Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2025/02/27 3:15 a.m.62 views

CVE-2024-58006

In the Linux kernel, the following vulnerability has been resolved: PCI: dwc: ep: Prevent changing BAR size/flags in pci_epc_set_bar() In commit 4284c88fff0e ("PCI: designware-ep: Allow pci_epc_set_bar() updateinbound map address") set_bar() was modified to support dynamicallychanging the backing p...

6.1AI score0.00039EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.62 views

CVE-2024-58019

In the Linux kernel, the following vulnerability has been resolved: nvkm/gsp: correctly advance the read pointer of GSP message queue A GSP event message consists three parts: message header, RPC header,message body. GSP calculates the number of pages to write from thetotal size of a GSP message. T...

6.2AI score0.00039EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.62 views

CVE-2025-21906

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: clean up ROC on failure If the firmware fails to start the session protection, then wedo call iwl_mvm_roc_finished() here, but that won't do anythingat all because IWL_MVM_STATUS_ROC_P2P_RUNNING was never set.Se...

7.1AI score0.00032EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.62 views

CVE-2025-21915

In the Linux kernel, the following vulnerability has been resolved: cdx: Fix possible UAF error in driver_override_show() Fixed a possible UAF problem in driver_override_show() in drivers/cdx/cdx.c This function driver_override_show() is part of DEVICE_ATTR_RW, whichincludes both driver_override_sh...

7.8CVSS6.9AI score0.00023EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.62 views

CVE-2025-21982

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: npcm8xx: Add NULL check in npcm8xx_gpio_fw devm_kasprintf() calls can return null pointers on failure.But the return values were not checked in npcm8xx_gpio_fw().Add NULL check in npcm8xx_gpio_fw(), to handle kern...

5.5CVSS7AI score0.00022EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.62 views

CVE-2025-22032

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7921: fix kernel panic due to null pointer dereference Address a kernel panic caused by a null pointer dereference in themt792x_rx_get_wcid function. The issue arises because the deflink structureis not properly initi...

5.5CVSS6.2AI score0.00022EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.62 views

CVE-2025-22059

In the Linux kernel, the following vulnerability has been resolved: udp: Fix multiple wraparounds of sk->sk_rmem_alloc. __udp_enqueue_schedule_skb() has the following condition: if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf)goto drop; sk->sk_rcvbuf is initialised by net.core.rm...

5.5CVSS6.9AI score0.00022EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.62 views

CVE-2025-37764

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: fix firmware memory leaks Free the memory used to hold the results of firmware image processingwhen the module is unloaded. Fix the related issue of the same memory being leaked if processingof the firmware image f...

6.7AI score0.00025EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.62 views

CVE-2025-37791

In the Linux kernel, the following vulnerability has been resolved: ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll() rpl is passed as a pointer to ethtool_cmis_module_poll(), so the correctsize of rpl is sizeof(*rpl) which should be just 1 byte. Using thepointer size instead ca...

6.4AI score0.00025EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.62 views

CVE-2025-37864

In the Linux kernel, the following vulnerability has been resolved: net: dsa: clean up FDB, MDB, VLAN entries on unbind As explained in many places such as commit b117e1e8a86d ("net: dsa:delete dsa_legacy_fdb_add and dsa_legacy_fdb_del"), DSA is written giventhe assumption that higher layers have b...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/20 11:15 a.m.62 views

CVE-2025-37892

In the Linux kernel, the following vulnerability has been resolved: mtd: inftlcore: Add error check for inftl_read_oob() In INFTL_findwriteunit(), the return value of inftl_read_oob()need to be checked. A proper implementation can befound in INFTL_deleteblock(). The status will be set asSECTOR_IGNO...

6.8AI score0.00049EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.62 views

CVE-2025-38049

In the Linux kernel, the following vulnerability has been resolved: x86/resctrl: Fix allocation of cleanest CLOSID on platforms with no monitors Commit 6eac36bb9eb0 ("x86/resctrl: Allocate the cleanest CLOSID by searching closid_num_dirty_rmid") added logic that causes resctrl to search for the CLO...

5.5CVSS6.6AI score0.00022EPSS
CVE
CVE
added 2004/06/01 4:0 a.m.61 views

CVE-2004-0177

The ext3 code in Linux 2.4.x before 2.4.26 does not properly initialize journal descriptor blocks, which causes an information leak in which in-memory data is written to the device for the ext3 file system, which allows privileged users to obtain portions of kernel memory by reading the raw device.

5CVSS5.7AI score0.01238EPSS
CVE
CVE
added 2004/06/01 4:0 a.m.61 views

CVE-2004-0178

The OSS code for the Sound Blaster (sb16) driver in Linux 2.4.x before 2.4.26, when operating in 16 bit mode, does not properly handle certain sample sizes, which allows local users to cause a denial of service (crash) via a sample with an odd number of bytes.

2.1CVSS5.9AI score0.00079EPSS
CVE
CVE
added 2005/03/01 5:0 a.m.61 views

CVE-2004-0986

Iptables before 1.2.11, under certain conditions, does not properly load the required modules at system startup, which causes the firewall rules to fail to load and protect the system from remote attackers.

7.5CVSS6.3AI score0.01269EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.61 views

CVE-2004-1058

Race condition in Linux kernel 2.6 allows local users to read the environment variables of another process that is still spawning via /proc/.../cmdline.

1.2CVSS7AI score0.00064EPSS
CVE
CVE
added 2005/08/08 4:0 a.m.61 views

CVE-2004-2302

Race condition in the sysfs_read_file and sysfs_write_file functions in Linux kernel before 2.6.10 allows local users to read kernel memory and cause a denial of service (crash) via large offsets in sysfs files.

2.6CVSS7AI score0.00065EPSS
CVE
CVE
added 2005/03/07 5:0 a.m.61 views

CVE-2005-0178

Race condition in the setsid function in Linux before 2.6.8.1 allows local users to cause a denial of service (crash) and possibly access portions of kernel memory, related to TTY changes, locking, and semaphores.

6.2CVSS5.2AI score0.00048EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.61 views

CVE-2005-1041

The fib_seq_start function in fib_hash.c in Linux kernel allows local users to cause a denial of service (system crash) via /proc/net/route.

2.1CVSS5AI score0.0007EPSS
CVE
CVE
added 2005/09/06 5:3 p.m.61 views

CVE-2005-2800

Memory leak in the seq_file implementation in the SCSI procfs interface (sg.c) in Linux kernel 2.6.13 and earlier allows local users to cause a denial of service (memory consumption) via certain repeated reads from the /proc/scsi/sg/devices file, which is not properly handled when the next() iterat...

2.1CVSS4.9AI score0.00159EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.61 views

CVE-2005-3806

The IPv6 flow label handling code (ip6_flowlabel.c) in Linux kernels 2.4 up to 2.4.32 and 2.6 before 2.6.14 modifies the wrong variable in certain circumstances, which allows local users to corrupt kernel memory or cause a denial of service (crash) by triggering a free of non-allocated memory.

6.6CVSS4.8AI score0.00165EPSS
CVE
CVE
added 2006/09/22 9:0 p.m.61 views

CVE-2005-4811

The hugepage code (hugetlb.c) in Linux kernel 2.6, possibly 2.6.12 and 2.6.13, in certain configurations, allows local users to cause a denial of service (crash) by triggering an mmap error before a prefault, which causes an error in the unmap_hugepage_area function.

4.9CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2006/03/07 2:2 a.m.61 views

CVE-2006-0741

Linux kernel before 2.6.15.5, when running on Intel processors, allows local users to cause a denial of service ("endless recursive fault") via unknown attack vectors related to a "bad elf entry address."

1.2CVSS5.6AI score0.00091EPSS
CVE
CVE
added 2006/07/10 7:5 p.m.61 views

CVE-2006-2936

The ftdi_sio driver (usb/serial/ftdi_sio.c) in Linux kernel 2.6.x up to 2.6.17, and possibly later versions, allows local users to cause a denial of service (memory consumption) by writing more data to the serial port than the hardware can handle, which causes the data to be queued.

7.8CVSS7AI score0.10179EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.61 views

CVE-2006-6054

The ext2 file system code in Linux kernel 2.6.x allows local users to cause a denial of service (crash) via an ext2 stream with malformed data structures that triggers an error in the ext2_check_page due to a length that is smaller than the minimum.

4CVSS7AI score0.00061EPSS
CVE
CVE
added 2007/05/14 5:19 p.m.61 views

CVE-2006-7203

The compat_sys_mount function in fs/compat.c in Linux kernel 2.6.20 and earlier allows local users to cause a denial of service (NULL pointer dereference and oops) by mounting a smbfs file system in compatibility mode ("mount -t smbfs").

4CVSS6.9AI score0.00061EPSS
CVE
CVE
added 2008/09/04 5:41 p.m.61 views

CVE-2007-6716

fs/direct-io.c in the dio subsystem in the Linux kernel before 2.6.23 does not properly zero out the dio struct, which allows local users to cause a denial of service (OOPS), as demonstrated by a certain fio test.

5.5CVSS5.1AI score0.00042EPSS
CVE
CVE
added 2017/04/24 6:59 a.m.61 views

CVE-2007-6761

drivers/media/video/videobuf-vmalloc.c in the Linux kernel before 2.6.24 does not initialize videobuf_mapping data structures, which allows local users to trigger an incorrect count value and videobuf leak via unspecified vectors, a different vulnerability than CVE-2010-5321.

7.8CVSS4.7AI score0.00133EPSS
CVE
CVE
added 2008/02/12 9:0 p.m.61 views

CVE-2008-0009

The vmsplice_to_user function in fs/splice.c in the Linux kernel 2.6.22 through 2.6.24 does not validate a certain userspace pointer before dereference, which might allow local users to access arbitrary kernel memory locations.

2.1CVSS5.9AI score0.01003EPSS
CVE
CVE
added 2010/01/27 5:30 p.m.61 views

CVE-2009-4272

A certain Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on Red Hat Enterprise Linux (RHEL) 5 allows remote attackers to cause a denial of service (deadlock) via crafted packets that force collisions in the IPv4 routing hash table, and trigger a routing "emergency" in which a hash ch...

7.8CVSS6.9AI score0.0181EPSS
CVE
CVE
added 2010/01/26 6:30 p.m.61 views

CVE-2010-0006

The ipv6_hop_jumbo function in net/ipv6/exthdrs.c in the Linux kernel before 2.6.32.4, when network namespaces are enabled, allows remote attackers to cause a denial of service (NULL pointer dereference) via an invalid IPv6 jumbogram, a related issue to CVE-2007-4567.

7.1CVSS6.5AI score0.05055EPSS
CVE
CVE
added 2010/06/01 8:30 p.m.61 views

CVE-2010-1641

The do_gfs2_set_flags function in fs/gfs2/file.c in the Linux kernel before 2.6.34-git10 does not verify the ownership of a file, which allows local users to bypass intended access restrictions via a SETFLAGS ioctl request.

4.6CVSS5.3AI score0.00069EPSS
CVE
CVE
added 2013/01/22 11:55 p.m.61 views

CVE-2012-3364

Multiple stack-based buffer overflows in the Near Field Communication Controller Interface (NCI) in the Linux kernel before 3.4.5 allow remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via incoming frames with crafted length fields.

5CVSS7.7AI score0.01565EPSS
CVE
CVE
added 2012/10/03 11:2 a.m.61 views

CVE-2012-3520

The Netlink implementation in the Linux kernel before 3.2.30 does not properly handle messages that lack SCM_CREDENTIALS data, which might allow local users to spoof Netlink communication via a crafted message, as demonstrated by a message to (1) Avahi or (2) NetworkManager.

1.9CVSS6.8AI score0.00062EPSS
CVE
CVE
added 2014/10/13 10:55 a.m.61 views

CVE-2014-7283

The xfs_da3_fixhashpath function in fs/xfs/xfs_da_btree.c in the xfs implementation in the Linux kernel before 3.14.2 does not properly compare btree hash values, which allows local users to cause a denial of service (filesystem corruption, and OOPS or panic) via operations on directories that have...

4.9CVSS5AI score0.0004EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.61 views

CVE-2015-4177

The collect_mounts function in fs/namespace.c in the Linux kernel before 4.0.5 does not properly consider that it may execute after a path has been unmounted, which allows local users to cause a denial of service (system crash) by leveraging user-namespace root access for an MNT_DETACH umount2 syst...

5.5CVSS5.2AI score0.00042EPSS
CVE
CVE
added 2017/02/06 6:59 a.m.61 views

CVE-2017-5546

The freelist-randomization feature in mm/slab.c in the Linux kernel 4.8.x and 4.9.x before 4.9.5 allows local users to cause a denial of service (duplicate freelist entries and system crash) or possibly have unspecified other impact in opportunistic circumstances by leveraging the selection of a la...

7.8CVSS8.1AI score0.00079EPSS
CVE
CVE
added 2017/04/24 11:59 p.m.61 views

CVE-2017-8106

The handle_invept function in arch/x86/kvm/vmx.c in the Linux kernel 3.12 through 3.15 allows privileged KVM guest OS users to cause a denial of service (NULL pointer dereference and host OS crash) via a single-context INVEPT instruction with a NULL EPT pointer.

5.5CVSS5AI score0.00038EPSS
CVE
CVE
added 2018/04/12 6:29 p.m.61 views

CVE-2018-10074

The hi3660_stub_clk_probe function in drivers/clk/hisilicon/clk-hi3660-stub.c in the Linux kernel before 4.16 allows local users to cause a denial of service (NULL pointer dereference) by triggering a failure of resource retrieval.

5.5CVSS5.1AI score0.00038EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.61 views

CVE-2021-47128

In the Linux kernel, the following vulnerability has been resolved: bpf, lockdown, audit: Fix buggy SELinux lockdown permission checks Commit 59438b46471a ("security,lockdown,selinux: implement SELinux lockdown")added an implementation of the locked_down LSM hook to SELinux, with the aimto restrict...

5.5CVSS6.6AI score0.00014EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.61 views

CVE-2021-47174

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo_avx2: Add irq_fpu_usable() check, fallback to non-AVX2 version Arturo reported this backtrace: [709732.358791] WARNING: CPU: 3 PID: 456 at arch/x86/kernel/fpu/core.c:128 kernel_fpu_begin_mask+0xae/0xe0[709...

5.5CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47255

In the Linux kernel, the following vulnerability has been resolved: kvm: LAPIC: Restore guard to prevent illegal APIC register access Per the SDM, "any access that touches bytes 4 through 15 of an APICregister may cause undefined behavior and must not be executed."Worse, such an access in kvm_lapic...

7.1CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47303

In the Linux kernel, the following vulnerability has been resolved: bpf: Track subprog poke descriptors correctly and fix use-after-free Subprograms are calling map_poke_track(), but on program release there is nohook to call map_poke_untrack(). However, on program release, the aux memory(and poke ...

7.8CVSS6.5AI score0.001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47370

In the Linux kernel, the following vulnerability has been resolved: mptcp: ensure tx skbs always have the MPTCP ext Due to signed/unsigned comparison, the expression: info->size_goal - skb->len > 0 evaluates to true when the size goal is smaller than theskb size. That results in lack of tx...

5.5CVSS6.9AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.61 views

CVE-2021-47420

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: fix a potential ttm->sg memory leak Memory is allocated for ttm->sg by kmalloc in kfd_mem_dmamap_userptr,but isn't freed by kfree in kfd_mem_dmaunmap_userptr. Free it!

5.5CVSS6.7AI score0.00026EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.61 views

CVE-2021-47437

In the Linux kernel, the following vulnerability has been resolved: iio: adis16475: fix deadlock on frequency set With commit 39c024b51b560("iio: adis16475: improve sync scale mode handling"), two deadlocks wereintroduced: The call to 'adis_write_reg_16()' was not changed to it's unlockedversion. T...

5.5CVSS6.7AI score0.00011EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.61 views

CVE-2021-47450

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix host stage-2 PGD refcount The KVM page-table library refcounts the pages of concatenated stage-2PGDs individually. However, when running KVM in protected mode, thehost's stage-2 PGD is currently managed by EL2 as a ...

6.6AI score0.00021EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.61 views

CVE-2021-47513

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: Fix memory leak in felix_setup_mmio_filtering Avoid a memory leak if there is not a CPU port defined. Addresses-Coverity-ID: 1492897 ("Resource leak")Addresses-Coverity-ID: 1492899 ("Resource leak")

5.5CVSS6.9AI score0.0002EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.61 views

CVE-2021-47537

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: Fix a memleak bug in rvu_mbox_init() In rvu_mbox_init(), mbox_regions is not freed or passed outunder the switch-default region, which could lead to a memory leak. Fix this bug by changing 'return err' to 'goto free_r...

5.5CVSS7.2AI score0.00017EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.61 views

CVE-2021-47539

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix rxrpc_peer leak in rxrpc_look_up_bundle() Need to call rxrpc_put_peer() for bundle candidate before kfree() as itholds a ref to rxrpc_peer. [DH: v2: Changed to abstract out the bundle freeing code into a function]

6.8AI score0.00022EPSS
Total number of security vulnerabilities10926