Lucene search
K
LinuxLinux Kernel

14403 matches found

CVE
CVE
added 2025/05/09 6:43 a.m.92 views

CVE-2025-37869

CVE-2025-37869 : Linux kernel fix for drm/xe: Use local fence in error path of xe_migrate_clear. The error path previously waited on m->fence (potential UAF) and was only stable under the job mutex. The patch changes to wait on the local fence to prevent the use-after-free. (Cherry-picked from...

7.8CVSS6.5AI score0.00247EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.92 views

CVE-2025-38181

CVE-2025-38181 affects the Linux kernel CALIPSO code path. A NULL pointer dereference could occur in calipso_req_setattr()/calipso_req_delattr() when CALIPSO options are allocated during socket option handling, tied to sk_to_full_sk() and the predicated rsk_listener being NULL after certain synco...

5.5CVSS6.3AI score0.00171EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.91 views

CVE-2024-26709

CVE-2024-26709 (Linux kernel, PowerPC). A refcount leak in spapr_tce_platform_iommu_attach_dev() occurs because iommu_group_put() is not called when the domain is already set, leading to a leak and a BUG_ON() during DLPAR remove on POWER10/pSeries platforms. The connected patch adds the missing i...

5.5CVSS6.4AI score0.00195EPSS
CVE
CVE
added 2024/04/17 3:59 p.m.91 views

CVE-2024-26912

The connected Nessus entry for CVE-2024-26912 provides concrete details: in the Linux kernel, the Nouveau driver leaked several GSP-RM DMA buffers (nvkm_gsp_mem objects) that were never deallocated. Some buffers could be freed soon after GSP-RM initialization, while others remained until driver u...

5.5CVSS6.8AI score0.00193EPSS
CVE
CVE
added 2024/05/17 2:27 p.m.91 views

CVE-2024-35841

CVE-2024-35841 describes a Linux kernel vulnerability in the TLS path (net: tls) related to splice handling with MSG_SPLICE_PAGES. The issue occurs when moving user pages from msg to msg_pl; if more pages are added than MAX_MSG_FRAGS and the MORE flag is used, the code can attempt to re-fill a fu...

5.5CVSS6.9AI score0.00218EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.91 views

CVE-2024-35889

The CVE-2024-35889 entry concerns a Linux kernel vulnerability in the idpf driver where idpf_rx_process_skb_fields could return early for unknown packet types, causing the skb protocol not to be set and potentially triggering a kernel panic (notably when tcpdump is active). The underlying issue i...

5.5CVSS6.5AI score0.00193EPSS
CVE
CVE
added 2024/05/19 8:35 a.m.91 views

CVE-2024-35914

CVE-2024-35914 : In the Linux kernel, the nfsd rename error cleanup path could fail to drop the remount protection after taking an error bail-out, potentially leaving remount protection enabled and risking a deadlock. The cleanup path has been updated to properly drop the remount protection. Affe...

5.5CVSS6.6AI score0.00143EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.91 views

CVE-2024-38554

CVE-2024-38554 describes a Linux kernel AX25 driver issue where a reference-count leak in the net_device object can occur in ax25_dev_device_down when shutting down the device. The leak happens because the reference count may be dropped one or zero times depending on control flow, leading to memo...

5.5CVSS7AI score0.00236EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.91 views

CVE-2024-42155

The CVE-2024-42155 issue affects the Linux kernel on s390 architectures, where the k ey material of protected- or secure-keys should not be visible to the caller. The vulnerability notes that all copies of protected- or secure-keys must be wiped from the stack even if an error occurs. CVSS data p...

1.9CVSS6.5AI score0.00188EPSS
CVE
CVE
added 2024/08/07 3:14 p.m.91 views

CVE-2024-42249

The CVE affects the Linux kernel SPI subsystem. The vulnerability stems from calling spi_maybe_unoptimize_message() in spi_async(), which risks corrupting a message that is likely queued or in use by the controller driver. The proper balancing call already occurs in spi_finalize_current_message()...

3.3CVSS6.5AI score0.00179EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.91 views

CVE-2024-44979

CVE-2024-44979 affects the Linux kernel: drm/xe component (xe_gt_pagefault) mishandled workqueue destruction, leading to potential memory retention on driver reload. A fix was applied to destroy the pagefault and access-counter workqueues, cherry-picked from commit 7586fc52b14e0b8edd0d1f8a434e0de...

5.5CVSS5.2AI score0.00199EPSS
CVE
CVE
added 2024/09/27 12:42 p.m.91 views

CVE-2024-46850

CVE-2024-46850 – Linux kernel drm/amd/display race condition : The issue arises in dcn35_set_drr() when the DC state’s resource context is nulled by dc_state_destruct() while an IRQ path uses the timing generator. The documented root cause is a race where nulling happens after a NULL check, poten...

4.7CVSS4.4AI score0.00168EPSS
CVE
CVE
added 2024/09/27 12:42 p.m.91 views

CVE-2024-46862

CVE-2024-46862 pertains to the Linux kernel ASoC path for Intel soc-acpi-intel-mtl). The issue involved missing handling for an empty item in the snd_soc_acpi_link_adr array; the code tested !link->num_adr as a loop-ending condition, requiring an empty item in the array to terminate correctly....

5.5CVSS5.3AI score0.00177EPSS
CVE
CVE
added 2024/09/27 12:42 p.m.91 views

CVE-2024-46863

CVE-2024-46863 affects the Linux kernel in the ASoC Intel stack (soc-acpi-intel-lnl-match). The issue stems from missing handling for an empty item in the snd_soc_acpi_link_adr array; the loop termination depended on !link->num_adr, but an empty item was required to avoid traversal problems in...

5.5CVSS5.2AI score0.00179EPSS
CVE
CVE
added 2024/12/27 3:6 p.m.91 views

CVE-2024-56673

Technical details about CVE-2024-56673 are not provided in the supplied documents. Monitor for updates from the vendors/security advisories for affected products, fixes, and mitigations.

5.5CVSS6.6AI score0.00183EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.91 views

CVE-2024-57953

CVE-2024-57953 affects the Linux kernel RTC driver (rtc: tps6594). On 32-bit systems a 64-bit tmp variable overflows when calculating tmp = offset * TICKS_PER_HOUR, because offset is a long and TICKS_PER_HOUR is very large (32768*3600). The description states the overflow occurs in tps6594_rtc_se...

5.5CVSS5.5AI score0.0021EPSS
CVE
CVE
added 2025/03/06 4:13 p.m.91 views

CVE-2024-58082

CVE-2024-58082 affects the Linux kernel media nuvoton driver (npcm_video_ece_init). The root cause is improper error handling: when of_find_device_by_node() fails it returns NULL instead of an error code, so the code path should check for NULL and return -ENODEV. The fix implements proper NULL ch...

5.5CVSS7.3AI score0.00168EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.91 views

CVE-2025-37745

CVE-2025-37745 : Linux kernel vulnerability in the hibernate subsystem where a write to /sys/module/hibernate/parameters/compressor could deadlock with ieee80211 device registration. The root cause is a potential deadlock involving system_transition_mutex held under param_lock in hibernate_compre...

5.5CVSS6.5AI score0.00121EPSS
CVE
CVE
added 2025/05/20 3:21 p.m.91 views

CVE-2025-37934

CVE-2025-37934 affects the Linux kernel’s ASoC simple-card-utils, specifically the graph_util_parse_link_direction pointer checks. The issue arises from writing to potentially-invalid pointers when playback_only is absent, causing UBSAN invalid-load warnings (example in imx-card.c). The vulnerabi...

7.8CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.91 views

CVE-2025-38009

CVE-2025-38009 : In the Linux kernel, the wifi driver mt76 initializes and cleans up TX NAPI on removal. A fix disables TX NAPI before deleting the NAPI instance in mt76_dma_cleanup() to prevent a warning observed after commit 9dd05df8403b. The issue arises when driving removal of mt7921e/mt76 dr...

5.5CVSS6.4AI score0.00171EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.91 views

CVE-2025-38190

CVE-2025-38190 affects the Linux kernel ATM path. The issue arises when in the vcc_sendmsg() path, skb->truesize is accounted to sk_wmem_alloc via atm_account_tx(), but the corresponding revert is not performed on copy_from_iter_full() failure, potentially leaking a socket. The fixed approach ...

5.5CVSS6.5AI score0.00164EPSS
CVE
CVE
added 2025/07/09 10:42 a.m.91 views

CVE-2025-38250

In CVE-2025-38250, the Linux kernel Bluetooth vhci_flush() path is affected by a use-after-free when a thread closes a vhci fd while another thread uses the device. The issue stems from a missing synchronization after unlinking hdev from hci_dev_list in hci_unregister_dev(), allowing another thre...

7.8CVSS6.4AI score0.00142EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.91 views

CVE-2025-38332

CVE-2025-38332 (Linux kernel) affects the lpfc SCSI path where BIOSVersion handling could panic due to a misused strlcat/FORTIFY check. The root cause is improper assumptions about buffer sizes, leading to a likely false positive overflow check, and the fix replaces the problematic sequence with ...

5.5CVSS7.1AI score0.00167EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.91 views

CVE-2025-38338

CVE-2025-38338 is a Linux kernel vulnerability affecting NFS read paths. A double-unlock in fs/nfs/read during truncation can cause a deadlock because folio_unlock() may be called twice, incorrectly clearing the PG_locked flag. This can lead to warnings in netfs_read_collection or to processes wa...

7.8CVSS6.3AI score0.00153EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.91 views

CVE-2025-38459

CVE-2025-38459: Linux kernel ATM CLIP module vulnerability causing Denial of Service via infinite recursion in clip_push(). Root cause: second ATMARP_MKIP ioctl triggers recursion when vcc->old_push is used after first call; mitigation implemented by checking vcc->user_back (clip_vcc) and u...

7.8CVSS6.2AI score0.0017EPSS
CVE
CVE
added 2026/04/23 3:11 p.m.91 views

CVE-2026-31533

The CVE-2026-31533 entry concerns a Linux kernel net/tls use-after-free in tls_do_encryption() when crypto_aead_encrypt() returns -EBUSY. The underlying issue is double cleanup of encrypt_pending and the scatterlist entry due to distinct cleanup paths (async callback tls_encrypt_done() vs synchro...

9.8CVSS5.7AI score0.00263EPSS
CVE
CVE
added 2005/01/19 5:0 a.m.90 views

CVE-2005-0001

CVE-2005-0001 describes a race condition in the Linux kernel page fault handler (fault.c) that affects multiprocessor systems. Affected kernel lines include 2.2.x to 2.2.7, 2.4 up to 2.4.29, and 2.6 up to 2.6.10. The vulnerability enables local attackers to execute arbitrary code by exploiting co...

6.9CVSS7.5AI score0.00499EPSS
CVE
CVE
added 2008/07/02 4:0 p.m.90 views

CVE-2008-2826

The vulnerability CVE-2008-2826 is present in the Linux kernel prior to 2.6.25.9, where an integer overflow in sctp_getsockopt_local_addrs_old (net/sctp/socket.c) allows local users to trigger a denial of service through a large addr_num in the sctp_getaddrs_old structure. The issue is mitigated ...

4.9CVSS7AI score0.00429EPSS
CVE
CVE
added 2008/11/05 2:51 p.m.90 views

CVE-2008-4934

The CVE-2008-4934 issue affects the Linux kernel 2.6.x prior to 2.6.28-rc1 in the hfsplus code path. Specifically, hfsplus_block_allocate in fs/hfsplus/bitmap.c fails to verify the return value of read_mapping_page before invoking kmap, enabling a crafted hfsplus filesystem image to trigger a den...

7.8CVSS4.9AI score0.03294EPSS
CVE
CVE
added 2009/08/14 3:0 p.m.90 views

CVE-2009-2691

CVE-2009-2691 affects the Linux kernel (2.6.30.4 and earlier) via the mm_for_maps path in fs/proc/base.c, allowing a local attacker to read maps and smaps files under /proc during ELF loading for a setuid process, due to a race condition. Impact is information exposure (maps/smaps); exploitation ...

2.1CVSS6.3AI score0.00393EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.90 views

CVE-2010-4650

The CVE-2010-4650 issue affects the Linux kernel’s fuse_do_ioctl in fs/fuse/file.c, where a buffer overflow could be exploited by a CUSE server to achieve local denial of service or potential other impact. Multiple connected sources confirm a fix in kernel 2.6.37 and note that exploitation requir...

4.6CVSS6.4AI score0.00386EPSS
CVE
CVE
added 2012/12/21 11:0 a.m.90 views

CVE-2012-5517

CVE-2012-5517 is referenced in multiple advisories. The connected documents confirm a vulnerability in the Linux kernel before 3.6 where the online_pages function in mm/memory_hotplug.c can be abused by local users to cause a denial of service via a NULL pointer dereference when memory hot-added ...

4CVSS7.4AI score0.00387EPSS
CVE
CVE
added 2013/03/14 8:0 p.m.90 views

CVE-2012-6549

The CVE-2012-6549 entry concerns the Linux kernel vulnerability where isofs_export_encode_fh in fs/isofs/export.c did not initialize a structure member, allowing local attackers to read sensitive data from kernel heap memory via a crafted application. Affected: Linux kernel versions prior to 3.6....

1.9CVSS5.4AI score0.00394EPSS
CVE
CVE
added 2013/06/07 10:0 a.m.90 views

CVE-2013-2128

The CVE-2013-2128 issue affects the Linux kernel’s tcp_read_sock() in net/ipv4/tcp.c where skb consumption is not properly managed. This can allow local attackers to trigger a denial of service (system crash) by issuing a crafted splice() on a TCP socket. Evidence appears across multiple advisori...

5.5CVSS4.8AI score0.00368EPSS
CVE
CVE
added 2013/06/07 10:0 a.m.90 views

CVE-2013-2146

CVE-2013-2146 affects the Linux kernel (pre-3.8.9) in the x86 Perf Event subsystem. The vulnerable component is arch/x86/kernel/cpu/perf_event_intel.c, which uses an incorrect bitmask when the Performance Events Subsystem is enabled. Under this condition, a local user can trigger a denial of serv...

4.7CVSS5AI score0.00502EPSS
CVE
CVE
added 2013/04/22 10:0 a.m.90 views

CVE-2013-3224

The CVE-2013-3224 issue affects the Linux kernel’s Bluetooth path: bt_sock_recvmsg in net/bluetooth/af_bluetooth.c before 3.9-rc7 does not fully initialize a length variable, enabling local attackers to leak sensitive data from kernel stack memory via crafted recvmsg/recvfrom calls. Impact is inf...

4.9CVSS5AI score0.00392EPSS
CVE
CVE
added 2013/07/15 8:0 p.m.90 views

CVE-2013-4125

The CVE-2013-4125 issue affects the Linux kernel IPv6 stack: fib6_add_rt2node in net/ipv6/ip6_fib.c (up to and including 3.10.1) mishandles Router Advertisement messages in ECMP scenarios, allowing a remote attacker to crash the system via a crafted sequence of RA messages. Connected advisories (...

5.4CVSS5.8AI score0.04672EPSS
CVE
CVE
added 2015/05/27 10:0 a.m.90 views

CVE-2015-3332

CVE-2015-3332 affects the Linux kernel TCP Fast Open code before 3.18, where a count is not correctly maintained, allowing a local user to crash the system (DoS) via the Fast Open feature. Demonstrated on certain 3.10.x–3.16.x kernels by visiting chrome://flags/#enable-tcp-fast-open. The issue is...

4.9CVSS6.3AI score0.00381EPSS
CVE
CVE
added 2015/08/31 10:0 a.m.90 views

CVE-2015-5706

CVE-2015-5706 is a local-use-after-free vulnerability in the Linux kernel (path_openat in fs/namei.c) affecting 3.x and 4.x before 4.0.4. An attacker can trigger a denial of service (and possibly other impact) via O_TMPFILE filesystem operations that leverage a duplicate cleanup operation. Remedi...

4.6CVSS6AI score0.00436EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.90 views

CVE-2015-7885

CVE-2015-7885 affects the Linux kernel: the dgnc_mgmt_ioctl function in drivers/staging/dgnc/dgnc_mgmt.c does not initialize a certain structure member, enabling a local attacker to read sensitive kernel memory via a crafted application. The issue is scoped to kernels up to version 4.3.3. Connect...

2.3CVSS3AI score0.00443EPSS
CVE
CVE
added 2016/08/06 8:0 p.m.90 views

CVE-2016-6187

CVE-2016-6187 : The Linux kernel before 4.6.5 contains a vulnerability in the AppArmor LSM path. The function apparmor_setprocattr in security/apparmor/lsm.c does not validate the buffer size, enabling a local user to gain privileges by triggering a setprocattr hook. This is a local privilege-esc...

7.8CVSS7.4AI score0.02397EPSS
CVE
CVE
added 2017/11/06 6:0 p.m.90 views

CVE-2017-15306

The CVE-2017-15306 entry concerns the Linux kernel (PowerPC) KVM. The vulnerable component is arch/powerpc/kvm/powerpc.c, specifically the kvm_vm_ioctl_check_extension function. The issue arises when handling the KVM_CHECK_EXTENSION KVM_CAP_PPC_HTM ioctl on /dev/kvm, allowing a local attacker to ...

5.5CVSS5.5AI score0.00394EPSS
Web
CVE
CVE
added 2019/08/19 1:51 a.m.90 views

CVE-2017-18550

CVE-2017-18550 affects Linux kernels up to 4.12: in drivers/scsi/aacraid/commctrl.c, aac_get_hba_info does not initialize hbainfo, exposing kernel stack memory. Severity is low (CVSS v3: 5.5) but local access required. The Unity Nessus advisories reproduce this issue and reference a kernel fix pr...

5.5CVSS5.9AI score0.00542EPSS
CVE
CVE
added 2019/04/04 3:25 p.m.90 views

CVE-2018-20449

CVE-2018-20449 affects the Linux kernel 4.14.90, specifically the hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c. It allows local users to obtain sensitive address information by reading callback= lines in a debugfs file. The issue is evidenced across multiple feeds (NVD, Red Hat, SUSE...

5.5CVSS4.9AI score0.00421EPSS
CVE
CVE
added 2019/03/18 3:2 p.m.90 views

CVE-2019-9857

CVE-2019-9857 affects the Linux kernel up to 5.0.2: inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c omits calling fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), causing a memory leak (refcount leak) and ultimately a denial of service. The connected Nessus/...

5.5CVSS6AI score0.00417EPSS
CVE
CVE
added 2020/09/10 1:39 p.m.90 views

CVE-2020-25221

CVE-2020-25221 affects Linux kernel 5.7.x and 5.8.x before 5.8.7. The vulnerability arises in get_gate_page() implemented in mm/gup.c, due to incorrect reference counting of the backing struct page for the vsyscall page, causing a refcount underflow. It can be triggered by any 64-bit process that...

7.8CVSS7.5AI score0.00668EPSS
CVE
CVE
added 2024/08/22 1:30 a.m.90 views

CVE-2021-4441

Technical details such as affected products, exact root cause, impact, and patch versions are not publicly provided in the provided documents. Monitor for updates.

5.5CVSS6.7AI score0.00225EPSS
CVE
CVE
added 2024/03/04 6:10 p.m.90 views

CVE-2021-47100

CVE-2021-47100 is a Linux kernel vulnerability that causes a use-after-free (UAF) during uninstall of ipmi_si and ipmi_msghandler modules, leading to kernel oops/panic. The issue occurs when rmmod ipmi_si is followed by ipmi_msghandler removal, triggering kref_put cleanup that schedules a work it...

5.5CVSS6.2AI score0.00239EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.90 views

CVE-2021-47114

Technical details about CVE-2021-47114 are not publicly provided in the supplied documents. The sources reference the ocfs2 fallocate data corruption fix but do not specify affected versions, root cause specifics, exploit details, or remediation steps beyond the general description. Monitor for u...

5.5CVSS6.4AI score0.00226EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.90 views

CVE-2021-47122

CVE-2021-47122 refers to a Linux kernel issue in the CAIF stack where, on caif_enroll_dev() failure, the allocated link_support was not assigned to the target structure, leading to a memory leak in caif_device_notify. The fix adds a safe deallocation path to free the allocated pointer when an err...

5.5CVSS6.5AI score0.00228EPSS
Total number of security vulnerabilities14403