Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2024/05/17 1:15 p.m.60 views

CVE-2023-52660

In the Linux kernel, the following vulnerability has been resolved: media: rkisp1: Fix IRQ handling due to shared interrupts The driver requests the interrupts as IRQF_SHARED, so the interrupthandlers can be called at any time. If such a call happens while the ISPis powered down, the SoC will hang ...

6.6AI score0.0005EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.60 views

CVE-2023-52705

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFS_SB2_OFFSET_BYTES, which computes the position of the secondsuperblock, underflows when the argument device size is less than 4096bytes. Therefore, when us...

5.5CVSS6.7AI score0.00028EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.60 views

CVE-2023-52874

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Zero out the missing RSI in TDX_HYPERCALL macro In the TDX_HYPERCALL asm, after the TDCALL instruction returns from theuntrusted VMM, the registers that the TDX guest shares to the VMM needto be cleared to avoid speculativ...

6.7AI score0.00158EPSS
CVE
CVE
added 2024/07/16 10:15 a.m.60 views

CVE-2023-52886

In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix race by not overwriting udev->descriptor in hub_port_init() Syzbot reported an out-of-bounds read in sysfs.c:read_descriptors(): BUG: KASAN: slab-out-of-bounds in read_descriptors+0x263/0x280 drivers/usb/core/sysf...

6.4CVSS7.4AI score0.00144EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.60 views

CVE-2023-52903

In the Linux kernel, the following vulnerability has been resolved: io_uring: lock overflowing for IOPOLL syzbot reports an issue with overflow filling for IOPOLL: WARNING: CPU: 0 PID: 28 at io_uring/io_uring.c:734 io_cqring_event_overflow+0x1c0/0x230 io_uring/io_uring.c:734CPU: 0 PID: 28 Comm: kwo...

5.5CVSS6.9AI score0.00038EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.60 views

CVE-2023-52907

In the Linux kernel, the following vulnerability has been resolved: nfc: pn533: Wait for out_urb's completion in pn533_usb_send_frame() Fix a use-after-free that occurs in hcd when in_urb sent frompn533_usb_send_frame() is completed earlier than out_urb. Its callbackfrees the skb data in pn533_send...

5.5CVSS6.8AI score0.00048EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.60 views

CVE-2023-52985

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fecdriver tries to power down the phy which leads to crash of the kerneland non-responsible kernel with the follo...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.60 views

CVE-2023-53007

In the Linux kernel, the following vulnerability has been resolved: tracing: Make sure trace_printk() can output as soon as it can be used Currently trace_printk() can be used as soon as early_trace_init() iscalled from start_kernel(). But if a crash happens, and"ftrace_dump_on_oops" is set on the ...

6.5AI score0.00035EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.60 views

CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that maylead to use-after-free. For instance, in amdtee_open_session() aftersess->sess_mask is set, and before set...

6.3AI score0.00027EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.60 views

CVE-2023-53057

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: HCI: Fix global-out-of-bounds To loop a variable-length array, hci_init_stage_sync(stage) considersthat stage[i] is valid as long as stage[i-1].func is valid.Thus, the last element of stage[].func should be intentionally...

6.1AI score0.00025EPSS
CVE
CVE
added 2024/02/08 1:15 p.m.60 views

CVE-2024-1312

A use-after-free flaw was found in the Linux kernel's Memory Management subsystem when a user wins two races at the same time with a fail in the mas_prev_slot function. This issue could allow a local user to crash the system.

5.1CVSS4.5AI score0.00022EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.60 views

CVE-2024-26738

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: DLPAR add doesn't completely initialize pci_controller When a PCI device is dynamically added, the kernel oopses with a NULLpointer dereference: BUG: Kernel NULL pointer dereference on read at 0x00000030Fault...

5.5CVSS6.5AI score0.00121EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.60 views

CVE-2024-35858

In the Linux kernel, the following vulnerability has been resolved: net: bcmasp: fix memory leak when bringing down interface When bringing down the TX rings we flush the rings but forget toreclaimed the flushed packets. This leads to a memory leak since wedo not free the dma mapped buffers. This a...

5.5CVSS6.9AI score0.00022EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.60 views

CVE-2024-35873

In the Linux kernel, the following vulnerability has been resolved: riscv: Fix vector state restore in rt_sigreturn() The RISC-V Vector specification states in "Appendix D: CallingConvention for Vector State" [1] that "Executing a system call causesall caller-saved vector registers (v0-v31, vl, vty...

6.5AI score0.00027EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.60 views

CVE-2024-35874

In the Linux kernel, the following vulnerability has been resolved: aio: Fix null ptr deref in aio_complete() wakeup list_del_init_careful() needs to be the last access to the wait queueentry - it effectively unlocks access. Previously, finish_wait() would see the empty list head and skip takingthe...

5.5CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2024/06/08 1:15 p.m.60 views

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to theSystem Companion Processor, and it's not granted that both the SRAM(L2TCM) size that is defined in the de...

5.5CVSS7.2AI score0.00013EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.60 views

CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries The allocation failure of mycs->yuv_scaler_binary in load_video_binaries()is followed with a dereference of mycs->yuv_scaler_binary after thefollo...

5.5CVSS7AI score0.0001EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.60 views

CVE-2024-38554

In the Linux kernel, the following vulnerability has been resolved: ax25: Fix reference count leak issue of net_device There is a reference count leak issue of the object "net_device" inax25_dev_device_down(). When the ax25 device is shutting down, theax25_dev_device_down() drops the reference coun...

5.5CVSS7AI score0.00013EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.60 views

CVE-2024-38569

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through followingcmd [1], but the driver does not check whether the array index is out ofbounds when writing ...

7.8CVSS8.4AI score0.00028EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.60 views

CVE-2024-38571

In the Linux kernel, the following vulnerability has been resolved: thermal/drivers/tsens: Fix null pointer dereference compute_intercept_slope() is called from calibrate_8960() (in tsens-8960.c)as compute_intercept_slope(priv, p1, NULL, ONE_PT_CALIB) which lead to nullpointer dereference (if DEBUG...

5.5CVSS7.1AI score0.0001EPSS
CVE
CVE
added 2024/06/21 11:15 a.m.60 views

CVE-2024-38625

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Check 'folio' pointer for NULL It can be NULL if bmap is called.

5.5CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.60 views

CVE-2024-39464

In the Linux kernel, the following vulnerability has been resolved: media: v4l: async: Fix notifier list entry init struct v4l2_async_notifier has several list_head members, but onlywaiting_list and done_list are initialized. notifier_entry was kept'zeroed' leading to an uninitialized list_head.Thi...

5.5CVSS7AI score0.00019EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.60 views

CVE-2024-39510

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() We got the following issue in a fuzz test of randomly issuing the restorecommand: ==================================================================BUG: KASAN...

7.8CVSS8.3AI score0.00015EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.60 views

CVE-2024-40918

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problemswith random segmentation faults for many years. Systems with earlierprocessors are much more stable....

6.3AI score0.00045EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.60 views

CVE-2024-42146

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Add outer runtime_pm protection to xe_live_ktest@xe_dma_buf Any kunit doing any memory access should get their own runtime_pmouter references since they don't use the standard driver APIentries. In special this dma_buf from...

5.5CVSS6.5AI score0.00055EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.60 views

CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys isaccessible, this key material should only be visible to the callingprocess. So wipe all copies of protected- or sec...

1.9CVSS6.5AI score0.00026EPSS
CVE
CVE
added 2024/08/07 4:15 p.m.60 views

CVE-2024-42242

In the Linux kernel, the following vulnerability has been resolved: mmc: sdhci: Fix max_seg_size for 64KiB PAGE_SIZE blk_queue_max_segment_size() ensured: if (max_size max_segment_size

5.5CVSS6.4AI score0.00047EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.60 views

CVE-2024-42296

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_convert_inline_inode() If device is readonly, make f2fs_convert_inline_inode()return EROFS instead of zero, otherwise it may triggerpanic during writeback of inline inode's dirty page asbelow: f2fs_wr...

6.6AI score0.00103EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.60 views

CVE-2024-42298

In the Linux kernel, the following vulnerability has been resolved: ASoC: fsl: fsl_qmc_audio: Check devm_kasprintf() returned value devm_kasprintf() can return a NULL pointer on failure but this returnedvalue is not checked. Fix this lack and check the returned value.

5.5CVSS6.6AI score0.00039EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.60 views

CVE-2024-43844

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: wow: fix GTK offload H2C skbuff issue We mistakenly put skb too large and that may exceed skb->end.Therefore, we fix it. skbuff: skb_over_panic: text:ffffffffc09e9a9d len:416 put:204 head:ffff8fba04eca780 data:ffff8...

5.5CVSS6.6AI score0.00036EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.60 views

CVE-2024-44982

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: cleanup FB if dpu_format_populate_layout fails If the dpu_format_populate_layout() fails, then FB is prepared, but notcleaned up. This ends up leaking the pin_count on the GEM object andcauses a splat during DRM file c...

5.5CVSS6AI score0.0007EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.60 views

CVE-2024-44991

In the Linux kernel, the following vulnerability has been resolved: tcp: prevent concurrent execution of tcp_sk_exit_batch Its possible that two threads call tcp_sk_exit_batch() concurrently,once from the cleanup_net workqueue, once from a task that failed to clonea new netns. In the latter case, e...

5.5CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.60 views

CVE-2024-46766

In the Linux kernel, the following vulnerability has been resolved: ice: move netif_queue_set_napi to rtnl-protected sections Currently, netif_queue_set_napi() is called from ice_vsi_rebuild() that isnot rtnl-locked when called from the reset. This creates the need to takethe rtnl_lock just for a s...

7.8CVSS7.8AI score0.00049EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.60 views

CVE-2024-47702

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail verification for sign-extension of packet data/data_end/data_meta syzbot reported a kernel crash due tocommit 1f1e864b6555 ("bpf: Handle sign-extenstin ctx member accesses").The reason is due to sign-extension of 32-bit l...

5.5CVSS6.8AI score0.00039EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.60 views

CVE-2024-47716

In the Linux kernel, the following vulnerability has been resolved: ARM: 9410/1: vfp: Use asm volatile in fmrx/fmxr macros Floating point instructions in userspace can crash some arm kernelsbuilt with clang/LLD 17.0.6: BUG: unsupported FP instruction in kernel mode FPEXC == 0xc0000780 Internal erro...

5.5CVSS5.1AI score0.00048EPSS
CVE
CVE
added 2025/01/11 1:15 p.m.60 views

CVE-2024-49573

In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix NEXT_BUDDY Adam reports that enabling NEXT_BUDDY insta triggers a WARN inpick_next_entity(). Moving clear_buddies() up before the delayed dequeue bits ensuresno ->next buddy becomes delayed. Further ensure no new...

6.6AI score0.00042EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.60 views

CVE-2024-49932

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't readahead the relocation inode on RST On relocation we're doing readahead on the relocation inode, but if thefilesystem is backed by a RAID stripe tree we can get ENOENT (e.g. due topreallocated extents not being mappe...

5.5CVSS5.1AI score0.00019EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.60 views

CVE-2024-49976

In the Linux kernel, the following vulnerability has been resolved: tracing/timerlat: Drop interface_lock in stop_kthread() stop_kthread() is the offline callback for "trace/osnoise:online", sincecommit 5bfbcd1ee57b ("tracing/timerlat: Add interface_lock around clearingof kthread in stop_kthread()"...

5.5CVSS5.2AI score0.00038EPSS
CVE
CVE
added 2024/10/21 7:15 p.m.60 views

CVE-2024-50005

In the Linux kernel, the following vulnerability has been resolved: mac802154: Fix potential RCU dereference issue in mac802154_scan_worker In the mac802154_scan_worker function, the scan_req->type field wasaccessed after the RCU read-side critical section was unlocked. Accordingto RCU usage rul...

7.8CVSS7.2AI score0.0005EPSS
CVE
CVE
added 2024/11/07 10:15 a.m.60 views

CVE-2024-50165

In the Linux kernel, the following vulnerability has been resolved: bpf: Preserve param->string when parsing mount options In bpf_parse_param(), keep the value of param->string intact so it canbe freed later. Otherwise, the kmalloc area pointed to by param->stringwill be leaked as shown be...

5.5CVSS5.3AI score0.00034EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.60 views

CVE-2024-56706

In the Linux kernel, the following vulnerability has been resolved: s390/cpum_sf: Fix and protect memory allocation of SDBs with mutex Reservation of the PMU hardware is done at first event creationand is protected by a pair of mutex_lock() and mutex_unlock().After reservation of the PMU hardware t...

6.5AI score0.00015EPSS
CVE
CVE
added 2025/01/15 1:15 p.m.60 views

CVE-2024-57891

In the Linux kernel, the following vulnerability has been resolved: sched_ext: Fix invalid irq restore in scx_ops_bypass() While adding outer irqsave/restore locking, 0e7ffff1b811 ("scx: Fix racinessin scx_ops_bypass()") forgot to convert an inner rq_unlock_irqrestore() torq_unlock() which could re...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.60 views

CVE-2024-58018

In the Linux kernel, the following vulnerability has been resolved: nvkm: correctly calculate the available space of the GSP cmdq buffer r535_gsp_cmdq_push() waits for the available page in the GSP cmdqbuffer when handling a large RPC request. When it sees at least oneavailable page in the cmdq, it...

6.7AI score0.00039EPSS
CVE
CVE
added 2025/03/06 5:15 p.m.60 views

CVE-2024-58081

In the Linux kernel, the following vulnerability has been resolved: clk: mmp2: call pm_genpd_init() only after genpd.name is set Setting the genpd's struct device's name with dev_set_name() ishappening within pm_genpd_init(). If it remains NULL, things can blow uplater, such as when crafting the de...

5.5CVSS7AI score0.00022EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.60 views

CVE-2025-21827

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface() The documentation for usb_driver_claim_interface() says that "thedevice lock" is needed when the function is called from places otherthan probe(). This appears ...

7.2AI score0.00039EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.60 views

CVE-2025-21930

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: don't try to talk to a dead firmware This fixes: bad state = 0WARNING: CPU: 10 PID: 702 at drivers/net/wireless/inel/iwlwifi/iwl-trans.c:178 iwl_trans_send_cmd+0xba/0xe0 [iwlwifi]Call Trace:? __warn+0xca/0x1c0? ...

5.5CVSS7.2AI score0.00022EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.60 views

CVE-2025-22046

In the Linux kernel, the following vulnerability has been resolved: uprobes/x86: Harden uretprobe syscall trampoline check Jann reported a possible issue when trampoline_check_ip returnsaddress near the bottom of the address space that is allowed tocall into the syscall if uretprobes are not set up...

6.5AI score0.00034EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.60 views

CVE-2025-22094

In the Linux kernel, the following vulnerability has been resolved: powerpc/perf: Fix ref-counting on the PMU 'vpa_pmu' Commit 176cda0619b6 ("powerpc/perf: Add perf interface to expose vpacounters") introduced 'vpa_pmu' to expose Book3s-HV nested APIv2 providedL1L2 context switch latency counters t...

6.3AI score0.0004EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.60 views

CVE-2025-37853

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: debugfs hang_hws skip GPU with MES debugfs hang_hws is used by GPU reset test with HWS, for MES this crashthe kernel with NULL pointer access because dqm->packet_mgr is not setupfor MES path. Skip GPU with MES for no...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/05/29 2:15 p.m.60 views

CVE-2025-37999

In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio() If bio_add_folio() fails (because it is full),erofs_fileio_scan_folio() needs to submit the I/O request viaerofs_fileio_rq_submit() and allocate a new I/O reques...

6.5AI score0.00025EPSS
Total number of security vulnerabilities10926