Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2016/08/07 9:59 p.m.60 views

CVE-2016-2064

sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c in the MSM QDSP6 audio driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to cause a denial of service (buffer over-read) or possibly have unspecifie...

7.8CVSS7.7AI score0.00241EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.60 views

CVE-2016-4440

arch/x86/kvm/vmx.c in the Linux kernel through 4.6.3 mishandles the APICv on/off state, which allows guest OS users to obtain direct APIC MSR access on the host OS, and consequently cause a denial of service (host OS crash) or possibly execute arbitrary code on the host OS, via x2APIC mode.

7.8CVSS7.8AI score0.00124EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.60 views

CVE-2017-0523

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: N/A. Andro...

7.6CVSS6.7AI score0.00056EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.60 views

CVE-2017-0525

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

7.6CVSS6.6AI score0.0024EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.60 views

CVE-2021-47141

In the Linux kernel, the following vulnerability has been resolved: gve: Add NULL pointer checks when freeing irqs. When freeing notification blocks, we index priv->msix_vectors.If we failed to allocate priv->msix_vectors (see abort_with_msix_vectors)this could lead to a NULL pointer derefere...

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.60 views

CVE-2021-47193

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Fix memory leak during rmmod Driver failed to release all memory allocated. This would lead to memoryleak during driver removal. Properly free memory when the module is removed.

5.5CVSS6.4AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.60 views

CVE-2021-47216

In the Linux kernel, the following vulnerability has been resolved: scsi: advansys: Fix kernel pointer leak Pointers should be printed with %p or %px rather than cast to 'unsignedlong' and printed with %lx. Change %lx to %p to print the hashed pointer.

5.5CVSS6.3AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.60 views

CVE-2021-47294

In the Linux kernel, the following vulnerability has been resolved: netrom: Decrease sock refcount when sock timers expire Commit 63346650c1a9 ("netrom: switch to sock timer API") switched to usesock timer API. It replaces mod_timer() by sk_reset_timer(), anddel_timer() by sk_stop_timer(). Function...

5.5CVSS6.7AI score0.00012EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.60 views

CVE-2021-47360

In the Linux kernel, the following vulnerability has been resolved: binder: make sure fd closes complete During BC_FREE_BUFFER processing, the BINDER_TYPE_FDA objectcleanup may close 1 or more fds. The close operations arecompleted using the task work mechanism -- which means the threadneeds to ret...

5.5CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.60 views

CVE-2021-47369

In the Linux kernel, the following vulnerability has been resolved: s390/qeth: fix NULL deref in qeth_clear_working_pool_list() When qeth_set_online() calls qeth_clear_working_pool_list() to rollback after an error exit from qeth_hardsetup_card(), we are at risk ofaccessing card->qdio.in_q befor...

5.5CVSS7.2AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.60 views

CVE-2021-47413

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: ci_hdrc_imx: Also search for 'phys' phandle When passing 'phys' in the devicetree to describe the USB PHY phandle(which is the recommended way according toDocumentation/devicetree/bindings/usb/ci-hdrc-usb2.txt) thefo...

5.5CVSS6.5AI score0.00016EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.60 views

CVE-2021-47415

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mvm: Fix possible NULL dereference In __iwl_mvm_remove_time_event() check that 'te_data->vif' is NULLbefore dereferencing it.

5.5CVSS6.8AI score0.00015EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.60 views

CVE-2021-47448

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible stall on recvmsg() recvmsg() can enter an infinite loop if the caller provides theMSG_WAITALL, the data present in the receive queue is not sufficient tofulfill the request, and no more data is received by the p...

6.8AI score0.00021EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.60 views

CVE-2021-47460

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix data corruption after conversion from inline format Commit 6dbf7bb55598 ("fs: Don't invalidate page buffers inblock_write_full_page()") uncovered a latent bug in ocfs2 conversionfrom inline inode format to a normal inode...

7AI score0.00048EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.60 views

CVE-2021-47503

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Do not call scsi_remove_host() in pm8001_alloc() Calling scsi_remove_host() before scsi_add_host() results in a crash: BUG: kernel NULL pointer dereference, address: 0000000000000108RIP: 0010:device_del+0x63/0x440Call...

6.2CVSS7.2AI score0.00018EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.60 views

CVE-2021-47510

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix re-dirty process of tree-log nodes There is a report of a transaction abort of -EAGAIN with the followingscript. #!/bin/sh for d in sda sdb; domkfs.btrfs -d single -m single -f /dev/${d}done mount /dev/sda /mnt/testmount...

6.9AI score0.0003EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.60 views

CVE-2021-47523

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix leak of rcvhdrtail_dummy_kvaddr This buffer is currently allocated in hfi1_init(): if (reinit) ret = init_after_reset(dd); else ret = loadtime_init(dd); if (ret) goto done; /* allocate dummy tail memory for all receive...

6.9AI score0.00027EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.60 views

CVE-2021-47554

In the Linux kernel, the following vulnerability has been resolved: vdpa_sim: avoid putting an uninitialized iova_domain The system will crash if we put an uninitialized iova_domain, thiscould happen when an error occurs before initializing the iova_domainin vdpasim_create(). BUG: kernel NULL point...

5.5CVSS6.6AI score0.00017EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.60 views

CVE-2021-47604

In the Linux kernel, the following vulnerability has been resolved: vduse: check that offset is within bounds in get_config() This condition checks "len" but it does not check "offset" and thatcould result in an out of bounds read if "offset > dev->config_size".The problem is that since both ...

7.1CVSS8AI score0.00019EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.60 views

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replacedby kprobe. some instructions may be simulated by constructingassembly functions. therefore, before executing instructi...

6.6AI score0.00058EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.60 views

CVE-2022-48652

In the Linux kernel, the following vulnerability has been resolved: ice: Fix crash by keep old cfg when update TCs more than queues There are problems if allocated queues less than Traffic Classes. Commit a632b2a4c920 ("ice: ethtool: Prohibit improper channel configfor DCB") already disallow settin...

6.6AI score0.00034EPSS
CVE
CVE
added 2024/05/03 6:15 p.m.60 views

CVE-2022-48690

In the Linux kernel, the following vulnerability has been resolved: ice: Fix DMA mappings leak Fix leak, when user changes ring parameters.During reallocation of RX buffers, new DMA mappings are created forthose buffers. New buffers with different RX ring count shouldsubstitute older ones, but thos...

6.5AI score0.00025EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.60 views

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not sameas port id. port id should be derived from chan_info array.So fix this. Without this, its possible that we co...

9.8CVSS9.1AI score0.00084EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.60 views

CVE-2022-48720

In the Linux kernel, the following vulnerability has been resolved: net: macsec: Fix offload support for NETDEV_UNREGISTER event Current macsec netdev notify handler handles NETDEV_UNREGISTER event byreleasing relevant SW resources only, this causes resources leak in caseof macsec HW offload, as th...

6.5AI score0.0004EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.60 views

CVE-2022-48818

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits:74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres")5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_free()...

6.5AI score0.00065EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.60 views

CVE-2022-48855

In the Linux kernel, the following vulnerability has been resolved: sctp: fix kernel-infoleak for SCTP sockets syzbot reported a kernel infoleak [1] of 4 bytes. After analysis, it turned out r->idiag_expires is not initializedif inet_sctp_diag_fill() calls inet_diag_msg_common_fill() Make sure t...

7.1CVSS6.8AI score0.00079EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.60 views

CVE-2022-48890

In the Linux kernel, the following vulnerability has been resolved: scsi: storvsc: Fix swiotlb bounce buffer leak in confidential VM storvsc_queuecommand() maps the scatter/gather list using scsi_dma_map(),which in a confidential VM allocates swiotlb bounce buffers. If the I/Osubmission fails in st...

5.5CVSS6.5AI score0.00036EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.60 views

CVE-2022-48925

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the state is not idle then resolve_prepare_src() should immediatelyfail and no change to global state should happen. However, itunconditionally overwrites the src_...

7.8CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2024/08/22 4:15 a.m.60 views

CVE-2022-48931

In the Linux kernel, the following vulnerability has been resolved: configfs: fix a race in configfs_{,un}register_subsystem() When configfs_register_subsystem() or configfs_unregister_subsystem()is executing link_group() or unlink_group(),it is possible that two processes add or delete list concur...

4.7CVSS6.8AI score0.00037EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.60 views

CVE-2022-48951

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to thefirst channel, meaning it is possible to write out of bounds values to thesecond channel ...

7.8CVSS7.3AI score0.00036EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.60 views

CVE-2022-48971

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix not cleanup led when bt_init fails bt_init() calls bt_leds_init() to register led, but if it fails later,bt_leds_cleanup() is not called to unregister it. This can cause panic if the argument "bluetooth-power" in tex...

5.5CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.60 views

CVE-2022-48985

In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi work_done After calling napi_complete_done(), the NAPIF_STATE_SCHED bit may becleared, and another CPU can start napi thread and access per-CQ variable,cq->work_done. If the other thre...

4.7CVSS4.6AI score0.00035EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.60 views

CVE-2022-48987

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2_bt_timings blanking fieldsin order to avoid integer overflows when userspace passes weird values. But that assumed that use...

5.5CVSS5.2AI score0.00053EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.60 views

CVE-2022-49000

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix PCI device refcount leak in has_external_pci() for_each_pci_dev() is implemented by pci_get_device(). The comment ofpci_get_device() says that it will increase the reference count for thereturned pci_dev and also de...

5.5CVSS5.2AI score0.00072EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.60 views

CVE-2022-49149

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpc_call struct has a timer used to handle various timed eventsrelating to a call. This timer can get started from the packet inputroutines that are run in softirq mode...

5.3AI score0.00061EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.60 views

CVE-2022-49184

In the Linux kernel, the following vulnerability has been resolved: net: sparx5: switchdev: fix possible NULL pointer dereference As the possible failure of the allocation, devm_kzalloc() may return NULLpointer.Therefore, it should be better to check the 'db' in order to preventthe dereference of N...

5.5CVSS5.4AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.60 views

CVE-2022-49186

In the Linux kernel, the following vulnerability has been resolved: clk: visconti: prevent array overflow in visconti_clk_register_gates() This code was using -1 to represent that there was no reset function.Unfortunately, the -1 was stored in u8 so the if (clks[i].rs_id >= 0)condition was alway...

7.8CVSS5.6AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.60 views

CVE-2022-49192

In the Linux kernel, the following vulnerability has been resolved: drivers: ethernet: cpsw: fix panic when interrupt coaleceing is set via ethtool cpsw_ethtool_begin directly returns the result of pm_runtime_get_syncwhen successful.pm_runtime_get_sync returns -error code on failure and 0 on succes...

5.5AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49270

In the Linux kernel, the following vulnerability has been resolved: dm: fix use-after-free in dm_cleanup_zoned_dev() dm_cleanup_zoned_dev() uses queue, so it must be calledbefore blk_cleanup_disk() starts its killing: blk_cleanup_disk->blk_cleanup_queue()->kobject_put()->blk_release_queue(...

7.8CVSS5.3AI score0.00026EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49274

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix crash when mount with quota enabled There is a reported crash when mounting ocfs2 with quota enabled. RIP: 0010:ocfs2_qinfo_lock_res_init+0x44/0x50 [ocfs2]Call Trace:ocfs2_local_read_info+0xb9/0x6f0 [ocfs2]dquot_load_quo...

5.2AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49363

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on block address in f2fs_do_zero_range() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215894 I have encountered a bug in F2FS file system in kernel v5.17. I have uploaded...

6.4AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49457

In the Linux kernel, the following vulnerability has been resolved: ARM: versatile: Add missing of_node_put in dcscb_init The device_node pointer is returned by of_find_compatible_nodewith refcount incremented. We should use of_node_put() to avoidthe refcount leak.

5.5CVSS5.3AI score0.00043EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49628

In the Linux kernel, the following vulnerability has been resolved: net: stmmac: fix leaks in probe These two error paths should clean up before returning.

5.4AI score0.00039EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49645

In the Linux kernel, the following vulnerability has been resolved: drm/panfrost: Fix shrinker list corruption by madvise IOCTL Calling madvise IOCTL twice on BO causes memory shrinker list corruptionand crashes kernel because BO is already on the list and it's added tothe list again, while BO shou...

6.7AI score0.00044EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49681

In the Linux kernel, the following vulnerability has been resolved: xtensa: xtfpga: Fix refcount leak bug in setup In machine_setup(), of_find_compatible_node() will return a nodepointer with refcount incremented. We should use of_node_put() whenit is not used anymore.

5.5CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.60 views

CVE-2022-49696

In the Linux kernel, the following vulnerability has been resolved: tipc: fix use-after-free Read in tipc_named_reinit syzbot found the following issue on: BUG: KASAN: use-after-free in tipc_named_reinit+0x94f/0x9b0net/tipc/name_distr.c:413Read of size 8 at addr ffff88805299a000 by task kworker/1:9...

7.8CVSS5.4AI score0.00026EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.60 views

CVE-2022-49921

In the Linux kernel, the following vulnerability has been resolved: net: sched: Fix use after free in red_enqueue() We can't use "skb" again after passing it to qdisc_enqueue(). This isbasically identical to commit 2f09707d0c97 ("sch_sfb: Also store skblen before calling child enqueue").

7.8CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2023/06/28 12:15 p.m.60 views

CVE-2023-1295

A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622...

7.8CVSS6.8AI score0.0002EPSS
CVE
CVE
added 2023/09/04 3:15 a.m.60 views

CVE-2023-20843

In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340119; Issue ID: ALPS07340119.

4.2CVSS4AI score0.00018EPSS
CVE
CVE
added 2023/06/19 6:15 p.m.60 views

CVE-2023-3312

A vulnerability was found in drivers/cpufreq/qcom-cpufreq-hw.c in cpufreq subsystem in the Linux Kernel. This flaw, during device unbind will lead to double release problem leading to denial of service.

7.5CVSS7.2AI score0.00057EPSS
Total number of security vulnerabilities10926