Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2016/11/28 3:59 a.m.58 views

CVE-2016-9313

security/keys/big_key.c in the Linux kernel before 4.8.7 mishandles unsuccessful crypto registration in conjunction with successful key-type registration, which allows local users to cause a denial of service (NULL pointer dereference and panic) or possibly have unspecified other impact via a craft...

9.3CVSS8.2AI score0.00391EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.58 views

CVE-2017-0572

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.00254EPSS
Web
CVE
CVE
added 2017/12/27 5:8 p.m.58 views

CVE-2017-17852

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of 32-bit ALU ops.

7.8CVSS7.4AI score0.00123EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.58 views

CVE-2017-17857

The check_stack_boundary function in kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (memory corruption) or possibly have unspecified other impact by leveraging mishandling of invalid variable stack read operations.

7.8CVSS7.4AI score0.00071EPSS
CVE
CVE
added 2019/04/11 3:29 p.m.58 views

CVE-2019-3837

It was found that the net_dma code in tcp_recvmsg() in the 2.6.32 kernel as shipped in RHEL6 is thread-unsafe. So an unprivileged multi-threaded userspace application calling recvmsg() for the same network socket in parallel executed on ioatdma-enabled hardware with net_dma enabled can leak the mem...

6.1CVSS6.3AI score0.00093EPSS
CVE
CVE
added 2024/03/04 6:15 p.m.58 views

CVE-2021-47092

In the Linux kernel, the following vulnerability has been resolved: KVM: VMX: Always clear vmx->fail on emulation_required Revert a relatively recent change that set vmx->fail if the vCPU is in L2and emulation_required is true, as that behavior is completely bogus.Setting vmx->fail and syn...

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.58 views

CVE-2021-47127

In the Linux kernel, the following vulnerability has been resolved: ice: track AF_XDP ZC enabled queues in bitmap Commit c7a219048e45 ("ice: Remove xsk_buff_pool from VSI structure")silently introduced a regression and broke the Tx side of AF_XDP in copymode. xsk_pool on ice_ring is set only based ...

5.5CVSS6.2AI score0.00017EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.58 views

CVE-2021-47132

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix sk_forward_memory corruption on retransmission MPTCP sk_forward_memory handling is a bit special, as such fieldis protected by the msk socket spin_lock, instead of the plainsocket lock. Currently we have a code path upda...

7.1CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.58 views

CVE-2021-47133

In the Linux kernel, the following vulnerability has been resolved: HID: amd_sfh: Fix memory leak in amd_sfh_work Kmemleak tool detected a memory leak in the amd_sfh driver. ====================unreferenced object 0xffff88810228ada0 (size 32):comm "insmod", pid 3968, jiffies 4295056001 (age 775.792...

5.5CVSS6.4AI score0.00017EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.58 views

CVE-2021-47190

In the Linux kernel, the following vulnerability has been resolved: perf bpf: Avoid memory leak from perf_env__insert_btf() perf_env__insert_btf() doesn't insert if a duplicate BTF id isencountered and this causes a memory leak. Modify the function to returna success/error value and then free the m...

5.5CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.58 views

CVE-2021-47196

In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Set send and receive CQ before forwarding to the driver Preset both receive and send CQ pointers prior to call to the drivers andoverwrite it later again till the mlx4 is going to be changed do notoverwrite ibqp properti...

7.8CVSS6.3AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.58 views

CVE-2021-47224

In the Linux kernel, the following vulnerability has been resolved: net: ll_temac: Make sure to free skb when it is completely used With the skb pointer piggy-backed on the TX BD, we have a simple andefficient way to free the skb buffer when the frame has been transmitted.But in order to avoid free...

6.2CVSS6.3AI score0.00052EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.58 views

CVE-2021-47290

In the Linux kernel, the following vulnerability has been resolved: scsi: target: Fix NULL dereference on XCOPY completion CPU affinity control added with commit 39ae3edda325 ("scsi: target: core:Make completion affinity configurable") makes target_complete_cmd() queuework on a CPU based on se_tpg-...

5.5CVSS6.5AI score0.00083EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.58 views

CVE-2021-47306

In the Linux kernel, the following vulnerability has been resolved: net: fddi: fix UAF in fza_probe fp is netdev private data and it cannot beused after free_netdev() call. Using fp after free_netdev()can cause UAF bug. Fix it by moving free_netdev() after error message. TURBOchannel adapter")

7.8CVSS6.7AI score0.00097EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.58 views

CVE-2021-47318

In the Linux kernel, the following vulnerability has been resolved: arch_topology: Avoid use-after-free for scale_freq_data Currently topology_scale_freq_tick() (which gets called fromscheduler_tick()) may end up using a pointer to "structscale_freq_data", which was previously cleared bytopology_cl...

7.8CVSS6.8AI score0.00086EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.58 views

CVE-2021-47561

In the Linux kernel, the following vulnerability has been resolved: i2c: virtio: disable timeout handling If a timeout is hit, it can result is incorrect data on the I2C busand/or memory corruptions in the guest since the device can still beoperating on the buffers it was given while the guest has ...

6.6AI score0.00059EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.58 views

CVE-2021-47567

In the Linux kernel, the following vulnerability has been resolved: powerpc/32: Fix hardlockup on vmap stack overflow Since the commit c118c7303ad5 ("powerpc/32: Fix vmap stack - Do notactivate MMU before reading task struct") a vmap stack overflowresults in a hard lockup. This is because emergency...

6.4AI score0.00084EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.58 views

CVE-2021-47591

In the Linux kernel, the following vulnerability has been resolved: mptcp: remove tcp ulp setsockopt support TCP_ULP setsockopt cannot be used for mptcp because its alreadyused internally to plumb subflow (tcp) sockets to the mptcp layer. syzbot managed to trigger a crash for mptcp connections that...

5.5CVSS6.8AI score0.00012EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.58 views

CVE-2021-47611

In the Linux kernel, the following vulnerability has been resolved: mac80211: validate extended element ID is present Before attempting to parse an extended element, verify thatthe extended element ID is present.

5.5CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.58 views

CVE-2022-48639

In the Linux kernel, the following vulnerability has been resolved: net: sched: fix possible refcount leak in tc_new_tfilter() tfilter_put need to be called to put the refount got by tp->ops->get toavoid possible refcount leak when chain->tmplt_ops != NULL andchain->tmplt_ops != tp->...

5.5CVSS6.4AI score0.00011EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.58 views

CVE-2022-48641

In the Linux kernel, the following vulnerability has been resolved: netfilter: ebtables: fix memory leak when blob is malformed The bug fix was incomplete, it "replaced" crash with a memory leak.The old code had an assignment to "ret" embedded into the conditional,restore this.

5.5CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.58 views

CVE-2022-48718

In the Linux kernel, the following vulnerability has been resolved: drm: mxsfb: Fix NULL pointer dereference mxsfb should not ever dereference the NULL pointer whichdrm_atomic_get_new_bridge_state is allowed to return.Assume a fixed format instead.

5.5CVSS6.9AI score0.00033EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.58 views

CVE-2022-48727

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Avoid consuming a stale esr value when SError occur When any exception other than an IRQ occurs, the CPU updates the ESR_EL2register with the exception syndrome. An SError may also become pending,and will be synchronise...

6.4AI score0.00021EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.58 views

CVE-2022-48746

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix handling of wrong devices during bond netevent Current implementation of bond netevent handler only check ifthe handled netdev is VF representor and it missing a check ifthe VF representor is on the same phys device ...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.58 views

CVE-2022-48751

In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused byaccessing smc->clcsock after clcsock was released. BUG: kernel NULL pointer dereference, address: 00000000000000...

4.7CVSS6.2AI score0.0002EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48779

In the Linux kernel, the following vulnerability has been resolved: net: mscc: ocelot: fix use-after-free in ocelot_vlan_del() ocelot_vlan_member_del() will free the struct ocelot_bridge_vlan, so ifthis is the same as the port's pvid_vlan which we access afterwards,what we're accessing is freed mem...

7.8CVSS7.4AI score0.00044EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48808

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix panic when DSA master device unbinds on shutdown Rafael reports that on a system with LX2160A and Marvell DSA switches,if a reboot occurs while the DSA master (dpaa2-eth) is up, the followingpanic can be seen: systemd...

5.5CVSS6AI score0.0003EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.58 views

CVE-2022-48811

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in __ibmvnic_open() If __ibmvnic_open() encounters an error such as when setting link state,it calls release_resources() which frees the napi structures needlessly.Instead, have __ibmvnic_open() only cle...

6.4AI score0.00065EPSS
CVE
CVE
added 2024/07/16 1:15 p.m.58 views

CVE-2022-48837

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: rndis: prevent integer overflow in rndis_set_response() If "BufOffset" is very large the "BufOffset + 8" operation can have aninteger overflow.

7.8CVSS8.4AI score0.00037EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.58 views

CVE-2022-48892

In the Linux kernel, the following vulnerability has been resolved: sched/core: Fix use-after-free bug in dup_user_cpus_ptr() Since commit 07ec77a1d4e8 ("sched: Allow task CPU affinity to berestricted on asymmetric systems"), the setting and clearing ofuser_cpus_ptr are done under pi_lock for arm64...

7.8CVSS6.5AI score0.00062EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.58 views

CVE-2022-48980

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries(SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110(SJA1110_MAX_L2_POLICING_COUNT). Keeping the table st...

7.8CVSS7.3AI score0.00031EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49077

In the Linux kernel, the following vulnerability has been resolved: mmmremap.c: avoid pointless invalidate_range_start/end on mremap(old_size=0) If an mremap() syscall with old_size=0 ends up in move_page_tables(), itwill call invalidate_range_start()/invalidate_range_end() unnecessarily,i.e. with ...

5.3AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49150

In the Linux kernel, the following vulnerability has been resolved: rtc: gamecube: Fix refcount leak in gamecube_rtc_read_offset_from_sram The of_find_compatible_node() function returns a node pointer withrefcount incremented, We should use of_node_put() on it when doneAdd the missing of_node_put()...

5.5CVSS6.4AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49169

In the Linux kernel, the following vulnerability has been resolved: f2fs: use spin_lock to avoid hang [14696.634553] task:cat state:D stack: 0 pid:1613738 ppid:1613735 flags:0x00000004[14696.638285] Call Trace:[14696.639038] [14696.640032] __schedule+0x302/0x930[14696.640969] schedule+0x58/0xd0[146...

6.5AI score0.00057EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.58 views

CVE-2022-49210

In the Linux kernel, the following vulnerability has been resolved: MIPS: pgalloc: fix memory leak caused by pgd_free() pgd page is freed by generic implementation pgd_free() since commitf9cb654cb550 ("asm-generic: pgalloc: provide generic pgd_free()"),however, there are scenarios that the system u...

5.5CVSS5.4AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49234

In the Linux kernel, the following vulnerability has been resolved: net: dsa: Avoid cross-chip syncing of VLAN filtering Changes to VLAN filtering are not applicable to cross-chipnotifications. On a system like this: .-----. .-----. .-----.| sw1 +---+ sw2 +---+ sw3 |'-1-2-' '-1-2-' '-1-2-' Before t...

5.4AI score0.00037EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49255

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix missing free nid in f2fs_handle_failed_inode This patch fixes xfstests/generic/475 failure. [ 293.680694] F2FS-fs (dm-1): May loss orphan inode, run fsck to fix.[ 293.685358] Buffer I/O error on dev dm-1, logical block 83...

6.2AI score0.00081EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49406

In the Linux kernel, the following vulnerability has been resolved: block: Fix potential deadlock in blk_ia_range_sysfs_show() When being read, a sysfs attribute is already protected against removalwith the kobject node active reference counter. As a result, inblk_ia_range_sysfs_show(), there is no...

5.5CVSS5.3AI score0.00031EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.58 views

CVE-2022-49419

In the Linux kernel, the following vulnerability has been resolved: video: fbdev: vesafb: Fix a use-after-free due early fb_info cleanup Commit b3c9a924aab6 ("fbdev: vesafb: Cleanup fb_info in .fb_destroy ratherthan .remove") fixed a use-after-free error due the vesafb driver freeingthe fb_info in ...

7.8CVSS5.4AI score0.00048EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.58 views

CVE-2022-49887

In the Linux kernel, the following vulnerability has been resolved: media: meson: vdec: fix possible refcount leak in vdec_probe() v4l2_device_unregister need to be called to put the refcount got byv4l2_device_register when vdec_probe fails or vdec_remove is called.

5.5CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.58 views

CVE-2022-49892

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix use-after-free for dynamic ftrace_ops KASAN reported a use-after-free with ftrace ops [1]. It was found fromvmcore that perf had registered two ops with the same contentsuccessively, both dynamic. After unregistering th...

7.8CVSS6.6AI score0.00068EPSS
CVE
CVE
added 2023/03/01 8:15 p.m.58 views

CVE-2023-23005

In the Linux kernel before 6.2, mm/memory-tiers.c misinterprets the alloc_memory_type return value (expects it to be NULL in the error case, whereas it is actually an error pointer). NOTE: this is disputed by third parties because there are no realistic cases in which a user can cause the alloc_mem...

5.5CVSS5.1AI score0.00016EPSS
CVE
CVE
added 2023/06/28 10:15 p.m.58 views

CVE-2023-3359

An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference.

5.5CVSS5.1AI score0.00018EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2023-52750

In the Linux kernel, the following vulnerability has been resolved: arm64: Restrict CPU_BIG_ENDIAN to GNU as or LLVM IAS 15.x or newer Prior to LLVM 15.0.0, LLVM's integrated assembler would incorrectlybyte-swap NOP when compiling for big-endian, and the resulting series ofbytes happened to match t...

6.6AI score0.00025EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.58 views

CVE-2023-52792

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails Commit 5e42bcbc3fef ("cxl/region: decrement ->nr_targets on error incxl_region_attach()") tried to avoid 'eiw' initialization errors when->nr_targets ex...

6.6AI score0.00172EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.58 views

CVE-2023-52910

In the Linux kernel, the following vulnerability has been resolved: iommu/iova: Fix alloc iova overflows issue In __alloc_and_insert_iova_range, there is an issue that retry_pfnoverflows. The value of iovad->anchor.pfn_hi is ~0UL, then wheniovad->cached_node is iovad->anchor, curr_iova-&gt...

5.5CVSS6.6AI score0.00047EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.58 views

CVE-2023-52940

In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. Thisisn't true for the following scenario: CPU 1 CPU 2 clone()cgroup_can_fork()cgroup_procs_write()cgroup_post...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53038

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read() If kzalloc() fails in lpfc_sli4_cgn_params_read(), then we rely onlpfc_read_object()'s routine to NULL check pdata. Currently, an early return error is thrown from lpfc_rea...

6.6AI score0.00026EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53062

In the Linux kernel, the following vulnerability has been resolved: net: usb: smsc95xx: Limit packet length to skb->len Packet length retrieved from descriptor may be larger thanthe actual socket buffer length. In such case the clonedskb passed up the network stack will leak kernel memory conten...

6.6AI score0.00036EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53075

In the Linux kernel, the following vulnerability has been resolved: ftrace: Fix invalid address access in lookup_rec() when index is 0 KASAN reported follow problem: BUG: KASAN: use-after-free in lookup_recRead of size 8 at addr ffff000199270ff0 by task modprobeCPU: 2 Comm: modprobeCall trace:kasan...

6.6AI score0.00095EPSS
Total number of security vulnerabilities10926