Lucene search
K
LinuxLinux Kernel

14403 matches found

CVE
CVE
added 2024/04/04 8:20 a.m.89 views

CVE-2024-26789

CVE-2024-26789 concerns the Linux kernel crypto path for ARM64 AES-CTR. The bit-sliced NEON implementation could perform out-of-bounds reads when processing short inputs or tail blocks that do not align to 128-byte blocks, because it would jump into the plain NEON helper which handles memory in 1...

7.1CVSS6.4AI score0.00226EPSS
CVE
CVE
added 2024/05/17 2:47 p.m.89 views

CVE-2024-35856

CVE-2024-35856 affects the Linux kernel Bluetooth btusb mediatek component. The root cause is a double-free of the skb buffer in the coredump path, where hci_devcd_append() frees the skb on error, potentially leading to a double-free if the caller also frees it. The issue is triggered locally and...

7.8CVSS6.7AI score0.00248EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.89 views

CVE-2024-35879

CVE-2024-35879 affects the Linux kernel’s dynamic handling of device trees: synchronization of of_changeset_destroy() with devlink removals in the OF stack. The issue arises during a two-step sequence (1) of_platform_depopulate() destroying devices and removing devlinks, then (2) of_overlay_remov...

5.5CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.89 views

CVE-2024-35903

The CVE-2024-35903 entry: In the Linux kernel, x86/bpf: Fix IP after emitting call depth accounting. The issue adjusts the IP passed to emit_patch to compute the correct offset for a CALL when x86_call_depth_emit_accounting emits code; without this, instructions may be skipped and the system coul...

5.5CVSS6.7AI score0.0021EPSS
CVE
CVE
added 2024/05/20 9:41 a.m.89 views

CVE-2024-35968

CVE-2024-35968 concerns the Linux kernel driver path in the pds_core module. The issue arises when fw_status == 0xff and the driver attempts a PCI reset via pci_reset_function() from the health thread, which can deadlock because pdsc_stop_health_thread() tries to stop/flush that thread. The publi...

5.5CVSS6.6AI score0.0015EPSS
CVE
CVE
added 2024/05/30 3:28 p.m.89 views

CVE-2024-36888

CVE-2024-36888 : Linux kernel workqueue wake_cpu selection bug fixed by masking targeted CPU with cpu_online_mask via cpumask_any_and_distribute() to avoid arch_vcpu_is_preempted() on offline CPUs. Affected trace shows oops during multi-CPU bring-up when cpu_possible_mask=0-63 and cpu_online_mask...

6.2CVSS7.3AI score0.00237EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.89 views

CVE-2024-38557

CVE-2024-38557 affects the Linux kernel mlx5/YAML path handling. The issue arises in net/mlx5 when a lag (Link Aggregation) disable/enable sequence reloads representors: the code reloads all representors for the bond’s slaves, and a failure during slave representor load can unload all representor...

5.5CVSS7.1AI score0.00183EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.89 views

CVE-2024-38571

CVE-2024-38571 affects the Linux kernel tsens (thermal/drivers/tsens). Root cause: compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) is invoked from calibrate_8960() (tsens-8960.c), which can dereference a NULL pointer if DEBUG or DYNAMIC_DEBUG is set. The bug is fixed by adding a NULL pointe...

5.5CVSS7.1AI score0.00228EPSS
CVE
CVE
added 2024/07/12 12:32 p.m.89 views

CVE-2024-40969

CVE-2024-40969 (Linux kernel, f2fs) is confirmed to affect the f2fs shutdown path. The root cause is that shutdown does not verify the thaw error when the filesystem is read-only, which can lead to a deadlock during shutdown (via s b_start_write, set RO, and then thaw). The available connected do...

5.5CVSS7AI score0.00218EPSS
CVE
CVE
added 2024/08/17 9:9 a.m.89 views

CVE-2024-42317

The CVE-2024-42317 issue affects the Linux kernel mm/huge_memory path on ARM64 with 64KB base pages. It stems from xarray not supporting arbitrary page cache sizes beyond MAX_PAGECACHE_ORDER, which can allow a 512 MB page cache in the collapsing path and triggers a warning when splitting an xarra...

5.5CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.89 views

CVE-2024-45001

CVE-2024-45001 affects the Linux kernel, specifically the MANA (Microsoft Azure Network Adapter) driver. The issue lies in RX buffer alloc_size alignment used when creating SKB via napi_build_skb(), where skb_shinfo(skb) is located at the end of the SKB. Incorrect alignment on ARM64 can cause ato...

5.5CVSS6.1AI score0.00236EPSS
CVE
CVE
added 2024/09/27 12:39 p.m.89 views

CVE-2024-46838

CVE-2024-46838 affects the Linux kernel. The issue arises in userfaultfd when khugepaged yanks a page table, where previous BUG_ON() checks were incorrect after allowing retracting page tables in file mappings without the mmap lock. The fix removes these BUG_ON()s (and associated early block) to ...

5.5CVSS5.2AI score0.00234EPSS
CVE
CVE
added 2024/10/21 6:1 p.m.89 views

CVE-2024-49873

CVE-2024-49873 : In the Linux kernel, memfd_pin_folios with THP-backed memory may panic or cause a NULL-pointer dereference when the requested start offset is not aligned to a huge page boundary. The issue arises because filemap_get_folios_contig could load a folio that is a sibling and then fail...

5.5CVSS5.3AI score0.002EPSS
CVE
CVE
added 2024/12/27 2:51 p.m.89 views

CVE-2024-56618

CVE-2024-56618 : In the Linux kernel, the pmdomain: imx: gpcv2 handshake delay caused a kernel panic when the handshake ended early. The fix involves waiting longer after the handshake (udelay) due to BUS clock enablement being handled by a separate driver; the observed data suggested udelay(10) ...

5.5CVSS6.3AI score0.0017EPSS
CVE
CVE
added 2025/01/19 11:52 a.m.89 views

CVE-2024-57928

CVE-2024-57928 (Linux kernel) : The vulnerability is in netfs buffered reads. When netfs_read_to_pagecache() encounters an error from either ->prepare_read() or netfs_prepare_read_iterator(), it must decrement ->nr_outstanding, cancel the subrequest, and break the issuing loop. The patch fi...

7.1CVSS6.5AI score0.00227EPSS
CVE
CVE
added 2025/02/27 8:0 p.m.89 views

CVE-2025-21798

CVE-2025-21798 concerns the Linux kernel FireWire kunit test. The vulnerability arises when kunit_kzalloc() returns NULL and test_state is dereferenced without a NULL check, potentially causing a NULL pointer dereference. A fix adds a NULL check for test_state to prevent dereferencing a NULL poin...

5.5CVSS6.5AI score0.00203EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.89 views

CVE-2025-23154

CVE-2025-23154 concerns the Linux kernel’s io_uring path. The issue arises from io_req_post_cqe being used for non-multishot requests, enabling abuse via a send bundle in io_uring/net. The fix adds a flag to indicate whether a request will post multiple CQEs; multishot (REQ_F_APOLL_MULTISHOT) sem...

5.5CVSS6.9AI score0.00165EPSS
CVE
CVE
added 2025/05/08 6:26 a.m.89 views

CVE-2025-37826

CVE-2025-37826 pertains to the Linux kernel, specifically the SCSI: UFS core. The root cause is a missing NULL check on the hwq pointer returned by ufshcd_mcq_req_to_hwq(), which can occur in ufshcd_mcq_compl_pending_transfer(). The available connected documents describe a patch that adds a NULL ...

5.5CVSS6.7AI score0.00152EPSS
CVE
CVE
added 2025/05/09 6:45 a.m.89 views

CVE-2025-37888

Technical details for CVE-2025-37888 are not provided in the supplied documents; only a high-level description of the Linux kernel fix is shown. Please monitor for vendor advisories for affected products and remediation.

5.5CVSS6.6AI score0.00228EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.89 views

CVE-2025-38005

CVE-2025-38005 : In the Linux kernel, the vulnerability stems from a missing locking in the TI k3-udma DMA engine path (udma_start in udma_check_tx_completion). The issue was observed as a warning trace in recent kernels and is resolved by a patch that adds the missing locking (see commits such a...

5.5CVSS6.5AI score0.0017EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.89 views

CVE-2025-38037

The CVE-2025-38037 issue affects the Linux kernel’s VXLAN FDB handling. The root cause is a data race where the FDB entry’s fields used and updated may be concurrently accessed by multiple threads, triggering KCSAN reports in vxlan_xmit paths. The fix is to annotate these accesses with READ_ONCE(...

5.5CVSS6.2AI score0.00182EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.89 views

CVE-2025-38062

Summary of CVE-2025-38062: The Linux kernel vulnerability affects the MSI/IOMMU path used for translating MSI addresses. The root cause is a use-after-free-like risk due to storing a cookie pointer (IOVA) in the MSI descriptor across two stages of MSI address translation, which can be race-condit...

5.5CVSS6.1AI score0.00152EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.89 views

CVE-2025-38065

CVE-2025-38065 affects the Linux kernel (orangefs) where a 32-bit truncation occurs because len is stored as size_t from i_size_read(), potentially truncating file sizes to 4 GiB. Exploitation is described as local in the CVE metrics. The vulnerability is addressed by kernel fixes referenced in c...

5.5CVSS6.5AI score0.00171EPSS
CVE
CVE
added 2025/07/03 7:44 a.m.89 views

CVE-2025-38094

CVE-2025-38094 (Linux kernel, macb deadlock) Fix for a possible deadlock in the macb driver under cadence when THALT is high and TGO remains high. The issue occurred in contexts with interrupts disabled, where jiffies were not updated and the loop wouldn’t exit, potentially locking a sama5d4 devi...

5.5CVSS6.6AI score0.00126EPSS
CVE
CVE
added 2025/07/03 7:44 a.m.89 views

CVE-2025-38095

CVE-2025-38095 concerns the Linux kernel dma-buf memory barrier ordering: smp_store_mb() currently inserts a memory barrier after storing, which can lead to a NULL pointer dereference if memory updates reorder. The vulnerability is fixed by ensuring the barrier is inserted before updating num_fen...

5.5CVSS6.6AI score0.00167EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.89 views

CVE-2025-38127

CVE-2025-38127 affects the Linux kernel in the ice driver’s XDP path. When loading an XDP program, the callback can create new Tx queues and must update the Tx scheduler accordingly. A bug left some changes from the XDP preparation unrolled if the Tx scheduler failed, causing a crash (observed tr...

5.5CVSS7.1AI score0.00157EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.89 views

CVE-2025-38146

CVE-2025-38146 affects the Linux kernel net/openvswitch MPLS parsing. The issue can cause a dead loop when MPLS label stacks wrap, with a UBSAN array-index-out-of-bounds (index -1) in key_extract_l3l4 and related stack traces, potentially leading to soft lockup/CPU stall. A fix for the MPLS parse...

7.8CVSS7.2AI score0.00174EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.89 views

CVE-2025-38218

CVE-2025-38218 affects the Linux kernel’s F2FS file system. The vulnerability stems from a faulty sanity check on sit_bitmap_size that can lead to an out-of-bounds access in sit_bitmap when resizing an image, causing a kernel panic during mount. The root cause described is sit_i->bitmap_size b...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/07/25 12:47 p.m.89 views

CVE-2025-38369

CVE-2025-38369 affects the Linux kernel DMA engine idxd path. Under certain container configurations running IDXD workloads with /dev mounted can trigger a call trace or kernel panic when the parent process of the container is terminated. Root cause described: Docker’s mount replication propagati...

7.8CVSS6.3AI score0.00154EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.89 views

CVE-2025-38386

The CVE-2025-38386 entry relates to ACPICA in the Linux kernel. Root cause: AML/ACPICA could crash via use-after-free when a platform firmware update increased method parameter counts and callers weren’t updated. Fix: ACPICA now refuses to evaluate a method if the caller passes fewer arguments th...

5.5CVSS6.4AI score0.00166EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.89 views

CVE-2025-38445

CVE-2025-38445 covers a Linux kernel issue in md/raid1 where raid1_reshape allocated a mempool on the stack and assigned it to conf->r1bio_pool, causing conf->r1bio_pool.wait.head to reference a stack address. Subsequent access in raid1_read_request/raid1_write_request paths could trigger a...

7.1CVSS6.2AI score0.00165EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.89 views

CVE-2025-38488

CVE-2025-38488 affects the Linux kernel SMB client path (crypt_message) where async crypto could lead to use-after-free when hardware accelerators return -EINPROGRESS. The issue arose after CVE-2024-50047 fixed async handling for all operations but hardware offload could still complete asynchrono...

7.8CVSS7.7AI score0.00278EPSS
CVE
CVE
added 2025/08/22 1:1 p.m.89 views

CVE-2025-38617

CVE-2025-38617 concerns a Linux kernel race in the packet networking path (net/packet) between packet_set_ring() and packet_notifier(). When po->bind_lock is temporarily released during ring setup, a concurrent NETDEV_UP event could be processed by packet_notifier(), risking inconsistent socke...

4.7CVSS6.5AI score0.00288EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.88 views

CVE-2000-0506

The CVE refers to the Linux kernel capabilities feature prior to 2.2.16. Local users can cause a denial of service or gain privileges by manipulating capabilities to prevent a setuid program from dropping privileges. The provided documents do not include exploit details or a specified fix/patch i...

10CVSS6.8AI score0.11396EPSS
CVE
CVE
added 2004/05/05 4:0 a.m.88 views

CVE-2004-0394

CVE-2004-0394 concerns a potential buffer overflow in the panic() function of Linux 2.4.x. The description explicitly indicates a possible overflow, but notes it may not be exploitable due to the function’s behavior. The connected OpenVAS entries reference this CVE among broader kernel advisories...

2.1CVSS6.5AI score0.0049EPSS
CVE
CVE
added 2004/07/06 4:0 a.m.88 views

CVE-2004-0496

The CVE-2004-0496 entry refers to multiple local vulnerabilities in the Linux kernel 2.6, distinct from CVE-2004-0495, discovered via Sparse. Connected sources (Gentoo GLSA advisories GLSA-200407-02 and GLSA-200407-16, OpenVAS NASLs, and NVD/NVD-style listings) corroborate that CAN-2004-0496 conc...

7.2CVSS6.5AI score0.00393EPSS
CVE
CVE
added 2005/09/14 4:0 a.m.88 views

CVE-2005-2490

CVE-2005-2490 describes a stack-based buffer overflow in the Linux kernel 2.6 sendmsg() path prior to 2.6.13.1. Local users could cause arbitrary code execution by calling sendmsg and altering message contents in another thread. Public sources in the connected documents corroborate the vulnerabil...

4.6CVSS5.9AI score0.00555EPSS
CVE
CVE
added 2005/09/26 4:0 a.m.88 views

CVE-2005-3055

CVE-2005-3055 affects the Linux kernel 2.6.8 through 2.6.14-rc2. A local user-space process can issue a USB Request Block (URB) to a USB device and terminate before completion, causing a stale pointer reference and potential kernel OOPS/Denial of Service. Public sources in connected docs confirm ...

2.1CVSS4.9AI score0.00452EPSS
CVE
CVE
added 2005/10/20 4:0 a.m.88 views

CVE-2005-3272

CVE-2005-3272 affects the Linux kernel prior to 2.6.12. The issue lets remote attackers poison the bridge forwarding table with frames that have already been dropped by filtering, causing the bridge to forward spoofed packets. The vulnerability stems from how bridge/frame filtering handling inter...

5CVSS5.7AI score0.03112EPSS
CVE
CVE
added 2006/08/21 9:0 p.m.88 views

CVE-2006-4093

CVE-2006-4093 affects Linux kernel 2.x on PowerPC PPC970: HID0 attention enable at boot time can crash the kernel (denial of service). Vulnerable: 2.6.x up to 2.6.17.9 and 2.4.x up to 2.4.33.1. Exploitation details are not provided in the initial documents, but multiple advisories (e.g., RHSA, SU...

4.9CVSS7AI score0.00459EPSS
CVE
CVE
added 2006/12/20 2:0 a.m.88 views

CVE-2006-4814

CVE-2006-4814 is a mincore-related Linux kernel vulnerability restricted to older kernels (before 2.4.33.6) where access to user space was not properly locked, potentially causing a system hang (deadlock). Public sources in connected advisories confirm this CVE as part of multiple kernel updates,...

4.6CVSS5.1AI score0.00982EPSS
CVE
CVE
added 2006/12/02 2:0 a.m.88 views

CVE-2006-5751

CVE-2006-5751 concerns the Linux kernel (pre-2.6.18.4) where an integer overflow in get_fdb_entries (net/bridge/br_ioctl.c) allows a local user to trigger arbitrary code execution by supplying a large maxnum in an ioctl. The issue is rooted in kernel networking bridge ioctl handling and could ena...

7.2CVSS7.4AI score0.00457EPSS
CVE
CVE
added 2007/11/09 6:0 p.m.88 views

CVE-2007-5904

The CVE-2007-5904 issue is a kernel vulnerability in the CIFS VFS of the Linux 2.6.23 and earlier kernels. It involves multiple buffer overflows triggered by long SMB responses in the SendReceive function, enabling a remote attacker to cause a crash and, potentially, arbitrary code execution. Pub...

6.8CVSS7.4AI score0.02378EPSS
CVE
CVE
added 2008/11/05 2:51 p.m.88 views

CVE-2008-3527

CVE-2008-3527 affects the Linux kernel (arch/i386/sysenter/vDSO). The vulnerability stems from missing boundary checks in vDSO install_special_mapping, syscall, and syscall32_nopage in the Linux kernel prior to 2.6.21, permitting local users to gain privileges or cause a denial of service. Affect...

4.6CVSS5.5AI score0.00377EPSS
CVE
CVE
added 2008/11/17 11:0 p.m.88 views

CVE-2008-5025

CVE-2008-5025: Linux kernel before 2.6.28-rc1 suffers a stack-based buffer overflow in hfs_cat_find_brec() within fs/hfs/catalog.c when processing an HFS image with an invalid catalog namelength, enabling memory corruption or a system crash and a DoS. The MiracleLinux advisory and related OpenVAS...

7.8CVSS5.5AI score0.02947EPSS
CVE
CVE
added 2009/11/02 3:0 p.m.88 views

CVE-2009-3624

CVE-2009-3624 affects the Linux kernel KEYS subsystem. The get_instantiation_keyring function in security/keys/keyctl.c fails to properly maintain the reference count of a keyring when a keyring is not specified by ID, enabling a local attacker to gain privileges or trigger a denial of service (O...

4.6CVSS6.8AI score0.00372EPSS
CVE
CVE
added 2010/05/07 6:23 p.m.88 views

CVE-2010-1451

CVE-2010-1451 affects the SPARC build of the Linux kernel prior to 2.6.33, where TSB I-TLB load handling in arch/sparc/kernel/tsb.S fails to correctly obtain the _PAGE_EXEC_4U bit, resulting in an incompletely implemented non-executable stack. This could allow context-dependent local attackers to...

2.1CVSS6.6AI score0.00517EPSS
CVE
CVE
added 2010/09/08 7:0 p.m.88 views

CVE-2010-2960

CVE-2010-2960 affects Linux kernel 2.6.35.4 and earlier: the keyctl_session_to_parent function assumes a parent session keyring exists, allowing local users to cause a NULL pointer dereference and system crash (denial of service) via a KEYCTL_SESSION_TO_PARENT argument. Root cause pertains to ses...

7.8CVSS7.5AI score0.00506EPSS
CVE
CVE
added 2010/11/29 3:0 p.m.88 views

CVE-2010-4076

CVE-2010-4076 affects Linux kernel 2.6.36.1 and earlier. The rs_ioctl function in drivers/char/amiserial.c does not initialize a structure member, enabling local users to read potentially sensitive information from kernel stack memory via TIOCGICOUNT. A fix is to apply the kernel update that addr...

1.9CVSS6.6AI score0.0033EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.88 views

CVE-2010-4648

CVE-2010-4648 affects the Linux kernel wireless orinoco driver (orinoco_ioctl_set_auth in drivers/net/wireless/orinoco/wext.c) prior to 2.6.37, where TKIP protection was not correctly implemented. This could allow a remote attacker to read Wi‑Fi frames and gain access to the network. The issue is...

3.3CVSS5.7AI score0.0153EPSS
Total number of security vulnerabilities14403