Lucene search
K
LinuxLinux Kernel

14403 matches found

CVE
CVE
added 2025/06/18 11:3 a.m.89 views

CVE-2022-50139

CVE-2022-50139 affects the Linux kernel’s usb: aspeed-vhub component. The root cause is a refcount leak in ast_vhub_init_desc() caused by not releasing a reference from of_get_child_by_name(). The fix is to call of_node_put() on that reference. This remediation prevents the refcount from being in...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2024/04/28 1:0 p.m.88 views

CVE-2022-48648

Technical details (affected software, versions, root cause, impact, and fixes) for CVE-2022-48648 are not provided in the supplied documents. Monitor vendor advisories and CVE entries for updates.

5.5CVSS6.4AI score0.00226EPSS
CVE
CVE
added 2024/05/03 3:5 p.m.88 views

CVE-2022-48692

CVE-2022-48692 concerns a Linux kernel issue where RDMA/srp code could dereference a NULL scmnd pointer. The vulnerability arises from not guarding scmnd->result when scmnd is NULL, leading to a kernel NULL pointer dereference that was repro'd by blktests srp/007. The connected Astra Linux bul...

5.5CVSS6.2AI score0.00225EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.88 views

CVE-2022-48721

CVE-2022-48721 affects the Linux kernel net/smc: when SMC is used and a fallback to TCP occurs, some waitqueue entries previously inserted into smc_socket->wq may remain. After fallback, data flows over TCP and only clcsock->wq is woken, so applications (e.g., epoll) may miss wakeups for th...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.88 views

CVE-2022-48809

In CVE-2022-48809, the Linux kernel fixes a memory leak in net handling when uncloning an skb destination and its metadata. The root cause is that the uncloned dst+metadata is initialized with refcount 1 and briefly increased to 2 before attachment, leaving a path where the refcount cannot drop t...

5.5CVSS6.8AI score0.00282EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.88 views

CVE-2022-48823

CVE-2022-48823 affects the Linux kernel SCSI qedf driver. The issue is a refcount bug triggered when a LOGO is received during a TMF, which can cause an I/O to hang in the qedf driver. The provided connected advisories confirm the root cause (refcount during TMF/LOGO) and note that a fix was impl...

5.5CVSS6.7AI score0.00281EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.88 views

CVE-2022-48935

CVE-2022-48935 is a Linux kernel flaw in netfilter nf_tables where flowtable hooks were not unregistered on net namespace exit, causing a use-after-free (KASAN) in nf_hook_entries_grow. The issue arises when nf_tables_flowtable_destroy() does not unregister hooks promptly, leading to UAF in flowt...

5.5CVSS7AI score0.00204EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.88 views

CVE-2022-49144

CVE-2022-49144 pertains to the Linux kernel io_uring subsystem. The issue stems from a memory-leak when registering files: if there are no files to process in __io_sqe_files_scm(), the code frees resources but forgets to restore the uid, leading to a leak. The connected documents confirm this exa...

5.5CVSS5.4AI score0.00249EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.88 views

CVE-2022-49162

The CVE-2022-49162 issue affects the Linux kernel’s fbdev sm712fb driver. When the sm712fb driver writes three bytes to the framebuffer, it could crash with a page fault due to an endianness fixup path that was open-coded. The fix is to remove the open-coded endianness fixup code (kernel patching...

5.5CVSS6.5AI score0.00259EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.88 views

CVE-2022-49191

Concrete details found: CVE-2022-49191 affects the Linux kernel mxser code path, where xmit_buf leaks in activate() when LSR == 0xff and ->shutdown() is not called on failure, leaving the buffer unfreed. The fix adds a proper free path to a designated label and ensures the code jumps there fro...

5.5CVSS5.5AI score0.00259EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.88 views

CVE-2022-49240

The CVE-2022-49240 issue is in the Linux kernel ASoC: mediatek mt8195 driver. The of_parse_phandle() call returns a device_node with refcount incremented, but of_node_put() is not invoked in the error path, causing a refcount leak; a fix ensures of_node_put() is called on the device_node in error...

5.5CVSS5.4AI score0.00209EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.88 views

CVE-2022-49246

CVE-2022-49246 affects the Linux kernel, specifically ASoC: atmel: snd_proto_probe. The issue is a refcount leak: of_parse_phandle() returns a device_node with refcount incremented, but of_node_put() was only called in the regular path, not in error paths. The fix ensures of_node_put() is called ...

5.5CVSS5.4AI score0.00245EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.88 views

CVE-2022-49270

CVE-2022-49270 : In the Linux kernel, a use-after-free can occur in dm_cleanup_zoned_dev() if it is not called before blk_cleanup_disk() proceeds through its cleanup path (blk_cleanup_disk->blk_cleanup_queue()->kobject_put()->blk_release_queue()->…->blk_free_queue_rcu()). This raci...

7.8CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.88 views

CVE-2022-49274

CVE-2022-49274 concerns an ocfs2 quota crash when mounting with quotas enabled in the Linux kernel. The connected Astra Linux entry reproduces the issue and provides the same symptom set and stack trace context. The root cause is that during dqi_gqlock initialization, the related dqi_type and dqi...

5.5CVSS5.2AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.88 views

CVE-2022-49424

CVE-2022-49424 is a Linux kernel issue in the Mediatek IOMMU driver. The root cause is a NULL pointer dereference when printing dev_name due to larbdev being NULL during probe (mtk_iommu_probe_device). The crash can occur in device_link_add() and is triggered by an incorrect DTS input. The public...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.88 views

CVE-2022-49427

The CVE pertains to the Linux kernel’s MTK IOMMU driver. After a patch (mtk_iommu_remove) removing clk_disable and relying on a runtime clock-control callback, the clock is now managed by runtime, eliminating the previous disable path. This addresses a warning trace seen when unbinding the MTK IO...

5.5CVSS5.4AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.88 views

CVE-2022-49435

CVE-2022-49435 concerns the Linux kernel, in the mfd: davinci_voicecodec path. It fixes a potential null-pointer dereference in the davinci_vc_probe() flow if platform_get_resource() returns NULL. The workaround changes the code to use the resource only after devm_ioremap_resource() performs a NU...

5.5CVSS6.5AI score0.00247EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.88 views

CVE-2022-49475

The connected advisories confirm CVE-2022-49475 affects the Linux kernel in the spi-fsl-qspi driver, where a missing check of the resource returned by platform_get_resource_byname() can lead to a NULL pointer dereference. The root cause is not validating the resource handle before use, causing a ...

5.5CVSS5.4AI score0.00275EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.88 views

CVE-2022-49480

Technical details for CVE-2022-49480 are not publicly available in the provided documents; no affected products, root cause, impact, or remediation details are given here. Monitor for updates.

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.88 views

CVE-2022-49488

In CVE-2022-49488, the Linux kernel subsystem drm/msm/mdp5 is affected. The root cause is that mdp5_get_global_state could return the error -EDEADLK while acquiring the modeset lock, but mdp5_mixer_release did not propagate this error, risking a NULL dereference. The mitigation is a patch to have...

5.5CVSS5.5AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.88 views

CVE-2022-49533

CVE-2022-49533 affects Linux kernel ath11k: the scan_req_params buffer could overflow when copying SSIDs for active probe requests due to a mismatch (16 SSIDs reported vs 10 slots in scan_req_params). The fix aligns the firmware-supported capacity (16 SSIDs, 4 BSSIDs per SSID) with driver limits ...

5.5CVSS7AI score0.00265EPSS
CVE
CVE
added 2025/02/26 2:14 a.m.88 views

CVE-2022-49551

The CVE-2022-49551 issue in the Linux kernel relates to usb: isp1760, where a loop over HC_FIELD_MAX reads regmap fields causing a global out-of-bounds access. The dynamically sized arrays isp1760_hc_reg_fields[], isp1763_hc_reg_fields[], isp1763_hc_volatile_ranges[], and isp1763_dc_volatile_rang...

7.1CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/03/27 4:42 p.m.88 views

CVE-2022-49741

In the Linux kernel, CVE-2022-49741 affects the fbdev smscufx driver by faulty error handling in ufx_usb_probe, which the advisory and connected Nessus/NASL records describe as causing a memory leak (unreferenced object in ufx_usb_probe). The issue is tied to the ufx_usb_probe error path, includi...

5.5CVSS6.5AI score0.00178EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.88 views

CVE-2022-49768

In CVE-2022-49768 for the Linux kernel, the 9p/trans_fd/p9_conn_cancel path had a double-lock issue detected by syzbot. The fix is to drop the client lock earlier, after requests have been moved off to the local list, avoiding the double-lock scenario. This resolves the issue and is described as ...

5.5CVSS6.5AI score0.00126EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.88 views

CVE-2022-49794

CVE-2022-49794 affects the Linux kernel IIO ADC driver (iio: adc: at91_adc). The issue is a potential memory leak in at91_adc_allocate_trigger where, if iio_trigger_register() returns an error, the driver should free the trigger reference via iio_trigger_free() and then release memory with iio_tr...

5.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.88 views

CVE-2022-49809

CVE-2022-49809 affects the Linux kernel in the x25 subsystem (net/x25). The vulnerability arises in x25_lapb_receive_frame() where skb_copy() is used to obtain a private copy of skb; if the new skb is not freed in the undersized/fragmented skb error handling path, a memory leak occurs. The provid...

5.5CVSS6.4AI score0.00166EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.88 views

CVE-2022-49825

CVE-2022-49825 — Linux kernel (libata-transport) In ata_tport_add(), the return value of transport_add_device() is not checked, which can lead to a NULL pointer dereference during module removal when transport_remove_device() is called for a device that was not added. The vulnerability is resolve...

5.5CVSS6.3AI score0.00183EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.88 views

CVE-2022-49879

CVE-2022-49879 affects the Linux kernel ext4 code. A corrupted directory entry where rec_len is invalid (not a multiple of 4) can cause a kernel BUG() in ext4_rec_len_to_disk() called from make_indexed_dir(). The fix adds a validation step via ext4_check_dir_entry(), returning -EFSCORRUPTED for i...

5.5CVSS6.3AI score0.00185EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.88 views

CVE-2022-49881

CVE-2022-49881 – Linux kernel wifi cfg80211 memory leak in query_regdb_file() Root cause: in query_regdb_file(), the alpha2 data is duplicated with kmemdup() and freed in regdb_fw_cb(), but request_firmware_nowait() may fail and skip regdb_fw_cb(), leaking memory. The connected advisories confirm...

5.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.88 views

CVE-2022-49916

CVE-2022-49916 covers a NULL pointer dereference in the Linux kernel’s Rose protocol path (rose_send_frame). The issue surfaces when rose_loopback_neigh's neigh->dev is NULL, causing access to neigh->dev->dev_addr and triggering a NULL dereference in rose_send_frame (rose_link.c: rose_se...

5.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.88 views

CVE-2022-49979

Summary: CVE-2022-49979 affects the Linux kernel related to a refcount bug in sk_psock_get when transitioning from TCP to SMC during a connect fallback. The root cause is a mismatch in how smc and psock reuse the sk_user_data field, causing a refcount warning during shutdown. Technical details fr...

5.5CVSS6.7AI score0.00205EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.88 views

CVE-2022-50076

CVE-2022-50076 concerns the Linux kernel CIFS implementation: a memory leak in the deferred close path has been fixed. The description from multiple sources (NVD entry and connected advisories) shows the issue manifests as a kmemleak report during SMB2/xfstests (xfstests on smb21 report kmemleak)...

5.5CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.88 views

CVE-2022-50079

CVE-2022-50079 affects the Linux kernel’s DRM AMD display driver (DCN303). The issue is a boundary check error in drm/amd/display where eng_id for DCN303 must not exceed 1, since there are only two stream-encoder instances. The root cause is an incorrect boundary condition that could allow an out...

7.1CVSS6.7AI score0.00223EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.88 views

CVE-2022-50088

CVE-2022-50088 affects the Linux kernel’s damon_reclaim_init() path. The function allocates a ctx via damon_new_ctx(); if damon_select_ops() fails, the ctx is not released, causing a memory leak. The documented fix releases the ctx with damon_destroy_ctx() when damon_select_ops() fails. Connected...

5.5CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.88 views

CVE-2022-50196

In the Linux kernel, the vulnerability CVE-2022-50196 affects the soc: qcom: ocmem path. It stems from a refcount leak in of_parse_phandle() where the returned node pointer’s refcount isn’t released; a missing of_node_put() caused the leak. The fix adds a proper of_node_put() on the node when it ...

5.5CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2024/05/17 2:24 p.m.88 views

CVE-2023-52682

CVE-2023-52682 is a Linux kernel vulnerability affecting the f2fs file system. The issue occurs when an inode is compressed but not encrypted, where the code misses calling f2fs_wait_on_block_writeback() to wait for GCed page writeback in the IPU write path, allowing out-of-order GC and IO to cau...

7.1CVSS6.8AI score0.0023EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.88 views

CVE-2023-52705

CVE-2023-52705 is a kernel vulnerability affecting the nilfs2 filesystem code in Linux. The issue is an underflow/incorrect boundary calculation in NILFS_SB2_OFFSET_BYTES that computes the position of the second superblock, which can underflow when the device size is smaller than 4096 bytes. This...

5.5CVSS6.7AI score0.00252EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.88 views

CVE-2023-52826

CVE-2023-52826 : In the Linux kernel, a null pointer dereference in the DRM panel path was addressed. Specifically, in drm/panel/panel-tpo-tpg110, tpg110_get_modes() previously assigned the return value of drm_mode_duplicate() to mode and did not check for failure, risking an NP dereference on NU...

5.5CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.88 views

CVE-2023-52838

CVE-2023-52838 – Linux kernel fbdev: imsttfb resource leak (probe) . The issue arises when init_imstt() fails and the code does not call iounmap(par->cmap_regs), leading to a resource leak in probe. The vulnerability is addressed by rewriting the error handling to ensure iounmap(par->cmap_r...

6.2CVSS6.5AI score0.00252EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.88 views

CVE-2023-52912

CVE-2023-52912 relates to the Linux kernel’s DRM amdgpu subsystem. The issue arises during unloading of amdgpu where a bug in drm_buddy_free_block can trigger a kernel BUG and invalid opcode, as shown in the stack trace and kernel log snippet. The impact is a potentially local disruption of a sys...

5.5CVSS6.5AI score0.00205EPSS
CVE
CVE
added 2025/03/27 4:37 p.m.88 views

CVE-2023-52928

CVE-2023-52928 concerns the Linux kernel’s BPF verifier. According to connected sources, the issue arises from the verifier’s handling of invalid kfunc calls in backtrack_insn, where such an instruction could be captured by fixup_kfunc_call() and, if not eliminated by DCE, trigger a warning in ba...

5.5CVSS6.7AI score0.00229EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.88 views

CVE-2023-52992

CVE-2023-52992 affects the Linux kernel; the vulnerability exists in BPF’s send_signal_common path where a task with pid=1 can trigger a kernel panic (kernel: “Attempted to kill init!”). A fix was applied to skip pid=1 in bpf_send_signal_common(), preventing this panic. Impact is local, with pote...

5.5CVSS6.4AI score0.00246EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.88 views

CVE-2023-53081

CVE-2023-53081 affects the Linux kernel’s ocfs2 function. When a buffered write fails to copy data into the page cache, ocfs2_write_end_nolock() zeroes the page and dirties it, which can leave a dirty page beyond EOF. If writeback occurs before i_size is expanded, the page can reach an inconsiste...

7.8CVSS6.8AI score0.00175EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.88 views

CVE-2023-53106

CVE-2023-53106 is a Linux kernel use-after-free in the NFC st-nci driver (ndlc_remove) caused by a race between scheduled work (llt_ndlc_sm_work) and driver removal. The race may allow use-after-free of ndlc->ndev during ndlc_rcv_queue/nci_recv_frame, affecting both st_nci_i2c_remove and st_nc...

7.8CVSS6.6AI score0.0017EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.88 views

CVE-2023-53109

CVE-2023-53109 : Linux kernel vulnerability in net: tunnels where IP tunnels may update dev->needed_headroom in the xmit path, causing a data race (KCSAN) in ip_tunnel_xmit and related paths. The patch annotates lockless accesses to dev->needed_headroom for three tunnels’ xmit paths and als...

5.5CVSS6.6AI score0.00166EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.88 views

CVE-2023-53118

CVE-2023-53118 affects the Linux kernel SCSI subsystem: a regression in host procfs directory removal in the core SCSI layer. The vulnerable code path centers on scsi_proc_hostdir_rm(), which decreases a reference counter and must be invoked only once per host removal. The issue is resolved by th...

5.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.88 views

CVE-2023-53123

The CVE-2023-53123 issue affects Linux kernel on s390 where per-function PCI hot-plugging left stale MMIO resources in the PCI and zpci_bus structures, enabling a use-after-free when a VFs are removed and re-added. The fix removes the individually hot-unplugged PCI function’s resources from the P...

7.8CVSS6.7AI score0.00158EPSS
CVE
CVE
added 2024/04/17 3:59 p.m.88 views

CVE-2024-26910

CVE-2024-26910 – Linux kernel netfilter ipset swap operation is fixed by patch 28628fa9, which resolves a race between swap/destroy and kernel side add/del/test. The issue arose because a synchronize_rcu() added to the swap path slowed it down; the patch moves the synchronization to destroy and u...

4.7CVSS6.1AI score0.00175EPSS
CVE
CVE
added 2024/06/21 11:18 a.m.88 views

CVE-2024-34777

CVE-2024-34777 affects the Linux kernel DMA mapping benchmark path. The issue occurs in the map_benchmark_ioctl() flow when validating node ids; node_possible() can receive an argument outside the valid [0, MAX_NUMNODES-1] range, enabling a KASAN wild-memory-access read in map_benchmark_ioctl (ke...

7.1CVSS6.3AI score0.00217EPSS
CVE
CVE
added 2024/05/17 1:48 p.m.88 views

CVE-2024-35832

CVE-2024-35832 : In the Linux kernel, a memory-management bug in bcachefs caused a local denial of service when unmounting, due to incorrect freeing of snapshots. Specifically, bch_fs::snapshots is allocated with kvzalloc but freed with kvfree, whereas it should be freed with kvfree to avoid a pa...

5.5CVSS6.2AI score0.0018EPSS
Total number of security vulnerabilities14403