Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2024/06/17 6:15 p.m.58 views

CVE-2024-36973

In the Linux kernel, the following vulnerability has been resolved: misc: microchip: pci1xxxx: fix double free in the error handling of gp_aux_bus_probe() When auxiliary_device_add() returns error and then callsauxiliary_device_uninit(), callback functiongp_auxiliary_device_release() calls ida_free...

7.8CVSS6.6AI score0.00021EPSS
CVE
CVE
added 2024/06/24 2:15 p.m.58 views

CVE-2024-37021

In the Linux kernel, the following vulnerability has been resolved: fpga: manager: add owner module and take its refcount The current implementation of the fpga manager assumes that the low-levelmodule registers a driver for the parent device and uses its owner pointerto take the module's refcount....

5.5CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.58 views

CVE-2024-38614

In the Linux kernel, the following vulnerability has been resolved: openrisc: traps: Don't send signals to kernel mode threads OpenRISC exception handling sends signals to user processes on floatingpoint exceptions and trap instructions (for debugging) among others.There is a bug where the trap han...

6.4AI score0.00071EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.58 views

CVE-2024-39464

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but onlywaiting_list and done_list are initialized. notifier_entry was kept'zeroed' leading to an uninitialized list_head.Thi...

5.5CVSS7AI score0.00019EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.58 views

CVE-2024-40908

In the Linux kernel, the following vulnerability has been resolved: bpf: Set run context for rawtp test_run callback syzbot reported crash when rawtp program executed through thetest_run interface calls bpf_get_attach_cookie helper or anyother helper that touches task->bpf_ctx pointer. Setting t...

6.7AI score0.00113EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.58 views

CVE-2024-40926

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: don't attempt to schedule hpd_work on headless cards If the card doesn't have display hardware, hpd_work and hpd_lock areleft uninitialized which causes BUG when attempting to schedule hpd_workon runtime PM resume. Fix...

5.5CVSS6.5AI score0.00047EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.58 views

CVE-2024-41025

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix memory leak in audio daemon attach operation Audio PD daemon send the name as part of the init IOCTL call. Thisname needs to be copied to kernel for which memory is allocated.This memory is never freed which migh...

5.5CVSS6.4AI score0.00039EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.58 views

CVE-2024-42103

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix adding block group to a reclaim list and the unused list during reclaim There is a potential parallel list adding for retrying inbtrfs_reclaim_bgs_work and adding to the unused list. Since the blockgroup is removed from ...

6.8AI score0.00103EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.58 views

CVE-2024-42140

In the Linux kernel, the following vulnerability has been resolved: riscv: kexec: Avoid deadlock in kexec crash path If the kexec crash code is called in the interrupt context, themachine_kexec_mask_interrupts() function will trigger a deadlock whiletrying to acquire the irqdesc spinlock and then d...

5.5CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.58 views

CVE-2024-42142

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: E-switch, Create ingress ACL when needed Currently, ingress acl is used for three features. It is created onlywhen vport metadata match and prio tag are enabled. But active-backuplag mode also uses it. It is independent o...

5.5CVSS6.6AI score0.00048EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42267

In the Linux kernel, the following vulnerability has been resolved: riscv/mm: Add handling for VM_FAULT_SIGSEGV in mm_fault_error() Handle VM_FAULT_SIGSEGV in the page fault path so that we correctlykill the process and we don't BUG() the kernel.

6.6AI score0.00145EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42290

In the Linux kernel, the following vulnerability has been resolved: irqchip/imx-irqsteer: Handle runtime power management correctly The power domain is automatically activated from clk_prepare(). However, oncertain platforms like i.MX8QM and i.MX8QXP, the power-on handling invokessleeping functions...

6.6AI score0.00194EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42320

In the Linux kernel, the following vulnerability has been resolved: s390/dasd: fix error checks in dasd_copy_pair_store() dasd_add_busid() can return an error via ERR_PTR() if an allocationfails. However, two callsites in dasd_copy_pair_store() do not checkthe result, potentially resulting in a NUL...

5.5CVSS6.6AI score0.00048EPSS
CVE
CVE
added 2024/09/11 4:15 p.m.58 views

CVE-2024-45020

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix a kernel verifier crash in stacksafe() Daniel Hodges reported a kernel verifier crash when playing with sched-ext.Further investigation shows that the crash is due to invalid memory accessin stacksafe(). More specifically,...

5.5CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2024/09/13 6:15 a.m.58 views

CVE-2024-46680

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix random crash seen while removing driver This fixes the random kernel crash seen while removing the driver, whenrunning the load/unload test over multiple iterations. modprobe btnxpuart hciconfig hci0 reset...

5.5CVSS5.8AI score0.00039EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.58 views

CVE-2024-46728

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check index for aux_rd_interval before using aux_rd_interval has size of 7 and should be checked. This fixes 3 OVERRUN and 1 INTEGER_OVERFLOW issues reported by Coverity.

5.5CVSS6.2AI score0.00039EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.58 views

CVE-2024-46735

In the Linux kernel, the following vulnerability has been resolved: ublk_drv: fix NULL pointer dereference in ublk_ctrl_start_recovery() When two UBLK_CMD_START_USER_RECOVERY commands are submitted, thefirst one sets 'ubq->ubq_daemon' to NULL, and the second one triggersWARN in ublk_queue_reinit...

5.5CVSS6AI score0.0006EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.58 views

CVE-2024-46749

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btnxpuart: Fix Null pointer dereference in btnxpuart_flush() This adds a check before freeing the rx->skb in flush and closefunctions to handle the kernel crash seen while removing driver after FWdownload fails or bef...

5.5CVSS5.9AI score0.00039EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.58 views

CVE-2024-46796

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix double put of @cfile in smb2_set_path_size() If smb2_compound_op() is called with a valid @cfile and returned-EINVAL, we need to call cifs_get_writable_path() before retrying itas the reference of @cfile was alread...

7.8CVSS7.1AI score0.00048EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.58 views

CVE-2024-46836

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: aspeed_udc: validate endpoint index for ast udc We should verify the bound of the array to assure that hostmay not manipulate the index to point past endpoint array. Found by static analysis.

7.8CVSS7.3AI score0.0005EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.58 views

CVE-2024-49908

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null check for 'afb' in amdgpu_dm_update_cursor (v2) This commit adds a null check for the 'afb' variable in theamdgpu_dm_update_cursor function. Previously, 'afb' was assumed to benull at line 8388, but was us...

5.5CVSS5.2AI score0.00044EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.58 views

CVE-2024-49945

In the Linux kernel, the following vulnerability has been resolved: net/ncsi: Disable the ncsi work before freeing the associated structure The work function can run after the ncsi device is freed, resultingin use-after-free bugs or kernel panic.

5.5CVSS5.3AI score0.00043EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.58 views

CVE-2024-49988

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add refcnt to ksmbd_conn struct When sending an oplock break request, opinfo->conn is used,But freed ->conn can be used on multichannel.This patch add a reference count to the ksmbd_conn structso that it can be freed w...

5.5CVSS5.2AI score0.00046EPSS
CVE
CVE
added 2024/11/08 6:15 a.m.58 views

CVE-2024-50206

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix memory corruption during fq dma init The loop responsible for allocating up to MTK_FQ_DMA_LENGTH buffers mustonly touch as many descriptors, otherwise it ends up corrupting unrelatedmemory. Fix the l...

5.5CVSS5.5AI score0.00036EPSS
CVE
CVE
added 2024/11/19 6:15 p.m.58 views

CVE-2024-53067

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Start the RTC update work later The RTC update work involves runtime resuming the UFS controller. Hence,only start the RTC update work after runtime power management in the UFSdriver has been fully initialized. Thi...

5.5CVSS5.3AI score0.00032EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.58 views

CVE-2024-53216

In the Linux kernel, the following vulnerability has been resolved: nfsd: release svc_expkey/svc_export with rcu_work The last reference for cache_head can be reduced to zero in c_showand e_show(using rcu_read_lock and rcu_read_unlock). Consequently,svc_export_put and expkey_put will be invoked, le...

7.8CVSS6.5AI score0.0003EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.58 views

CVE-2024-56680

In the Linux kernel, the following vulnerability has been resolved: media: intel/ipu6: do not handle interrupts when device is disabled Some IPU6 devices have shared interrupts. We need to handle properlycase when interrupt is triggered from other device on shared irq lineand IPU6 itself disabled. ...

6.6AI score0.00048EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.58 views

CVE-2024-56706

In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creationand is protected by a pair of mutex_lock() and mutex_unlock().After reservation of the PMU hardware t...

6.5AI score0.00015EPSS
CVE
CVE
added 2024/12/29 12:15 p.m.58 views

CVE-2024-56744

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid potential deadlock in f2fs_record_stop_reason() syzbot reports deadlock issue of f2fs as below: ======================================================WARNING: possible circular locking dependency detected6.12.0-r...

5.5CVSS6.9AI score0.00024EPSS
CVE
CVE
added 2025/01/15 1:15 p.m.58 views

CVE-2024-57891

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix invalid irq restore in scx_ops_bypass() While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix racinessin scx_ops_bypass()") forgot to convert an inner rq_unlock_irqrestore() torq_unlock() which could re...

6.5AI score0.00035EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.58 views

CVE-2024-58011

In the Linux kernel, the following vulnerability has been resolved: platform/x86: int3472: Check for adev == NULL Not all devices have an ACPI companion fwnode, so adev might be NULL. Thiscan e.g. (theoretically) happen when a user manually binds one ofthe int3472 drivers to another i2c/platform de...

5.5CVSS6.6AI score0.00027EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.58 views

CVE-2024-58061

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: prohibit deactivating all links In the internal API this calls this is a WARN_ON, but thatshould remain since internally we want to know about bugsthat may cause this. Prevent deactivating all links in thedebugfs wr...

7AI score0.00049EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.58 views

CVE-2024-58097

In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix RCU stall while reaping monitor destination ring While processing the monitor destination ring, MSDUs are reaped from thelink descriptor based on the corresponding buf_id. However, sometimes the driver cannot obta...

5.5CVSS6.6AI score0.00019EPSS
CVE
CVE
added 2025/05/05 3:15 p.m.58 views

CVE-2024-58100

In the Linux kernel, the following vulnerability has been resolved: bpf: check changes_pkt_data property for extension programs When processing calls to global sub-programs, verifier decides whetherto invalidate all packet pointers in current state depending on thechanges_pkt_data property of the g...

7.1AI score0.00025EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.58 views

CVE-2025-21710

In the Linux kernel, the following vulnerability has been resolved: tcp: correct handling of extreme memory squeeze Testing with iperf3 using the "pasta" protocol splicer has revealeda problem in the way tcp handles window advertising in extreme memorysqueeze situations. Under memory pressure, a so...

6.3AI score0.00033EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.58 views

CVE-2025-21734

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix copy buffer page size For non-registered buffer, fastrpc driver copies the buffer andpass it to the remote subsystem. There is a problem with currentimplementation of page size calculation which is not considerin...

6.8AI score0.00049EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.58 views

CVE-2025-21741

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: fix DPE OoB read Fix an out-of-bounds DPE read, limit the number of processed DPEs tothe amount that fits into the fixed-size NDP16 header.

7.1CVSS6.6AI score0.00018EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.58 views

CVE-2025-21827

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that "thedevice lock" is needed when the function is called from places otherthan probe(). This appears ...

7.2AI score0.00031EPSS
CVE
CVE
added 2025/03/06 5:15 p.m.58 views

CVE-2025-21834

In the Linux kernel, the following vulnerability has been resolved: seccomp: passthrough uretprobe systemcall without filtering When attaching uretprobes to processes running inside docker, the attachedprocess is segfaulted when encountering the retprobe. The reason is that now that uretprobe is a ...

7.3AI score0.00031EPSS
CVE
CVE
added 2025/03/27 3:15 p.m.58 views

CVE-2025-21890

In the Linux kernel, the following vulnerability has been resolved: idpf: fix checksums set in idpf_rx_rsc() idpf_rx_rsc() uses skb_transport_offset(skb) while the transport headeris not set yet. This triggers the following warning for CONFIG_DEBUG_NET=y builds. DEBUG_NET_WARN_ON_ONCE(!skb_transpor...

7AI score0.00032EPSS
CVE
CVE
added 2025/03/27 3:15 p.m.58 views

CVE-2025-21892

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix the recovery flow of the UMR QP This patch addresses an issue in the recovery flow of the UMR QP,ensuring tasks do not get stuck, as highlighted by the call trace [1]. During recovery, before transitioning the QP to ...

7AI score0.00038EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.58 views

CVE-2025-21937

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Add check for mgmt_alloc_skb() in mgmt_remote_name() Add check for the return value of mgmt_alloc_skb() inmgmt_remote_name() to prevent null pointer dereference.

5.5CVSS7.2AI score0.00033EPSS
CVE
CVE
added 2025/04/03 8:15 a.m.58 views

CVE-2025-22003

In the Linux kernel, the following vulnerability has been resolved: can: ucan: fix out of bound read in strscpy() source Commit 7fdaf8966aae ("can: ucan: use strscpy() to instead of strncpy()")unintentionally introduced a one byte out of bound read on strscpy()'ssource argument (which is kind of ir...

5.5CVSS7AI score0.00022EPSS
CVE
CVE
added 2025/04/16 11:15 a.m.58 views

CVE-2025-22023

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs arereturned when isoc ring is stopped") in v6.11, the driver didn't skipmissed isochronous TDs when handling Stoppe...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.58 views

CVE-2025-22028

In the Linux kernel, the following vulnerability has been resolved: media: vimc: skip .s_stream() for stopped entities Syzbot reported [1] a warning prompted by a check in call_s_stream()that checks whether .s_stream() operation is warranted for unstartedor stopped subdevs. Add a simple fix in vimc...

6.6AI score0.00027EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.58 views

CVE-2025-22077

In the Linux kernel, the following vulnerability has been resolved: Revert "smb: client: fix TCP timers deadlock after rmmod" This reverts commit e9f2517a3e18a54a3943c098d2226b245d488801. Commit e9f2517a3e18 ("smb: client: fix TCP timers deadlock afterrmmod") is intended to fix a null-ptr-deref in ...

5.2AI score
CVE
CVE
added 2025/04/16 3:16 p.m.58 views

CVE-2025-22122

In the Linux kernel, the following vulnerability has been resolved: block: fix adding folio to bio 4GB folio is possible on some ARCHs, such as aarch64, 16GB hugepageis supported, then 'offset' of folio can't be held in 'unsigned int',cause warning in bio_add_folio_nofail() and IO failure. Fix it b...

6.5AI score0.00031EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.58 views

CVE-2025-22123

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid accessing uninitialized curseg syzbot reports a f2fs bug as below: F2FS-fs (loop3): Stopped filesystem due to reason: 7kworker/u8:7: attempt to access beyond end of deviceBUG: unable to handle page fault for addr...

6.5AI score0.00031EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.58 views

CVE-2025-22125

In the Linux kernel, the following vulnerability has been resolved: md/raid1,raid10: don't ignore IO flags If blk-wbt is enabled by default, it's found that raid write performanceis quite bad because all IO are throttled by wbt of underlying disks,due to flag REQ_IDLE is ignored. And turns out this...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.58 views

CVE-2025-23148

In the Linux kernel, the following vulnerability has been resolved: soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe() soc_dev_attr->revision could be NULL, thus,a pointer check is added to prevent potential NULL pointer dereference.This is similar to the fix in commit ...

6.4AI score0.00036EPSS
Total number of security vulnerabilities10741