Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2010/03/19 7:30 p.m.63 views

CVE-2009-4271

The Linux kernel 2.6.9 through 2.6.17 on the x86_64 and amd64 platforms allows local users to cause a denial of service (panic) via a 32-bit application that calls mprotect on its Virtual Dynamic Shared Object (VDSO) page and then triggers a segmentation fault.

4.7CVSS5.8AI score0.00047EPSS
CVE
CVE
added 2010/06/08 12:30 a.m.63 views

CVE-2010-1636

The btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the btrfs functionality in the Linux kernel 2.6.29 through 2.6.32, and possibly other versions, does not ensure that a cloned file descriptor has been opened for reading, which allows local users to read sensitive information from a write-only f...

2.1CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2010/09/30 3:0 p.m.63 views

CVE-2010-2538

Integer overflow in the btrfs_ioctl_clone function in fs/btrfs/ioctl.c in the Linux kernel before 2.6.35 might allow local users to obtain sensitive information via a BTRFS_IOC_CLONE_RANGE ioctl call.

5.5CVSS5.8AI score0.00076EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.63 views

CVE-2011-0716

The br_multicast_add_group function in net/bridge/br_multicast.c in the Linux kernel before 2.6.38, when a certain Ethernet bridge configuration is used, allows local users to cause a denial of service (memory corruption and system crash) by sending IGMP packets to a local interface.

4.7CVSS7AI score0.00068EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.63 views

CVE-2011-1021

drivers/acpi/debugfs.c in the Linux kernel before 3.0 allows local users to modify arbitrary kernel memory locations by leveraging root privileges to write to the /sys/kernel/debug/acpi/custom_method file. NOTE: this vulnerability exists because of an incomplete fix for CVE-2010-4347.

3.6CVSS7AI score0.2603EPSS
Web
CVE
CVE
added 2012/06/13 10:24 a.m.63 views

CVE-2011-1759

Integer overflow in the sys_oabi_semtimedop function in arch/arm/kernel/sys_oabi-compat.c in the Linux kernel before 2.6.39 on the ARM platform, when CONFIG_OABI_COMPAT is enabled, allows local users to gain privileges or cause a denial of service (heap memory corruption) by providing a crafted arg...

6.2CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2011/09/06 4:55 p.m.63 views

CVE-2011-2184

The key_replace_session_keyring function in security/keys/process_keys.c in the Linux kernel before 2.6.39.1 does not initialize a certain structure member, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact via a KEYC...

7.2CVSS7.5AI score0.001EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.63 views

CVE-2011-4324

The encode_share_access function in fs/nfs/nfs4xdr.c in the Linux kernel before 2.6.29 allows local users to cause a denial of service (BUG and system crash) by using the mknod system call with a pathname on an NFSv4 filesystem.

4.9CVSS5.5AI score0.00158EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.63 views

CVE-2011-4611

Integer overflow in the perf_event_interrupt function in arch/powerpc/kernel/perf_event.c in the Linux kernel before 2.6.39 on powerpc platforms allows local users to cause a denial of service (unhandled performance monitor exception) via vectors that trigger certain outcomes of performance events.

4.9CVSS6.2AI score0.00048EPSS
CVE
CVE
added 2013/03/22 11:59 a.m.63 views

CVE-2013-1848

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.

6.2CVSS5AI score0.00055EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.63 views

CVE-2013-2548

The crypto_report_one function in crypto/crypto_user.c in the report API in the crypto user configuration API in the Linux kernel through 3.8.2 uses an incorrect length value during a copy operation, which allows local users to obtain sensitive information from kernel memory by leveraging the CAP_N...

2.1CVSS5.3AI score0.00074EPSS
CVE
CVE
added 2013/04/22 11:40 a.m.63 views

CVE-2013-3076

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recvmsg function in crypto/algif_hash.c and the skcip...

4.9CVSS6.8AI score0.00084EPSS
CVE
CVE
added 2013/11/12 2:35 p.m.63 views

CVE-2013-4516

The mp_get_count function in drivers/staging/sb105x/sb_pci_mp.c in the Linux kernel before 3.12 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a TIOCGICOUNT ioctl call.

4.9CVSS6.6AI score0.00034EPSS
CVE
CVE
added 2014/02/28 6:18 a.m.63 views

CVE-2014-2039

arch/s390/kernel/head64.S in the Linux kernel before 3.13.5 on the s390 platform does not properly handle attempted use of the linkage stack, which allows local users to cause a denial of service (system crash) by executing a crafted instruction.

4.9CVSS5.7AI score0.00038EPSS
CVE
CVE
added 2016/08/06 10:59 a.m.63 views

CVE-2014-9888

arch/arm/mm/dma-mapping.c in the Linux kernel before 3.13 on ARM platforms, as used in Android before 2016-08-05 on Nexus 5 and 7 (2013) devices, does not prevent executable DMA mappings, which might allow local users to gain privileges via a crafted application, aka Android internal bug 28803642 a...

7.8CVSS7AI score0.00044EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.63 views

CVE-2017-0569

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.02192EPSS
Web
CVE
CVE
added 2017/12/27 5:8 p.m.63 views

CVE-2017-17853

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging incorrect BPF_RSH signed bounds calculations.

7.8CVSS7.4AI score0.00071EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.63 views

CVE-2017-17855

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging improper use of pointers in place of scalars.

7.8CVSS7.4AI score0.00061EPSS
CVE
CVE
added 2017/05/23 5:29 a.m.63 views

CVE-2017-9211

The crypto_skcipher_init_tfm function in crypto/skcipher.c in the Linux kernel through 4.11.2 relies on a setkey function that lacks a key-size check, which allows local users to cause a denial of service (NULL pointer dereference) via a crafted application.

5.5CVSS5AI score0.00044EPSS
CVE
CVE
added 2018/10/08 10:29 p.m.63 views

CVE-2018-14656

A missing address check in the callers of the show_opcodes() in the Linux kernel allows an attacker to dump the kernel memory at an arbitrary kernel address into the dmesg log.

7CVSS5.2AI score0.00094EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.63 views

CVE-2021-47083

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: fix global-out-of-bounds issue When eint virtual eint number is greater than gpio number,it maybe produce 'desc[eint_n]' size globle-out-of-bounds issue.

7.1CVSS6.3AI score0.00016EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.63 views

CVE-2021-47093

In the Linux kernel, the following vulnerability has been resolved: platform/x86: intel_pmc_core: fix memleak on registration failure In case device registration fails during module initialisation, theplatform device structure needs to be freed using platform_device_put()to properly free all resour...

5.5CVSS6.3AI score0.00012EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.63 views

CVE-2021-47096

In the Linux kernel, the following vulnerability has been resolved: ALSA: rawmidi - fix the uninitalized user_pversion The user_pversion was uninitialized for the user space file structurein the open function, because the file private structure usekmalloc for the allocation. The kernel ALSA sequenc...

4CVSS5.5AI score0.00014EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.63 views

CVE-2021-47146

In the Linux kernel, the following vulnerability has been resolved: mld: fix panic in mld_newpack() mld_newpack() doesn't allow to allocate high order page,only order-0 allocation is allowed.If headroom size is too large, a kernel panic could occur in skb_put(). Test commands:ip netns del Aip netns...

5.5CVSS6.4AI score0.00008EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.63 views

CVE-2021-47161

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix a resource leak in an error handling path 'dspi_request_dma()' should be undone by a 'dspi_release_dma()' call in theerror handling path of the probe function, as already done in the removefunction

5.5CVSS6AI score0.00008EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.63 views

CVE-2021-47180

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: fix memory leak in nci_allocate_device nfcmrvl_disconnect fails to free the hci_dev field in struct nci_dev.Fix this by freeing hci_dev in nci_free_device. BUG: memory leakunreferenced object 0xffff888111ea6800 (size 1024...

5.5CVSS6.4AI score0.00008EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.63 views

CVE-2021-47192

In the Linux kernel, the following vulnerability has been resolved: scsi: core: sysfs: Fix hang when device state is set via sysfs This fixes a regression added with: commit f0f82e2476f6 ("scsi: core: Fix capacity set to zero afterofflinining device") The problem is that after iSCSI recovery, iscsi...

5.3CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.63 views

CVE-2021-47198

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix use-after-free in lpfc_unreg_rpi() routine An error is detected with the following report when unloading the driver:"KASAN: use-after-free in lpfc_unreg_rpi+0x1b1b" The NLP_REG_LOGIN_SEND nlp_flag is set in lpfc_reg...

7.8CVSS6.4AI score0.00014EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.63 views

CVE-2021-47206

In the Linux kernel, the following vulnerability has been resolved: usb: host: ohci-tmio: check return value after calling platform_get_resource() It will cause null-ptr-deref if platform_get_resource() returns NULL,we need check the return value.

5.5CVSS6.5AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47232

In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue,without incrementing the ref count. This leads to a ...

8.4CVSS8.1AI score0.00022EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47333

In the Linux kernel, the following vulnerability has been resolved: misc: alcor_pci: fix null-ptr-deref when there is no PCI bridge There is an issue with the ASPM(optional) capability checking function.A device might be attached to root complex directly, in this case,bus->self(bridge) will be N...

5.5CVSS6.9AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47335

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid racing on fsync_entry_slab by multi filesystem instances As syzbot reported, there is an use-after-free issue during f2fs recovery: Use-after-free write at 0xffff88823bc16040 (in kfence-#10):kmem_cache_destroy+0x...

5.5CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47427

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix iscsi_task use after free Commit d39df158518c ("scsi: iscsi: Have abort handler get ref to conn")added iscsi_get_conn()/iscsi_put_conn() calls during abort handling butthen also changed the handling of the case whe...

7.8CVSS6.8AI score0.00023EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.63 views

CVE-2021-47431

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix gart.bo pin_count leak gmc_v{9,10}_0_gart_disable() isn't called matched withcorrespoding gart_enbale function in SRIOV case. This willlead to gart.bo pin_count leak on driver unload.

6.6AI score0.00033EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.63 views

CVE-2021-47444

In the Linux kernel, the following vulnerability has been resolved: drm/edid: In connector_bad_edid() cap num_of_ext by num_blocks read In commit e11f5bd8228f ("drm: Add support for DP 1.4 Compliance edidcorruption test") the function connector_bad_edid() started assumingthat the memory for the EDI...

6.6AI score0.00023EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.63 views

CVE-2021-47506

In the Linux kernel, the following vulnerability has been resolved: nfsd: fix use-after-free due to delegation race A delegation break could arrive as soon as we've called vfs_setlease. Adelegation break runs a callback which immediately (innfsd4_cb_recall_prepare) adds the delegation to del_recall...

7.8CVSS6.8AI score0.00012EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.63 views

CVE-2021-47553

In the Linux kernel, the following vulnerability has been resolved: sched/scs: Reset task stack state in bringup_cpu() To hot unplug a CPU, the idle task on that CPU calls a few layers of Ccode before finally leaving the kernel. When KASAN is in use, poisonedshadow is left around for each of the ac...

7.1AI score0.0003EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.63 views

CVE-2021-47577

In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker task_work We check IO_WQ_BIT_EXIT before attempting to create a new worker, andwq exit cancels pending work if we have any. But it's possible to havea race between the two, where cre...

6.5AI score0.0002EPSS
CVE
CVE
added 2022/09/01 9:15 p.m.63 views

CVE-2022-2308

A flaw was found in vDPA with VDUSE backend. There are currently no checks in VDUSE kernel driver to ensure the size of the device config space is in line with the features advertised by the VDUSE userspace application. In case of a mismatch, Virtio drivers config read helpers do not initialize the...

6.5CVSS6.8AI score0.00014EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.63 views

CVE-2022-48646

In the Linux kernel, the following vulnerability has been resolved: sfc/siena: fix null pointer dereference in efx_hard_start_xmit Like in previous patch for sfc, prevent potential (but unlikely) NULLpointer dereference.

6.2CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/05/03 6:15 p.m.63 views

CVE-2022-48705

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921e: fix crash in chip reset fail In case of drv own fail in reset, we may need to run mac_reset severaltimes. The sequence would trigger system crash as the log below. Because we do not re-enable/schedule "tx_napi"...

6.6AI score0.00026EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.63 views

CVE-2022-48823

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Fix refcount issue when LOGO is received during TMF Hung task call trace was seen during LOGO processing. [ 974.309060] [0000:00:00.0]:[qedf_eh_device_reset:868]: 1:0:2:0: LUN RESET Issued...[ 974.309065] [0000:00:00.0]...

6.7AI score0.00036EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.63 views

CVE-2022-48843

In the Linux kernel, the following vulnerability has been resolved: drm/vrr: Set VRR capable prop only if it is attached to connector VRR capable property is not attached by default to the connectorIt is attached only if VRR is supported.So if the driver tries to call drm core set prop function wit...

5.5CVSS6.9AI score0.00017EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.63 views

CVE-2022-48868

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Let probe fail when workqueue cannot be enabled The workqueue is enabled when the appropriate driver is loaded anddisabled when the driver is removed. When the driver is removed itassumes that the workqueue was ena...

5.5CVSS6.3AI score0.0003EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.63 views

CVE-2022-48902

In the Linux kernel, the following vulnerability has been resolved: btrfs: do not WARN_ON() if we have PageError set Whenever we do any extent buffer operations we callassert_eb_page_uptodate() to complain loudly if we're operating on annon-uptodate page. Our overnight tests caught this warning ear...

5.5CVSS6.5AI score0.00039EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.63 views

CVE-2022-48950

In the Linux kernel, the following vulnerability has been resolved: perf: Fix perf_pending_task() UaF Per syzbot it is possible for perf_pending_task() to run after theevent is free()'d. There are two related but distinct cases: the task_work was already queued before destroying the event; destroyi...

7.8CVSS7.3AI score0.00074EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.63 views

CVE-2022-48961

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leakwhile probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2,of_node_get()/of_node_...

5.5CVSS5.2AI score0.00072EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.63 views

CVE-2022-49002

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in dmar_dev_scope_init() for_each_pci_dev() is implemented by pci_get_device(). The comment ofpci_get_device() says that it will increase the reference count for thereturned pci_dev and also...

5.5CVSS5.2AI score0.00053EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.63 views

CVE-2022-49015

In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to netif_rx() which may free it, after calling this,dereferencing skb may trigger use-after-free.

7.8CVSS7.3AI score0.00012EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.63 views

CVE-2022-49052

In the Linux kernel, the following vulnerability has been resolved: mm: fix unexpected zeroed page mapping with zram swap Two processes under CLONE_VM cloning, user process can be corrupted byseeing zeroed page unexpectedly. CPU A CPU B do_swap_page do_swap_pageSWP_SYNCHRONOUS_IO path SWP_SYNCHRONO...

5.3AI score0.00058EPSS
Total number of security vulnerabilities10926