Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2022-48707

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Fix null pointer dereference for resetting decoder Not all decoders have a reset callback. The CXL specification allows a host bridge with a single root port tohave no explicit HDM decoders. Currently the region driver ...

5.5CVSS6.7AI score0.00107EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.58 views

CVE-2022-48721

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may besome socket waitqueue entries remaining in smc socket->wq, suchas eppoll_entries inserted by userspac...

6.6AI score0.00039EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.58 views

CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked.Ensure we put it.

5.3CVSS6.9AI score0.00027EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48777

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty)the kernel panics in the cleanup function as the name entry is NULL.Rework the parser logic by first c...

5.5CVSS6.7AI score0.00035EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48779

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so ifthis is the same as the port's pvid_vlan which we access afterwards,what we're accessing is freed mem...

7.8CVSS7.4AI score0.00044EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48812

In the Linux kernel, the following vulnerability has been resolved: net: dsa: lantiq_gswip: don't use devres for mdiobus As explained in commits:74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres")5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_fre...

6.7AI score0.00073EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48825

In the Linux kernel, the following vulnerability has been resolved: scsi: qedf: Add stag_work to all the vports Call trace seen when creating NPIV ports, only 32 out of 64 show online.stag work was not initialized for vport, hence initialize the stag work. WARNING: CPU: 8 PID: 645 at kernel/workque...

6.6AI score0.00073EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.58 views

CVE-2022-48834

In the Linux kernel, the following vulnerability has been resolved: usb: usbtmc: Fix bug in pipe direction for control transfers The syzbot fuzzer reported a minor bug in the usbtmc driver: usb 5-1: BOGUS control dir, pipe 80001e80 doesn't match bRequestType 0WARNING: CPU: 0 PID: 3813 at drivers/us...

7.8CVSS7.8AI score0.00039EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.58 views

CVE-2022-48846

In the Linux kernel, the following vulnerability has been resolved: block: release rq qos structures for queue without disk blkcg_init_queue() may add rq qos structures to request queue, previouslyblk_cleanup_queue() calls rq_qos_exit() to release them, but commit8e141f9eb803 ("block: drain file sy...

5.5CVSS7AI score0.0003EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49077

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) If an mremap() syscall with old_size=0 ends up in move_page_tables(), itwill call invalidate_range_start()/invalidate_range_end() unnecessarily,i.e. with ...

5.3AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49108

In the Linux kernel, the following vulnerability has been resolved: clk: mediatek: Fix memory leaks on probe Handle the error branches to free memory where required. Addresses-Coverity-ID: 1491825 ("Resource leak")

5.5CVSS5.4AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49138

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: Ignore multiple conn complete events When one of the three connection complete events is received multipletimes for the same handle, the device is registered multiple times whichleads to memory corruptions. Th...

5.4AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49150

In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram The of_find_compatible_node() function returns a node pointer withrefcount incremented, We should use of_node_put() on it when doneAdd the missing of_node_put()...

5.5CVSS6.4AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49165

In the Linux kernel, the following vulnerability has been resolved: media: imx-jpeg: Prevent decoding NV12M jpegs into single-planar buffers If the application queues an NV12M jpeg as output buffer, but thenqueues a single planar capture buffer, the kernel will crash with"Unable to handle kernel NU...

5.2AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49192

In the Linux kernel, the following vulnerability has been resolved: drivers: ethernet: cpsw: fix panic when interrupt coaleceing is set via ethtool cpsw_ethtool_begin directly returns the result of pm_runtime_get_syncwhen successful.pm_runtime_get_sync returns -error code on failure and 0 on succes...

5.5AI score0.00033EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49203

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix double free during GPU reset on DC streams [Why]The issue only occurs during the GPU reset code path. We first backup the current state prior to commiting 0 streamsinternally from DM to DC. This state backup co...

5.5CVSS5.5AI score0.0003EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49255

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fs_handle_failed_inode This patch fixes xfstests/generic/475 failure. [ 293.680694] F2FS-fs (dm-1): May loss orphan inode, run fsck to fix.[ 293.685358] Buffer I/O error on dev dm-1, logical block 83...

6.2AI score0.00062EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49266

In the Linux kernel, the following vulnerability has been resolved: block: fix rq-qos breakage from skipping rq_qos_done_bio() a647a524a467 ("block: don't call rq_qos_ops->done_bio if the bio isn'ttracked") made bio_endio() skip rq_qos_done_bio() if BIO_TRACKED is not set.While this fixed a pote...

5.5AI score0.0003EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49270

In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be calledbefore blk_cleanup_disk() starts its killing: blk_cleanup_disk->blk_cleanup_queue()->kobject_put()->blk_release_queue(...

7.8CVSS5.3AI score0.00018EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49274

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2_qinfo_lock_res_init+0x44/0x50 [ocfs2]Call Trace:ocfs2_local_read_info+0xb9/0x6f0 [ocfs2]dquot_load_quo...

5.2AI score0.00033EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49289

In the Linux kernel, the following vulnerability has been resolved: uaccess: fix integer overflow on access_ok() Three architectures check the end of a user access against theaddress limit without taking a possible overflow into account.Passing a negative length or another overflow in here returnss...

5.6AI score0.00033EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49386

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw-nuss: Fix some refcount leaks of_get_child_by_name() returns a node pointer with refcountincremented, we should use of_node_put() on it when not need anymore.am65_cpsw_init_cpts() and am65_cpsw_nuss_pro...

5.5CVSS5.3AI score0.00032EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49496

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: prevent kernel crash when rmmod mtk-vcodec-dec.ko If the driver support subdev mode, the parameter "dev->pm.dev" will beNULL in mtk_vcodec_dec_remove. Kernel will crash when try to rmmodmtk-vcodec-dec.ko...

5.5CVSS5.2AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49499

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix null pointer dereferences without iommu Check if 'aspace' is set before using it as it will stay null withoutIOMMU, such as on msm8974.

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49506

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Add vblank register/unregister callback functions We encountered a kernel panic issue that callback data will be NULL whenit's using in ovl irq handler. There is a timing issue betweenmtk_disp_ovl_irq_handler() and mt...

5.2AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49509

In the Linux kernel, the following vulnerability has been resolved: media: i2c: max9286: fix kernel oops when removing module When removing the max9286 module we get a kernel oops: Unable to handle kernel paging request at virtual address 000000aa00000094Mem abort info:ESR = 0x96000004EC = 0x25: DA...

6.3AI score0.00014EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49512

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: denali: Use managed device resources All of the resources used by this driver has managed interfaces, so usethem. Otherwise we will get the following splat: [ 4.472703] denali-nand-pci 0000:00:05.0: timeout while wait...

5.3AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49650

In the Linux kernel, the following vulnerability has been resolved: dmaengine: qcom: bam_dma: fix runtime PM underflow Commit dbad41e7bb5f ("dmaengine: qcom: bam_dma: check if the runtime pm enabled")caused unbalanced pm_runtime_get/put() calls when the bam iscontrolled remotely. This commit revert...

6.6AI score0.00043EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49682

In the Linux kernel, the following vulnerability has been resolved: xtensa: Fix refcount leak bug in time.c In calibrate_ccount(), of_find_compatible_node() will return a nodepointer with refcount incremented. We should use of_node_put() whenit is not used anymore.

5.5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49709

In the Linux kernel, the following vulnerability has been resolved: cfi: Fix __cfi_slowpath_diag RCU usage with cpuidle RCU_NONIDLE usage during __cfi_slowpath_diag can result in an invalidRCU state in the cpuidle code path: WARNING: CPU: 1 PID: 0 at kernel/rcu/tree.c:613 rcu_eqs_enter+0xe4/0x138.....

5.5AI score0.00031EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.58 views

CVE-2022-49778

In the Linux kernel, the following vulnerability has been resolved: arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud The page table check trigger BUG_ON() unexpectedly when collapse hugepage: ------------[ cut here ]------------kernel BUG at mm/page_table_check.c:82!Internal error: Oops ...

6.7AI score0.00027EPSS
CVE
CVE
added 2023/02/28 9:15 p.m.58 views

CVE-2023-22997

In the Linux kernel before 6.1.2, kernel/module/decompress.c misinterprets the module_get_next_page return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

5.5CVSS5AI score0.00014EPSS
CVE
CVE
added 2023/07/18 12:15 a.m.58 views

CVE-2023-38430

An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read.

9.1CVSS8.8AI score0.00066EPSS
CVE
CVE
added 2024/04/02 7:15 a.m.58 views

CVE-2023-52636

In the Linux kernel, the following vulnerability has been resolved: libceph: just wait for more data to be available on the socket A short read may occur while reading the message footer from thesocket. Later, when the socket is ready for another read, themessenger invokes all read_partial_*() hand...

5.5CVSS6.5AI score0.00012EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2023-52739

In the Linux kernel, the following vulnerability has been resolved: Fix page corruption caused by racy check in __free_pages When we upgraded our kernel, we started seeing some page corruption likethe following consistently: BUG: Bad page state in process ganesha.nfsd pfn:1304capage:0000000022261c5...

6.8AI score0.00021EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2023-52754

In the Linux kernel, the following vulnerability has been resolved: media: imon: fix access to invalid resource for the second interface imon driver probes two USB interfaces, and at the probe of the secondinterface, the driver assumes blindly that the first interface gotbound with the same imon dr...

6.7AI score0.00133EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2023-52794

In the Linux kernel, the following vulnerability has been resolved: thermal: intel: powerclamp: fix mismatch in get function for max_idle KASAN reported this [ 444.853098] BUG: KASAN: global-out-of-bounds in param_get_int+0x77/0x90 [ 444.853111] Read of size 4 at addr ffffffffc16c9220 by task cat/2...

7.1CVSS6.7AI score0.00125EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.58 views

CVE-2023-52894

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: fix potential NULL ptr deref in ncm_bitrate() In Google internal bug 265639009 we've received an (as yet) unreproduciblecrash report from an aarch64 GKI 5.10.149-android13 running device. AFAICT the source code ...

5.5CVSS6.3AI score0.00048EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.58 views

CVE-2023-52900

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix general protection fault in nilfs_btree_insert() If nilfs2 reads a corrupted disk image and tries to reads a b-tree nodeblock by calling __nilfs_btree_get_block() against an invalid virtualblock address, it returns -ENO...

5.5CVSS6.7AI score0.00048EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.58 views

CVE-2023-52998

In the Linux kernel, the following vulnerability has been resolved: net: fec: Use page_pool_put_full_page when freeing rx buffers The page_pool_release_page was used when freeing rx buffers, and thisfunction just unmaps the page (if mapped) and does not recycle the page.So after hundreds of down/up...

6.7AI score0.00035EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53083

In the Linux kernel, the following vulnerability has been resolved: nfsd: don't replace page in rq_pages if it's a continuation of last page The splice read calls nfsd_splice_actor to put the pages containing filedata into the svc_rqst->rq_pages array. It's possible however to get asplice result...

6.2AI score0.00027EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53112

In the Linux kernel, the following vulnerability has been resolved: drm/i915/sseu: fix max_subslices array-index-out-of-bounds access It seems that commit bc3c5e0809ae ("drm/i915/sseu: Don't try to store EUmask internally in UAPI format") exposed a potential out-of-boundsaccess, reported by UBSAN a...

6.5AI score0.00025EPSS
CVE
CVE
added 2024/02/08 1:15 p.m.58 views

CVE-2024-1312

A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.

5.1CVSS4.5AI score0.00022EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.58 views

CVE-2024-26690

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: protect updates of 64-bit statistics counters As explained by a comment in , write side of structu64_stats_sync must ensure mutual exclusion, or one seqcount update couldbe lost on 32-bit platforms, thus blocking reade...

6.5CVSS6.3AI score0.001EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.58 views

CVE-2024-26738

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller When a PCI device is dynamically added, the kernel oopses with a NULLpointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030Fault...

5.5CVSS6.5AI score0.00121EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.58 views

CVE-2024-26765

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Disable IRQ before init_fn() for nonboot CPUs Disable IRQ before init_fn() for nonboot CPUs when hotplug, in order tosilence such warnings (and also avoid potential errors due to unexpectedinterrupts): WARNING: CPU: 1 PI...

5.5CVSS6.4AI score0.00094EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.58 views

CVE-2024-35846

In the Linux kernel, the following vulnerability has been resolved: mm: zswap: fix shrinker NULL crash with cgroup_disable=memory Christian reports a NULL deref in zswap that he bisected down to the zswapshrinker. The issue also cropped up in the bug trackers of libguestfs [1]and the Red Hat bugzil...

5.5CVSS6.6AI score0.00018EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.58 views

CVE-2024-35874

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aio_complete() wakeup list_del_init_careful() needs to be the last access to the wait queueentry - it effectively unlocks access. Previously, finish_wait() would see the empty list head and skip takingthe...

5.5CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2024/05/20 10:15 a.m.58 views

CVE-2024-36001

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix the pre-flush when appending to a file in writethrough mode In netfs_perform_write(), when the file is marked NETFS_ICTX_WRITETHROUGHor O_*SYNC or RWF_*SYNC was specified, write-through caching is performedon a buffered ...

6.5AI score0.00084EPSS
CVE
CVE
added 2024/05/30 4:15 p.m.58 views

CVE-2024-36900

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix kernel crash when devlink reload during initialization The devlink reload process will access the hardware resources,but the register operation is done before the hardware is initialized.So, processing the devlink re...

6.6AI score0.00033EPSS
Total number of security vulnerabilities10741