affects the Linux kernel in the block I/O subsystem, where the elevator is disabled in del_gendisk. The root cause is a use-after-free risk on q->tag_set because the elevator disabling and scheduler tag freeing were performed in disk_release/blk_cleanup_queue t...

7.8CVSS5.5AI score0.00234EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.92 views

CVE-2022-49875

CVE-2022-49875: In the Linux kernel, bpftool can cause a NULL pointer dereference when pinning BPFFS objects (PROG, MAP, LINK) without a FILE, leading to a local segmentation fault. The root cause is strlen being invoked on a NULL name during mount_bpffs_for_pin. The mitigation provided in the so...

5.5CVSS6.5AI score0.00183EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.92 views

CVE-2022-49915

The CVE-2022-49915 issue affects the Linux kernel mISDN path and is caused by a memory leak in mISDN_register_device due to how device names were allocated. After the commit 1fa5ae857bb1 (driver core: get rid of struct device's bus_id string array), the device name is allocated dynamically and fr...

5.5CVSS6.4AI score0.00173EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.92 views

CVE-2022-49964

CVE-2022-49964 affects the Linux kernel arm64 cacheinfo path. The root cause was assigning a signed error value (-ENOENT) returned by acpi_find_last_cache_level() to an unsigned fw_level, causing the number of cache leaves to become an enormous value and triggering a warning in __alloc_pages. The...

5.5CVSS6.4AI score0.00184EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.92 views

CVE-2022-50046

In CVE-2022-50046, the Linux kernel fixes a memory-leak and potential NULL-dereference in net/sunrpc rpc_sysfs_xprt_state_change(): on error paths, xprt may fail to decrement the reference count of xps and may use an invalid xps. The issue arises because the function does not always handle errors...

5.5CVSS6.7AI score0.00157EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.92 views

CVE-2022-50073

CVE-2022-50073 affects the Linux kernel TAP path. Root cause: in dev_parse_header_protocol the code dereferences skb->dev which can be NULL when the tap driver calls virtio_net_hdr_to_skb, causing a NULL pointer dereference. The issue is triggered in tap_get_user/tap_sendmsg paths and can cras...

5.5CVSS6.1AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.92 views

CVE-2022-50177

CVE-2022-50177 concerns the Linux kernel where rcutorture ksoftirqd boosting timing/iteration could fail, causing RCU priority boosting to break under certain CPU configurations. The documented root causes are: (1) when the total CPUs exceed booted online CPUs, leading to boosting not applying to...

5.5CVSS6.3AI score0.00202EPSS
CVE
CVE
added 2025/06/18 11:4 a.m.92 views

CVE-2022-50228

CVE-2022-50228 is a Linux kernel vulnerability affecting KVM on x86 with SVM. The issue occurs when userspace can inject an interrupt with GIF=0, which can trigger a kernel BUG (fatal crash) in arch/x86/kvm/svm/svm.c. The provided descriptions explicitly show a kernel BUG at svm_inject_irq and an...

5.5CVSS6.5AI score0.00224EPSS
CVE
CVE
added 2024/03/02 9:52 p.m.92 views

CVE-2023-52506

CVE-2023-52506 affects the Linux kernel on LoongArch. Root cause: early memblock_reserve() during memblock_init sets node id to MAX_NUMNODES, causing NODE_DATA(nid) NULL dereferences in reserve_bootmem_region() and chain calls, triggering a kernel panic on boot when DEFERRED_STRUCT_PAGE_INIT is e...

5.5CVSS6.4AI score0.00222EPSS
CVE
CVE
added 2024/03/02 9:59 p.m.92 views

CVE-2023-52573

In the Linux kernel, CVE-2023-52573 is a NULL-pointer dereference in the RDS path. Specifically, rds_rdma_cm_event_handler_cmn() now checks conn before dereferencing it as an rdma_set_service_type() argument. This fixes a possible NULL-pointer dereference. Connected advisories also reiterate the ...

5.5CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/05/17 2:2 p.m.92 views

CVE-2023-52673

CVE-2023-52673 — Linux kernel (drm/amd/display): A debugfs-related NULL pointer error was fixed in the AMD display code. The root cause was calling the get_subvp_en() callback without verifying its existence. The fix adds a check for the callback before invocation, preventing potential NULL deref...

5.5CVSS6.7AI score0.00202EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.92 views

CVE-2023-52808

Summary: CVE-2023-52808 affects the Linux kernel driver path for the Hisilicon SAS host bus adapter (hisi_sas). The root cause is that after a failed init path, debugfs_remove_recursive() is called but debugfs_dir is not set to NULL, causing a NULL pointer dereference during device removal. Impac...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.92 views

CVE-2023-52899

CVE-2023-52899 – kernel vulnerability (Linux kernel) has concrete details in connected advisories: a missing protection in the AXI channel error handling path (axi_chan_handle_err) for the vd signal can lead to a NULL pointer dereference and kernel panic. The issue is described as “Add exception ...

5.5CVSS6.3AI score0.0024EPSS
Total number of security vulnerabilities14409