Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2025/05/01 2:15 p.m.58 views

CVE-2025-37767

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Prevent division by zero The user can set any speed value.If speed is greater than UINT_MAX/8, division by zero is possible. Found by Linux Verification Center (linuxtesting.org) with SVACE.

6.6AI score0.00036EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.58 views

CVE-2025-37786

In the Linux kernel, the following vulnerability has been resolved: net: dsa: free routing table on probe failure If complete = true in dsa_tree_setup(), it means that we are the lastswitch of the tree which is successfully probing, and we should besetting up all switches from our probe path. After...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.58 views

CVE-2025-37817

In the Linux kernel, the following vulnerability has been resolved: mcb: fix a double free bug in chameleon_parse_gdd() In chameleon_parse_gdd(), if mcb_device_register() fails, 'mdev'would be released in mcb_device_register() via put_device().Thus, goto 'err' label and free 'mdev' again causes a d...

6.6AI score0.00036EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.58 views

CVE-2025-37884

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix deadlock between rcu_tasks_trace and event_mutex. Fix the following deadlock:CPU A_free_event()perf_kprobe_destroy()mutex_lock(&event_mutex)perf_trace_event_unreg()synchronize_rcu_tasks_trace() There are several paths wher...

7AI score0.00027EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.58 views

CVE-2025-37886

In the Linux kernel, the following vulnerability has been resolved: pds_core: make wait_context part of q_info Make the wait_context a full part of the q_info struct ratherthan a stack variable that goes away after pdsc_adminq_post()is done so that the context is still available after the waitloop ...

6.8AI score0.00026EPSS
CVE
CVE
added 2025/05/29 2:15 p.m.58 views

CVE-2025-37995

In the Linux kernel, the following vulnerability has been resolved: module: ensure that kobject_put() is safe for module type kobjects In 'lookup_or_create_module_kobject()', an internal kobject is createdusing 'module_ktype'. So call to 'kobject_put()' on error handlingpath causes an attempt to us...

6.5AI score0.00035EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.57 views

CVE-2001-0316

Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.

4.6CVSS5.4AI score0.00274EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.57 views

CVE-2002-0060

IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.

7.5CVSS6.7AI score0.03326EPSS
CVE
CVE
added 2003/08/07 4:0 a.m.57 views

CVE-2003-0501

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

2.1CVSS5.4AI score0.00223EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.57 views

CVE-2005-2457

The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.

5CVSS5.2AI score0.04853EPSS
CVE
CVE
added 2005/08/12 4:0 a.m.57 views

CVE-2005-2548

vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd.

5CVSS6.2AI score0.01836EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.57 views

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.57 views

CVE-2005-3107

fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.

2.1CVSS5.5AI score0.00091EPSS
CVE
CVE
added 2006/01/31 7:3 p.m.57 views

CVE-2006-0482

Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.

2.1CVSS5.1AI score0.00066EPSS
CVE
CVE
added 2006/10/05 4:4 a.m.57 views

CVE-2006-5158

The nlmclnt_mark_reclaim in clntlock.c in NFS lockd in Linux kernel before 2.6.16 allows remote attackers to cause a denial of service (process crash) and deny access to NFS exports via unspecified vectors that trigger a kernel oops (null dereference) and a deadlock.

7.5CVSS7.1AI score0.03256EPSS
CVE
CVE
added 2006/12/14 8:28 p.m.57 views

CVE-2006-6304

The do_coredump function in fs/exec.c in the Linux kernel 2.6.19 sets the flag variable to O_EXCL but does not use it, which allows context-dependent attackers to modify arbitrary files via a rewrite attack during a core dump.

7.5CVSS7AI score0.01115EPSS
CVE
CVE
added 2007/01/12 11:28 p.m.57 views

CVE-2006-6921

Unspecified versions of the Linux kernel allow local users to cause a denial of service (unrecoverable zombie process) via a program with certain instructions that prevent init from properly reaping a child whose parent has died.

2.1CVSS5.8AI score0.00058EPSS
CVE
CVE
added 2007/02/24 12:28 a.m.57 views

CVE-2006-7051

The sys_timer_create function in posix-timers.c for Linux kernel 2.6.x allows local users to cause a denial of service (memory consumption) and possibly bypass memory limits or cause other processes to be killed by creating a large number of posix timers, which are allocated in kernel memory but ar...

4.9CVSS6.4AI score0.00119EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.57 views

CVE-2008-3535

Off-by-one error in the iov_iter_advance function in mm/filemap.c in the Linux kernel before 2.6.27-rc2 allows local users to cause a denial of service (system crash) via a certain sequence of file I/O operations with readv and writev, as demonstrated by testcases/kernel/fs/ftest/ftest03 from the L...

4.9CVSS4.9AI score0.00047EPSS
CVE
CVE
added 2008/10/06 7:54 p.m.57 views

CVE-2008-4445

The sctp_auth_ep_set_hmacs function in net/sctp/auth.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, does not verify that the identifier index is within the bounds established by SCTP_AUTH_HMAC_ID_MAX,...

4.7CVSS4.7AI score0.00179EPSS
CVE
CVE
added 2009/06/04 4:30 p.m.57 views

CVE-2009-1914

The pci_register_iommu_region function in arch/sparc/kernel/pci_common.c in the Linux kernel before 2.6.29 on the sparc64 platform allows local users to cause a denial of service (system crash) by reading the /proc/iomem file, related to uninitialized pointers and the request_resource function.

4.9CVSS4.2AI score0.00087EPSS
CVE
CVE
added 2020/02/12 2:15 p.m.57 views

CVE-2012-0810

The int3 handler in the Linux kernel before 3.3 relies on a per-CPU debug stack, which allows local users to cause a denial of service (stack corruption and panic) via a crafted application that triggers certain lock contention.

5.5CVSS5.6AI score0.00049EPSS
CVE
CVE
added 2013/02/18 11:56 a.m.57 views

CVE-2012-5374

The CRC32C feature in the Btrfs implementation in the Linux kernel before 3.8-rc1 allows local users to cause a denial of service (extended runtime of kernel code) by creating many different files whose names are associated with the same CRC32C hash value.

4CVSS5.7AI score0.00043EPSS
CVE
CVE
added 2013/04/24 7:55 p.m.57 views

CVE-2013-1958

The scm_check_creds function in net/core/scm.c in the Linux kernel before 3.8.6 does not properly enforce capability requirements for controlling the PID value associated with a UNIX domain socket, which allows local users to bypass intended access restrictions by leveraging the time interval durin...

1.9CVSS6.2AI score0.00039EPSS
CVE
CVE
added 2013/11/20 1:19 p.m.57 views

CVE-2013-4588

Multiple stack-based buffer overflows in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 2.6.33, when CONFIG_IP_VS is used, allow local users to gain privileges by leveraging the CAP_NET_ADMIN capability for (1) a getsockopt system call, related to the do_ip_vs_get_ctl function, or (2) a ...

7CVSS6.6AI score0.00051EPSS
CVE
CVE
added 2014/04/01 6:35 a.m.57 views

CVE-2013-7348

Double free vulnerability in the ioctx_alloc function in fs/aio.c in the Linux kernel before 3.12.4 allows local users to cause a denial of service (system crash) or possibly have unspecified other impact via vectors involving an error condition in the aio_setup_ring function.

4.6CVSS7.6AI score0.00053EPSS
CVE
CVE
added 2014/06/23 11:21 a.m.57 views

CVE-2014-4157

arch/mips/include/asm/thread_info.h in the Linux kernel before 3.14.8 on the MIPS platform does not configure _TIF_SECCOMP checks on the fast system-call path, which allows local users to bypass intended PR_SET_SECCOMP restrictions by executing a crafted application without invoking a trace or audi...

4.6CVSS7.8AI score0.00044EPSS
CVE
CVE
added 2017/02/06 6:59 a.m.57 views

CVE-2016-10153

The crypto scatterlist API in the Linux kernel 4.9.x before 4.9.6 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash or memory corruption) or possibly have unspecified other impact by leveraging reliance on earlier net/ceph/c...

7.8CVSS7.6AI score0.00086EPSS
CVE
CVE
added 2017/04/12 10:59 p.m.57 views

CVE-2016-5856

Drivers/soc/qcom/spcom.c in the Qualcomm SPCom driver in the Android kernel 2017-03-05 allows local users to gain privileges, a different vulnerability than CVE-2016-5857.

7.6CVSS6.8AI score0.0005EPSS
CVE
CVE
added 2017/06/14 1:29 p.m.57 views

CVE-2017-0648

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High due to the possibility of a local permanent device compromise, which may require reflashing the opera...

9.3CVSS7.3AI score0.00195EPSS
CVE
CVE
added 2019/11/29 5:15 p.m.57 views

CVE-2019-19378

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.

7.8CVSS7.2AI score0.00839EPSS
CVE
CVE
added 2019/04/11 3:29 p.m.57 views

CVE-2019-3837

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the mem...

6.1CVSS6.3AI score0.00093EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.57 views

CVE-2021-47088

In the Linux kernel, the following vulnerability has been resolved: mm/damon/dbgfs: protect targets destructions with kdamond_lock DAMON debugfs interface iterates current monitoring targets in'dbgfs_target_ids_read()' while holding the corresponding'kdamond_lock'. However, it also destructs the mo...

7CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.57 views

CVE-2021-47132

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sk_forward_memory corruption on retransmission MPTCP sk_forward_memory handling is a bit special, as such fieldis protected by the msk socket spin_lock, instead of the plainsocket lock. Currently we have a code path upda...

7.1CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.57 views

CVE-2021-47133

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ====================unreferenced object 0xffff88810228ada0 (size 32):comm "insmod", pid 3968, jiffies 4295056001 (age 775.792...

5.5CVSS6.4AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47227

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Prevent state corruption in __fpu__restore_sig() The non-compacted slowpath uses __copy_from_user() and copies the entireuser buffer into the kernel buffer, verbatim. This means that the kernelbuffer may now contain entire...

5.5CVSS7.1AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47243

In the Linux kernel, the following vulnerability has been resolved: sch_cake: Fix out of bounds when parsing TCP options and header The TCP option parser in cake qdisc (cake_get_tcpopt andcake_tcph_may_drop) could read one byte out of bounds. When the lengthis 1, the execution flow gets into the lo...

7.1CVSS6.7AI score0.00116EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47244

In the Linux kernel, the following vulnerability has been resolved: mptcp: Fix out of bounds when parsing TCP options The TCP option parser in mptcp (mptcp_get_options) could read one byteout of bounds. When the length is 1, the execution flow gets into theloop, reads one byte of the opcode, and if...

6.2CVSS6.2AI score0.00072EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47290

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 ("scsi: target: core:Make completion affinity configurable") makes target_complete_cmd() queuework on a CPU based on se_tpg-...

5.5CVSS6.5AI score0.00083EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47306

In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fza_probe fp is netdev private data and it cannot beused after free_netdev() call. Using fp after free_netdev()can cause UAF bug. Fix it by moving free_netdev() after error message. TURBOchannel adapter")

7.8CVSS6.7AI score0.00097EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: arch_topology: Avoid use-after-free for scale_freq_data Currently topology_scale_freq_tick() (which gets called fromscheduler_tick()) may end up using a pointer to "structscale_freq_data", which was previously cleared bytopology_cl...

7.8CVSS6.8AI score0.00086EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.57 views

CVE-2021-47322

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix an Oops in pnfs_mark_request_commit() when doing O_DIRECT Fix an Oopsable condition in pnfs_mark_request_commit() when we'reputting a set of writes on the commit list to reschedule them after afailed pNFS attempt.

7.8CVSS6.6AI score0.00042EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.57 views

CVE-2021-47447

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a3xx: fix error handling in a3xx_gpu_init() These error paths returned 1 on failure, instead of a negative errorcode. This would lead to an Oops in the caller. A second problem isthat the check for "if (ret != -ENODATA)" di...

6.6AI score0.00017EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.57 views

CVE-2021-47554

In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, thiscould happen when an error occurs before initializing the iova_domainin vdpasim_create(). BUG: kernel NULL point...

5.5CVSS6.6AI score0.00017EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.57 views

CVE-2021-47561

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C busand/or memory corruptions in the guest since the device can still beoperating on the buffers it was given while the guest has ...

6.6AI score0.00059EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.57 views

CVE-2021-47577

In the Linux kernel, the following vulnerability has been resolved: io-wq: check for wq exit after adding new worker task_work We check IO_WQ_BIT_EXIT before attempting to create a new worker, andwq exit cancels pending work if we have any. But it's possible to havea race between the two, where cre...

6.5AI score0.00021EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.57 views

CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and thatcould result in an out of bounds read if "offset > dev->config_size".The problem is that since both ...

7.1CVSS8AI score0.0002EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.57 views

CVE-2022-48641

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix memory leak when blob is malformed The bug fix was incomplete, it "replaced" crash with a memory leak.The old code had an assignment to "ret" embedded into the conditional,restore this.

5.5CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.57 views

CVE-2022-48723

In the Linux kernel, the following vulnerability has been resolved: spi: uniphier: fix reference count leak in uniphier_spi_probe() The issue happens in several error paths in uniphier_spi_probe().When either dma_get_slave_caps() or devm_spi_register_master() returnsan error code, the function forg...

5.5CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.57 views

CVE-2022-48806

In the Linux kernel, the following vulnerability has been resolved: eeprom: ee1004: limit i2c reads to I2C_SMBUS_BLOCK_MAX Commit effa453168a7 ("i2c: i801: Don't silently correct invalid transfersize") revealed that ee1004_eeprom_read() did not properly limit howmany bytes to read at once. In parti...

6.4AI score0.00117EPSS
Total number of security vulnerabilities10741