Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2007/04/24 4:19 p.m.54 views

CVE-2007-1353

The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer.

2.1CVSS6.9AI score0.00085EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.54 views

CVE-2007-3107

The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.

2.1CVSS6AI score0.00086EPSS
CVE
CVE
added 2007/12/18 12:46 a.m.54 views

CVE-2007-6417

The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).

7.2CVSS7.1AI score0.00046EPSS
CVE
CVE
added 2008/01/18 12:0 a.m.54 views

CVE-2008-0352

The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).

7.8CVSS6.6AI score0.03354EPSS
CVE
CVE
added 2008/08/27 8:41 p.m.54 views

CVE-2008-3526

Integer overflow in the sctp_setsockopt_auth_key function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel 2.6.24-rc1 through 2.6.26.3 allows remote attackers to cause a denial of service (panic) or possibly have unspecified other impact via...

7.8CVSS6AI score0.01908EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.54 views

CVE-2008-3534

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to al...

4.9CVSS4.9AI score0.00046EPSS
CVE
CVE
added 2013/12/09 6:55 p.m.54 views

CVE-2013-6432

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a craft...

4.6CVSS7AI score0.00042EPSS
CVE
CVE
added 2014/03/11 1:1 p.m.54 views

CVE-2014-0102

The keyring_detect_cycle_iterator function in security/keys/keyring.c in the Linux kernel through 3.13.6 does not properly determine whether keyrings are identical, which allows local users to cause a denial of service (OOPS) via crafted keyctl commands.

5.2CVSS5.5AI score0.00083EPSS
CVE
CVE
added 2016/08/07 9:59 p.m.54 views

CVE-2015-0568

Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a ...

7.8CVSS7.3AI score0.00464EPSS
CVE
CVE
added 2016/08/06 8:59 p.m.54 views

CVE-2016-6516

Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.

7.4CVSS7.3AI score0.00516EPSS
CVE
CVE
added 2017/04/05 2:59 p.m.54 views

CVE-2017-0332

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10...

7.6CVSS6.9AI score0.00168EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.54 views

CVE-2017-0403

An elevation of privilege vulnerability in the kernel performance subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Ker...

7.6CVSS6.5AI score0.00327EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.54 views

CVE-2017-1000377

An issue was discovered in the size of the default stack guard page on PAX Linux (originally from GRSecurity but shipped by other Linux vendors), specifically the default stack guard page is not sufficiently large and can be "jumped" over (the stack guard page is bypassed), this affects PAX Linux K...

5.9CVSS5.6AI score0.00076EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.54 views

CVE-2017-17852

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.

7.8CVSS7.4AI score0.00123EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.54 views

CVE-2021-47234

In the Linux kernel, the following vulnerability has been resolved: phy: phy-mtk-tphy: Fix some resource leaks in mtk_phy_init() Use clk_disable_unprepare() in the error path of mtk_phy_init() to fixsome resource leaks.

5.5CVSS6.6AI score0.00052EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.54 views

CVE-2021-47299

In the Linux kernel, the following vulnerability has been resolved: xdp, net: Fix use-after-free in bpf_xdp_link_release The problem occurs between dev_get_by_index() and dev_xdp_attach_link().At this point, dev_xdp_uninstall() is called. Then xdp link will not bedetached automatically when dev is ...

5.5CVSS6.6AI score0.00094EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.54 views

CVE-2021-47341

In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregister_coalesced_mmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalesced_mmio.c:183Read of size 8 at add...

7.8CVSS6.8AI score0.0002EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.54 views

CVE-2021-47512

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: prevent dismantle issue For some reason, fq_pie_destroy() did not copyworking code from pie_destroy() and other qdiscs,thus causing elusive bug. Before calling del_timer_sync(&q->adapt_timer),we need to ensure...

5.5CVSS6.9AI score0.00018EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.54 views

CVE-2021-47531

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix mmap to include VM_IO and VM_DONTDUMP In commit 510410bfc034 ("drm/msm: Implement mmap as GEM objectfunction") we switched to a new/cleaner method of doing things. That'sgood, but we missed a little bit. Before that co...

6.6AI score0.0003EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.54 views

CVE-2021-47535

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 ("drm/msm/a6xx: fix crashstate capture forA650") we changed a6xx_get_gmu_registers() to read 3 sets ofregisters. Unfortunately, we didn't change the memor...

6.2CVSS6.5AI score0.0001EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.54 views

CVE-2021-47591

In the Linux kernel, the following vulnerability has been resolved: mptcp: remove tcp ulp setsockopt support TCP_ULP setsockopt cannot be used for mptcp because its alreadyused internally to plumb subflow (tcp) sockets to the mptcp layer. syzbot managed to trigger a crash for mptcp connections that...

5.5CVSS6.8AI score0.00012EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.54 views

CVE-2021-47611

In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify thatthe extended element ID is present.

5.5CVSS7AI score0.00021EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.54 views

CVE-2021-47618

In the Linux kernel, the following vulnerability has been resolved: ARM: 9170/1: fix panic when kasan and kprobe are enabled arm32 uses software to simulate the instruction replacedby kprobe. some instructions may be simulated by constructingassembly functions. therefore, before executing instructi...

6.6AI score0.00058EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.54 views

CVE-2022-48768

In the Linux kernel, the following vulnerability has been resolved: tracing/histogram: Fix a potential memory leak for kstrdup() kfree() is missing on an error path to free the memory allocated bykstrdup(): p = param = kstrdup(data->params[i], GFP_KERNEL); So it is better to free it via kfree(p)...

5.5CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.54 views

CVE-2022-48770

In the Linux kernel, the following vulnerability has been resolved: bpf: Guard against accessing NULL pt_regs in bpf_get_task_stack() task_pt_regs() can return NULL on powerpc for kernel threads. This isthen used in __bpf_get_stack() to check for user mode, resulting in akernel oops. Guard against ...

5.5CVSS6.3AI score0.00047EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.54 views

CVE-2022-48778

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: gpmi: don't leak PM reference in error path If gpmi_nfc_apply_timings() fails, the PM runtime usage counter must bedropped.

7.8CVSS8.1AI score0.00039EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.54 views

CVE-2022-48784

In the Linux kernel, the following vulnerability has been resolved: cfg80211: fix race in netlink owner interface destruction My previous fix here to fix the deadlock left a race wherethe exact same deadlock (see the original commit referencedbelow) can still happen if cfg80211_destroy_ifaces() alr...

4.7CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.54 views

CVE-2022-48797

In the Linux kernel, the following vulnerability has been resolved: mm: don't try to NUMA-migrate COW pages that have other uses Oded Gabbay reports that enabling NUMA balancing causes corruption withhis Gaudi accelerator test load: "All the details are in the bug, but the bottom line is that someh...

6.8AI score0.00073EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.54 views

CVE-2022-48833

In the Linux kernel, the following vulnerability has been resolved: btrfs: skip reserved bytes warning on unmount after log cleanup failure After the recent changes made by commit c2e39305299f01 ("btrfs: clearextent buffer uptodate when we fail to write it") and its followup fix,commit 651740a50241...

6.5AI score0.00065EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.54 views

CVE-2022-48844

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix leaking sent_cmd skb sent_cmd memory is not freed before freeing hci_dev causing it to leakit contents.

5.5CVSS6.3AI score0.00039EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.54 views

CVE-2022-48880

In the Linux kernel, the following vulnerability has been resolved: platform/surface: aggregator: Add missing call to ssam_request_sync_free() Although rare, ssam_request_sync_init() can fail. In that case, therequest should be freed via ssam_request_sync_free(). Currently it isleaked instead. Fix ...

6.5AI score0.00065EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.54 views

CVE-2022-48924

In the Linux kernel, the following vulnerability has been resolved: thermal: int340x: fix memory leak in int3400_notify() It is easy to hit the below memory leaks in my TigerLake platform: unreferenced object 0xffff927c8b91dbc0 (size 32):comm "kworker/0:2", pid 112, jiffies 4294893323 (age 83.604s)...

5.5CVSS6.5AI score0.00065EPSS
CVE
CVE
added 2024/08/22 4:15 a.m.54 views

CVE-2022-48927

In the Linux kernel, the following vulnerability has been resolved: iio: adc: tsc2046: fix memory corruption by preventing array overflow On one side we have indio_dev->num_channels includes all physical channels +timestamp channel. On other side we have an array allocated only forphysical chann...

7.8CVSS6.9AI score0.00037EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.54 views

CVE-2022-48970

In the Linux kernel, the following vulnerability has been resolved: af_unix: Get user_ns from in_skb in unix_diag_get_exact(). Wei Chen reported a NULL deref in sk_user_ns() 0 , and Paolo diagnosedthe root cause: in unix_diag_get_exact(), the newly allocated skb does nothave sk. 2 We must get the u...

5.5CVSS4.8AI score0.00069EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.54 views

CVE-2022-48982

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix crash when replugging CSR fake controllers It seems fake CSR 5.0 clones can cause the suspend notifier to beregistered twice causing the following kernel panic: [ 71.986122] Call Trace:[ 71.986124] [ 71.986125] block...

5.5CVSS5.2AI score0.00035EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.54 views

CVE-2022-49064

In the Linux kernel, the following vulnerability has been resolved: cachefiles: unmark inode in use in error path Unmark inode in use if error encountered. If the in-use flag leakageoccurs in cachefiles_open_file(), Cachefiles will complain "Inodealready in use" when later another cookie with the s...

5.4AI score0.00029EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49234

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Avoid cross-chip syncing of VLAN filtering Changes to VLAN filtering are not applicable to cross-chipnotifications. On a system like this: .-----. .-----. .-----.| sw1 +---+ sw2 +---+ sw3 |'-1-2-' '-1-2-' '-1-2-' Before t...

5.4AI score0.00029EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49380

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to avoid f2fs_bug_on() in dec_valid_node_count() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215897 I have encountered a bug in F2FS file system in kernel v5.17. The kernel should enable C...

5.3AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49417

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: mei: fix potential NULL-ptr deref If SKB allocation fails, continue rather than using the NULLpointer. Coverity CID: 1497650

5.4AI score0.00043EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49428

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to do sanity check on inline_dots inode As Wenqing reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215765 It will cause a kernel panic with steps: mkdir mnt mount tmp40.img mnt ls mnt folio_mark_dirty+0x...

5.3AI score0.00033EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49458

In the Linux kernel, the following vulnerability has been resolved: drm/msm: don't free the IRQ if it was not requested As msm_drm_uninit() is called from the msm_drm_init() error path,additional care should be necessary as not to call the free_irq() forthe IRQ that was not requested before (becaus...

5.4AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49479

In the Linux kernel, the following vulnerability has been resolved: mt76: fix tx status related use-after-free race on station removal There is a small race window where ongoing tx activity can lead to a skbgetting added to the status tracking idr after that idr has already beencleaned up, which wi...

7.8CVSS6.7AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49540

In the Linux kernel, the following vulnerability has been resolved: rcu-tasks: Fix race in schedule and flush work While booting secondary CPUs, cpus_read_[lock/unlock] is not keepingonline cpumask stable. The transient online mask results in belowcalltrace. [ 0.324121] CPU1: Booted secondary proce...

5.4AI score0.0003EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49550

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: provide block_invalidate_folio to fix memory leak The ntfs3 filesystem lacks the 'invalidate_folio' method and it causesmemory leak. If you write to the filesystem and then unmount it, thecached written data are not freed...

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.54 views

CVE-2022-49558

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: double hook unregistration in netns path __nft_release_hooks() is called from pre_netns exit path whichunregisters the hooks, then the NETDEV_UNREGISTER event is triggeredwhich unregisters the hooks again. [ 5...

6.6AI score0.00149EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.54 views

CVE-2022-49842

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix use-after-free in snd_soc_exit() KASAN reports a use-after-free: BUG: KASAN: use-after-free in device_del+0xb5b/0xc60Read of size 8 at addr ffff888008655050 by task rmmod/387CPU: 2 PID: 387 Comm: rmmodHardware name:...

7.8CVSS6.4AI score0.00043EPSS
CVE
CVE
added 2023/09/04 3:15 a.m.54 views

CVE-2023-20841

In imgsys, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07326455; Issue ID: ALPS07326441.

6.5CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.54 views

CVE-2023-52682

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to wait on block writeback for post_read case If inode is compressed, but not encrypted, it missed to callf2fs_wait_on_block_writeback() to wait for GCed page writebackin IPU write path. Thread A GC-Thread- f2fs_gc- do_ga...

6.8AI score0.00021EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52701

In the Linux kernel, the following vulnerability has been resolved: net: use a bounce buffer for copying skb->mark syzbot found arm64 builds would crash in sock_recv_mark()when CONFIG_HARDENED_USERCOPY=y x86 and powerpc are not detecting the issue becausethey define user_access_begin.This will b...

6.9AI score0.00122EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52705

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix underflow in second superblock position calculations Macro NILFS_SB2_OFFSET_BYTES, which computes the position of the secondsuperblock, underflows when the argument device size is less than 4096bytes. Therefore, when us...

5.5CVSS6.7AI score0.00018EPSS
Total number of security vulnerabilities10741