Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2025/05/01 1:15 p.m.56 views

CVE-2025-23158

In the Linux kernel, the following vulnerability has been resolved: media: venus: hfi: add check to handle incorrect queue size qsize represents size of shared queued between driver and videofirmware. Firmware can modify this value to an invalid large value. Insuch situation, empty_space will be bi...

6.6AI score0.00049EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.56 views

CVE-2025-37765

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: prime: fix ttm_bo_delayed_delete oops Fix an oops in ttm_bo_delayed_delete which results from dererencing adangling pointer: Oops: general protection fault, probably for non-canonical address 0x6b6b6b6b6b6b6b7b: 0000 [...

6.5AI score0.00036EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.56 views

CVE-2025-37805

In the Linux kernel, the following vulnerability has been resolved: sound/virtio: Fix cancel_sync warnings on uninitialized work_structs Betty reported hitting the following warning: [ 8.709131][ T221] WARNING: CPU: 2 PID: 221 at kernel/workqueue.c:4182...[ 8.713282][ T221] Call trace:[ 8.713365][ ...

5.5CVSS5.3AI score0.00018EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.56 views

CVE-2025-37836

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reference leak in pci_register_host_bridge() If device_register() fails, call put_device() to give up the reference toavoid a memory leak, per the comment at device_register(). Found by code review. [bhelgaas: squash Dan C...

6.7AI score0.00036EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.56 views

CVE-2025-37851

In the Linux kernel, the following vulnerability has been resolved: fbdev: omapfb: Add 'plane' value check Function dispc_ovl_setup is not intended to work with the value OMAP_DSS_WBof the enum parameter plane. The value of this parameter is initialized in dss_init_overlays and in thecurrent state ...

6.7AI score0.00049EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.55 views

CVE-1999-0628

The rwho/rwhod service is running, which exposes machine status and user information.

5CVSS7.4AI score0.0061EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.55 views

CVE-1999-0986

The ping command in Linux 2.0.3x allows local users to cause a denial of service by sending large packets with the -R (record route) option.

5CVSS6.7AI score0.01424EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.55 views

CVE-1999-1225

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

5CVSS6.9AI score0.00455EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.55 views

CVE-2002-1380

Linux kernel 2.2.x allows local users to cause a denial of service (crash) by using the mmap() function with a PROT_READ parameter to access non-readable memory pages through the /proc/pid/mem interface.

2.1CVSS5.9AI score0.00182EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.55 views

CVE-2004-1069

Race condition in SELinux 2.6.x through 2.6.9 allows local users to cause a denial of service (kernel crash) via SOCK_SEQPACKET unix domain sockets, which are not properly handled in the sock_dgram_sendmsg function.

1.2CVSS7.2AI score0.0006EPSS
CVE
CVE
added 2005/12/03 12:0 a.m.55 views

CVE-2004-2607

A numeric casting discrepancy in sdla_xfer in Linux kernel 2.6.x up to 2.6.5 and 2.4 up to 2.4.29-rc1 allows local users to read portions of kernel memory via a large len argument, which is received as an int but cast to a short, which prevents a read loop from filling a buffer.

2.1CVSS5.7AI score0.00064EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.55 views

CVE-2005-0532

The reiserfs_copy_from_user_to_file_region function in reiserfs/file.c for Linux kernel 2.6.10 and 2.6.11 before 2.6.11-rc4, when running on 64-bit architectures, may allow local users to trigger a buffer overflow as a result of casting discrepancies between size_t and int data types.

2.1CVSS5.5AI score0.00067EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.55 views

CVE-2005-0839

Linux kernel 2.6 before 2.6.11 does not restrict access to the N_MOUSE line discipline for a TTY, which allows local users to gain privileges by injecting mouse or keyboard events into other user sessions.

7.2CVSS5.4AI score0.00052EPSS
CVE
CVE
added 2006/03/22 8:6 p.m.55 views

CVE-2006-0038

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

6.9CVSS7.5AI score0.00091EPSS
CVE
CVE
added 2006/06/27 11:5 p.m.55 views

CVE-2006-0456

The strnlen_user function in Linux kernel before 2.6.16 on IBM S/390 can return an incorrect value, which allows local users to cause a denial of service via unknown vectors.

2.1CVSS6.9AI score0.00066EPSS
CVE
CVE
added 2006/04/05 5:4 p.m.55 views

CVE-2006-1055

The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.

4.9CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2006/05/22 4:6 p.m.55 views

CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

7.8CVSS7.6AI score0.1139EPSS
CVE
CVE
added 2006/06/23 10:2 a.m.55 views

CVE-2006-2445

Race condition in run_posix_cpu_timers in Linux kernel before 2.6.16.21 allows local users to cause a denial of service (BUG_ON crash) by causing one CPU to attach a timer to a process that is exiting.

4CVSS5.8AI score0.00064EPSS
CVE
CVE
added 2006/12/11 11:28 p.m.55 views

CVE-2006-5871

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.

4.1CVSS7.2AI score0.0007EPSS
CVE
CVE
added 2009/03/25 1:30 a.m.55 views

CVE-2009-0787

The ecryptfs_write_metadata_to_contents function in the eCryptfs functionality in the Linux kernel 2.6.28 before 2.6.28.9 uses an incorrect size when writing kernel memory to an eCryptfs file header, which triggers an out-of-bounds read and allows local users to obtain portions of kernel memory.

4.9CVSS6.8AI score0.00076EPSS
CVE
CVE
added 2009/07/01 1:0 p.m.55 views

CVE-2009-2287

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL p...

4.9CVSS6.8AI score0.00064EPSS
CVE
CVE
added 2011/07/28 10:55 p.m.55 views

CVE-2011-2695

Multiple off-by-one errors in the ext4 subsystem in the Linux kernel before 3.0-rc5 allow local users to cause a denial of service (BUG_ON and system crash) by accessing a sparse file in extent format with a write operation involving a block number corresponding to the largest possible 32-bit unsig...

4.9CVSS6.7AI score0.00067EPSS
CVE
CVE
added 2013/06/08 1:5 p.m.55 views

CVE-2011-4087

The br_parse_ip_options function in net/bridge/br_netfilter.c in the Linux kernel before 2.6.39 does not properly initialize a certain data structure, which allows remote attackers to cause a denial of service by leveraging connectivity to a network interface that uses an Ethernet bridge device.

7.5CVSS6.9AI score0.00964EPSS
CVE
CVE
added 2013/06/07 2:3 p.m.55 views

CVE-2011-4604

The bat_socket_read function in net/batman-adv/icmp_socket.c in the Linux kernel before 3.3 allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via a crafted batman-adv ICMP packet.

6.8CVSS7.6AI score0.00695EPSS
CVE
CVE
added 2013/03/22 11:59 a.m.55 views

CVE-2013-1828

The sctp_getsockopt_assoc_stats function in net/sctp/socket.c in the Linux kernel before 3.8.4 does not validate a size value before proceeding to a copy_from_user operation, which allows local users to gain privileges via a crafted application that contains an SCTP_GET_ASSOC_STATS getsockopt syste...

6.9CVSS5.9AI score0.00201EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.55 views

CVE-2014-6418

net/ceph/auth_x.c in Ceph, as used in the Linux kernel before 3.16.3, does not properly validate auth replies, which allows remote attackers to cause a denial of service (system crash) or possibly have unspecified other impact via crafted data from the IP address of a Ceph Monitor.

7.1CVSS7.7AI score0.05251EPSS
CVE
CVE
added 2015/12/28 11:59 a.m.55 views

CVE-2015-7884

The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

2.3CVSS2.9AI score0.00036EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.55 views

CVE-2017-0439

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.6AI score0.00137EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.55 views

CVE-2017-17857

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

7.8CVSS7.4AI score0.00071EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.55 views

CVE-2021-47195

In the Linux kernel, the following vulnerability has been resolved: spi: fix use-after-free of the add_lock mutex Commit 6098475d4cb4 ("spi: Fix deadlock when adding SPI controllers onSPI buses") introduced a per-controller mutex. But mutex_unlock() ofsaid lock is called after the controller is alr...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.55 views

CVE-2021-47204

In the Linux kernel, the following vulnerability has been resolved: net: dpaa2-eth: fix use-after-free in dpaa2_eth_remove Access to netdev after free_netdev() will cause use-after-free bug.Move debug log before free_netdev() call to avoid it.

7.8CVSS6.4AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47224

In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple andefficient way to free the skb buffer when the frame has been transmitted.But in order to avoid free...

6.2CVSS6.3AI score0.00052EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind")fails to clean up the work scheduled in smsc75xx_reset->smsc75xx_set_multicast, which leads to use-afte...

7.8CVSS6.7AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47266

In the Linux kernel, the following vulnerability has been resolved: RDMA/ipoib: Fix warning caused by destroying non-initial netns After the commit 5ce2dced8e95 ("RDMA/ipoib: Set rtnl_link_ops for ipoibinterfaces"), if the IPoIB device is moved to non-initial netns,destroying that netns lets the de...

5.5CVSS6.5AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port A pending hrtimer may expire after the kthread_worker of tcpm portis destroyed, see below kernel dump when do module unload, fix itby cancel the 2 hrt...

7.8CVSS6.5AI score0.00054EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47313

In the Linux kernel, the following vulnerability has been resolved: cpufreq: CPPC: Fix potential memleak in cppc_cpufreq_cpu_init It's a classic example of memleak, we allocate something, we fail andnever free the resources. Make sure we free all resources on policy ->init() failures.

8.4CVSS8.2AI score0.00097EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.55 views

CVE-2021-47363

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fib_nexthop.sh exposed apossible division by zero while replacing a resilient group [1]. Thedivision by zero occurs when t...

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.55 views

CVE-2021-47536

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the linkgroup from the link group list, but it deletedthe list head by mistake. This may cause memory corruption since we didn'tremove the...

6.7AI score0.00023EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.55 views

CVE-2021-47605

In the Linux kernel, the following vulnerability has been resolved: vduse: fix memory corruption in vduse_dev_ioctl() The "config.offset" comes from the user. There needs to a check toprevent it being out of bounds. The "config.offset" and"dev->config_size" variables are both type u32. So if the...

7.8CVSS8.5AI score0.00063EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.55 views

CVE-2021-47655

In the Linux kernel, the following vulnerability has been resolved: media: venus: vdec: fixed possible memory leak issue The venus_helper_alloc_dpb_bufs() implementation allows an early returnon an error path when checking the id from ida_alloc_min() which wouldnot release the earlier buffer alloca...

5.5CVSS5.4AI score0.00017EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.55 views

CVE-2022-48716

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd938x: fix incorrect used of portid Mixer controls have the channel id in mixer->reg, which is not sameas port id. port id should be derived from chan_info array.So fix this. Without this, its possible that we co...

9.8CVSS9.1AI score0.00084EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.55 views

CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer whichdrm_atomic_get_new_bridge_state is allowed to return.Assume a fixed format instead.

5.5CVSS6.9AI score0.00019EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.55 views

CVE-2022-48727

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when SError occur When any exception other than an IRQ occurs, the CPU updates the ESR_EL2register with the exception syndrome. An SError may also become pending,and will be synchronise...

6.4AI score0.00022EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.55 views

CVE-2022-48746

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check ifthe handled netdev is VF representor and it missing a check ifthe VF representor is on the same phys device ...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.55 views

CVE-2022-48776

In the Linux kernel, the following vulnerability has been resolved: mtd: parsers: qcom: Fix missing free for pparts in cleanup Mtdpart doesn't free pparts when a cleanup function is declared.Add missing free for pparts in cleanup function for smem to fix theleak.

6.5AI score0.00065EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.55 views

CVE-2022-48781

In the Linux kernel, the following vulnerability has been resolved: crypto: af_alg - get rid of alg_memory_allocated alg_memory_allocated does not seem to be really used. alg_proto does have a .memory_allocated field, but nocorresponding .sysctl_mem. This means sk_has_account() returns true, but al...

5.5CVSS6.8AI score0.00036EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.55 views

CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have aninteger overflow.

7.8CVSS8.4AI score0.00037EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.55 views

CVE-2022-48903

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix relocation crash due to premature return from btrfs_commit_transaction() We are seeing crashes similar to the following trace: [38.969182] WARNING: CPU: 20 PID: 2105 at fs/btrfs/relocation.c:4070 btrfs_relocate_block_gro...

5.5CVSS6.2AI score0.0003EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.55 views

CVE-2022-48908

In the Linux kernel, the following vulnerability has been resolved: net: arcnet: com20020: Fix null-ptr-deref in com20020pci_probe() During driver initialization, the pointer of card info, i.e. thevariable 'ci' is required. However, the definition of'com20020pci_id_table' reveals that this field is...

5.5CVSS6.5AI score0.00048EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.55 views

CVE-2022-48961

In the Linux kernel, the following vulnerability has been resolved: net: mdio: fix unbalanced fwnode reference count in mdio_device_release() There is warning report about of_node refcount leakwhile probing mdio device: OF: ERROR: memory leak, expected refcount 1 instead of 2,of_node_get()/of_node_...

5.5CVSS5.2AI score0.00068EPSS
Total number of security vulnerabilities10741