Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2013/11/12 2:35 p.m.62 views

CVE-2013-4513

Buffer overflow in the oz_cdev_write function in drivers/staging/ozwpan/ozcdev.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact via a crafted write operation.

4.9CVSS8.6AI score0.00013EPSS
CVE
CVE
added 2013/11/12 2:35 p.m.62 views

CVE-2013-6763

The uio_mmap_physical function in drivers/uio/uio.c in the Linux kernel before 3.12 does not validate the size of a memory block, which allows local users to cause a denial of service (memory corruption) or possibly gain privileges via crafted mmap operations, a different vulnerability than CVE-201...

6.9CVSS6.7AI score0.0007EPSS
CVE
CVE
added 2014/11/10 11:55 a.m.62 views

CVE-2014-7207

A certain Debian patch to the IPv6 implementation in the Linux kernel 3.2.x through 3.2.63 does not properly validate arguments in ipv6_select_ident function calls, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging (1) tun or (2) macvtap...

4.9CVSS6.9AI score0.00087EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.62 views

CVE-2015-2686

net/socket.c in the Linux kernel 3.19 before 3.19.3 does not validate certain range data for (1) sendto and (2) recvfrom system calls, which allows local users to gain privileges by leveraging a subsystem that uses the copy_from_iter function in the iov_iter interface, as demonstrated by the Blueto...

7.8CVSS7.4AI score0.00043EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.62 views

CVE-2015-4178

The fs_pin implementation in the Linux kernel before 4.0.5 does not ensure the internal consistency of a certain list data structure, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 system call, related to fs/fs...

5.5CVSS5.1AI score0.00042EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.62 views

CVE-2017-0510

An elevation of privilege vulnerability in the kernel FIQ debugger could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the o...

9.3CVSS7.1AI score0.00301EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.62 views

CVE-2017-1000377

An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors), specifically the default stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects PAX Linux K...

5.9CVSS5.6AI score0.00076EPSS
CVE
CVE
added 2017/06/28 6:29 a.m.62 views

CVE-2017-9986

The intr function in sound/oss/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of that value, aka a "dou...

7.8CVSS7.6AI score0.00096EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.62 views

CVE-2021-47150

In the Linux kernel, the following vulnerability has been resolved: net: fec: fix the potential memory leak in fec_enet_init() If the memory allocated for cbd_base is failed, it shouldfree the memory allocated for the queues, otherwise it causesmemory leak. And if the memory allocated for the queue...

5.5CVSS6.4AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.62 views

CVE-2021-47197

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: nullify cq->dbg pointer in mlx5_debug_cq_remove() Prior to this patch in case mlx5_core_destroy_cq() failed it proceedsto rest of destroy operations. mlx5_core_destroy_cq() could be called againby user and cause addit...

5.5CVSS6.3AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.62 views

CVE-2021-47215

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: kTLS, Fix crash in RX resync flow For the TLS RX resync flow, we maintain a list of TLS contextsthat require some attention, to communicate their resync informationto the HW.Here we fix list corruptions, by protecting th...

5.5CVSS6.4AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47261

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ fragments buffer The function init_cq_frag_buf() can be called to initialize the current CQfragments buffer cq->buf, or the temporary cq->resize_buf that is filledduring CQ resize operation. Howev...

7.8CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47294

In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to usesock timer API. It replaces mod_timer() by sk_reset_timer(), anddel_timer() by sk_stop_timer(). Function...

5.5CVSS6.7AI score0.00012EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47302

In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor to watch (next_to_watch) when cleaning theTX ring. Failure to do so can cause invalid memory accesses. If igc_poll() runswhile the controller is being reset this...

7.8CVSS6.7AI score0.00005EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47305

In the Linux kernel, the following vulnerability has been resolved: dma-buf/sync_file: Don't leak fences on merge failure Each add_fence() call does a dma_fence_get() on the relevant fence. Inthe error path, we weren't calling dma_fence_put() so all those fencesgot leaked. Also, in the krealloc_arr...

5.5CVSS6.7AI score0.00004EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47325

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Fix arm_smmu_device refcount leak in address translation The reference counting issue happens in several exception handling pathsof arm_smmu_iova_to_phys_hard(). When those error scenarios occur, thefunction forgets...

5.5CVSS6.6AI score0.00023EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47332

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Don't call free_pages_exact() with NULL address Unlike some other functions, we can't pass NULL pointer tofree_pages_exact(). Add a proper NULL check for avoiding possibleOops.

5.5CVSS6.8AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47361

In the Linux kernel, the following vulnerability has been resolved: mcb: fix error handling in mcb_alloc_bus() There are two bugs: If ida_simple_get() fails then this code calls put_device(carrier)but we haven't yet called get_device(carrier) and probably thatleads to a use after free. After device...

7.8CVSS6.8AI score0.00016EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47367

In the Linux kernel, the following vulnerability has been resolved: virtio-net: fix pages leaking when building skb in big mode We try to use build_skb() if we had sufficient tailroom. But we forgetto release the unused pages chained via private in big mode which willleak pages. Fixing this by rele...

5.5CVSS7AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47397

In the Linux kernel, the following vulnerability has been resolved: sctp: break out if skb_header_pointer returns NULL in sctp_rcv_ootb We should always check if skb_header_pointer's return is NULL beforeusing it, otherwise it may cause null-ptr-deref, as syzbot reported: KASAN: null-ptr-deref in r...

5.5CVSS6.7AI score0.00007EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47398

In the Linux kernel, the following vulnerability has been resolved: RDMA/hfi1: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsignedlong long' and printed with %llx. Change %llx to %p to print the securedpointer.

6.6AI score0.00017EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47417

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix memory leak in strset Free struct strset itself, not just its internal parts.

5.5CVSS6.7AI score0.00027EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.62 views

CVE-2021-47422

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau/kms/nv50-: fix file release memory leak When using single_open() for opening, single_release() should becalled, otherwise the 'op' allocated in single_open() will be leaked.

5.5CVSS6.8AI score0.00016EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.62 views

CVE-2021-47463

In the Linux kernel, the following vulnerability has been resolved: mm/secretmem: fix NULL page->mapping dereference in page_is_secretmem() Check for a NULL page->mapping before dereferencing the mapping inpage_is_secretmem(), as the page's mapping can be nullified while gup()is running, e.g....

5.5CVSS6.5AI score0.00032EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.62 views

CVE-2021-47481

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize the ODP xarray when creating an ODP MR Normally the zero fill would hide the missing initialization, but anerrant set to desc_size in reg_create() causes a crash: BUG: unable to handle page fault for address: ...

6.5AI score0.00047EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.62 views

CVE-2021-47499

In the Linux kernel, the following vulnerability has been resolved: iio: accel: kxcjk-1013: Fix possible memory leak in probe and remove When ACPI type is ACPI_SMO8500, the data->dready_trig will not be set, thememory allocated by iio_triggered_buffer_setup() will not be freed, and causememory l...

5.5CVSS6.7AI score0.00014EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.62 views

CVE-2021-47564

In the Linux kernel, the following vulnerability has been resolved: net: marvell: prestera: fix double free issue on err path fix error path handling in prestera_bridge_port_join() thatcases prestera driver to crash (see below). Trace:Internal error: Oops: 96000044 [#1] SMPModules linked in: preste...

7.8CVSS6.7AI score0.00034EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.62 views

CVE-2021-47588

In the Linux kernel, the following vulnerability has been resolved: sit: do not call ipip6_dev_free() from sit_init_net() ipip6_dev_free is sit dev->priv_destructor, already calledby register_netdevice() if something goes wrong. Alternative would be to make ipip6_dev_free() robust againstmultipl...

6.5AI score0.00024EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.62 views

CVE-2022-48657

In the Linux kernel, the following vulnerability has been resolved: arm64: topology: fix possible overflow in amu_fie_setup() cpufreq_get_hw_max_freq() returns max frequency in kHz as unsigned int ,while freq_inv_set_max_ratio() gets passed this frequency in Hz as 'u64'.Multiplying max frequency by...

7.8CVSS6.8AI score0.00019EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.62 views

CVE-2022-48706

In the Linux kernel, the following vulnerability has been resolved: vdpa: ifcvf: Do proper cleanup if IFCVF init fails ifcvf_mgmt_dev leaks memory if it is not freed beforereturning. Call is made to correct return statementso memory does not leak. ifcvf_init_hw does not takecare of this so it is ne...

5.5CVSS6.7AI score0.00042EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.62 views

CVE-2022-48721

In the Linux kernel, the following vulnerability has been resolved: net/smc: Forward wakeup to smc socket waitqueue after fallback When we replace TCP with SMC and a fallback occurs, there may besome socket waitqueue entries remaining in smc socket->wq, suchas eppoll_entries inserted by userspac...

6.6AI score0.0004EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48741

In the Linux kernel, the following vulnerability has been resolved: ovl: fix NULL pointer dereference in copy up warning This patch is fixing a NULL pointer dereference to get a recentlyintroduced warning message working.

5.5CVSS5.2AI score0.00047EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48763

In the Linux kernel, the following vulnerability has been resolved: KVM: x86: Forcibly leave nested virt when SMM state is toggled Forcibly leave nested virtualization operation if userspace toggles SMMstate via KVM_SET_VCPU_EVENTS or KVM_SYNC_X86_EVENTS. If userspaceforces the vCPU out of SMM whil...

6.2AI score0.00052EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.62 views

CVE-2022-48767

In the Linux kernel, the following vulnerability has been resolved: ceph: properly put ceph_string reference after async create attempt The reference acquired by try_prep_async_create is currently leaked.Ensure we put it.

5.3CVSS6.9AI score0.00027EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.62 views

CVE-2022-48777

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix kernel panic on skipped partition In the event of a skipped partition (case when the entry name is empty)the kernel panics in the cleanup function as the name entry is NULL.Rework the parser logic by first c...

5.5CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.62 views

CVE-2022-48814

In the Linux kernel, the following vulnerability has been resolved: net: dsa: seville: register the mdiobus under devres As explained in commits:74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres")5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_fre...

6.7AI score0.00046EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.62 views

CVE-2022-48822

In the Linux kernel, the following vulnerability has been resolved: usb: f_fs: Fix use-after-free for epfile Consider a case where ffs_func_eps_disable is called fromffs_func_disable as part of composition switch and at thesame time ffs_epfile_release get called from userspace.ffs_epfile_release wi...

7.8CVSS7.9AI score0.00029EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.62 views

CVE-2022-48848

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Do not unregister events twice Nicolas reported that using: trace-cmd record -e all -M 10 -p osnoise --poll Resulted in the following kernel warning: ------------[ cut here ]------------WARNING: CPU: 0 PID: 1217 at...

7.8CVSS7.3AI score0.00049EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.62 views

CVE-2022-48860

In the Linux kernel, the following vulnerability has been resolved: ethernet: Fix error handling in xemaclite_of_probe This node pointer is returned by of_parse_phandle() with refcountincremented in this function. Calling of_node_put() to avoid therefcount leak. As the remove function do.

5.5CVSS6.2AI score0.00016EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.62 views

CVE-2022-48916

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix double list_add when enabling VMD in scalable mode When enabling VMD and IOMMU scalable mode, the following kernel paniccall trace/kernel log is shown in Eagle Stream platform (Sapphire RapidsCPU) during booting: pc...

5.5CVSS6.5AI score0.0003EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.62 views

CVE-2022-48970

In the Linux kernel, the following vulnerability has been resolved: af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Wei Chen reported a NULL deref in sk_user_ns() 0 , and Paolo diagnosedthe root cause: in unix_diag_get_exact(), the newly allocated skb does nothave sk. 2 We must get the u...

5.5CVSS4.8AI score0.00073EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49071

In the Linux kernel, the following vulnerability has been resolved: drm/panel: ili9341: fix optional regulator handling If the optional regulator lookup fails, reset the pointer to NULL.Other functions such as mipi_dbi_poweron_reset_conditional() only doa NULL pointer check and will otherwise deref...

5.5CVSS6.5AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49112

In the Linux kernel, the following vulnerability has been resolved: mt76: fix monitor mode crash with sdio driver mt7921s driver may receive frames with fragment buffers. If there is aCTS packet received in monitor mode, the payload is 10 bytes only andneed 6 bytes header padding after RXD buffer. ...

5.3AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49132

In the Linux kernel, the following vulnerability has been resolved: ath11k: pci: fix crash on suspend if board file is not found Mario reported that the kernel was crashing on suspend if ath11k was not ableto find a board file: [ 473.693286] PM: Suspending system (s2idle)[ 473.693291] printk: Suspe...

5.1AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49166

In the Linux kernel, the following vulnerability has been resolved: ntfs: add sanity check on allocation size ntfs_read_inode_mount invokes ntfs_malloc_nofs with zero allocationsize. It triggers one BUG in the __ntfs_malloc function. Fix this by adding sanity check on ni->attr_list_size.

6.5AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49202

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_uart: add missing NULL check in h5_enqueue Syzbot hit general protection fault in __pm_runtime_resume(). The problemwas in missing NULL check. hu->serdev can be NULL and we should not blindly pass &serdev->devs...

6.5AI score0.00057EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49222

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: anx7625: Fix overflow issue on reading EDID The length of EDID block can be longer than 256 bytes, so we should useint instead of u8 for the edid_pos variable.

6.9AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.62 views

CVE-2022-49225

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921s: fix a possible memory leak in mt7921_load_patch Always release fw data at the end of mt7921_load_patch routine.

5.5CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49240

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Fix error handling in mt8195_mt6359_rt1019_rt5682_dev_probe The device_node pointer is returned by of_parse_phandle() with refcountincremented. We should use of_node_put() on it when done. This function only...

5.5CVSS5.4AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.62 views

CVE-2022-49249

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wc938x: fix accessing array out of bounds for enum type Accessing enums using integer would result in array out of bounds accesson platforms like aarch64 where sizeof(long) is 8 compared to enum sizewhich is 4 bytes. ...

6.5AI score0.00041EPSS
Total number of security vulnerabilities10926