Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52765

In the Linux kernel, the following vulnerability has been resolved: mfd: qcom-spmi-pmic: Fix revid implementation The Qualcomm SPMI PMIC revid implementation is broken in multiple ways. First, it assumes that just because the sibling base device has beenregistered that means that it is also bound t...

6.2CVSS7.5AI score0.00121EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52782

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Track xmit submission to PTP WQ after populating metadata map Ensure the skb is available in metadata mapping to skbs before tracking themetadata index for detecting undelivered CQEs. If the metadata index is putin the t...

5.5CVSS6.4AI score0.00121EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52792

In the Linux kernel, the following vulnerability has been resolved: cxl/region: Do not try to cleanup after cxl_region_setup_targets() fails Commit 5e42bcbc3fef ("cxl/region: decrement ->nr_targets on error incxl_region_attach()") tried to avoid 'eiw' initialization errors when->nr_targets ex...

6.6AI score0.00172EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52848

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to drop meta_inode's page cache in f2fs_put_super() syzbot reports a kernel bug as below: F2FS-fs (loop1): detect filesystem reference count leak during umount, type: 10, count: 1kernel BUG at fs/f2fs/super.c:1639!CPU: 0 ...

5.5CVSS6.5AI score0.0003EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.54 views

CVE-2023-52879

In the Linux kernel, the following vulnerability has been resolved: tracing: Have trace_event_file have ref counters The following can crash the kernel: cd /sys/kernel/tracing echo 'p:sched schedule' > kprobe_events exec 5>>events/kprobes/sched/enable > kprobe_events exec 5>&- The ab...

5.5CVSS6.3AI score0.00029EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.54 views

CVE-2023-52906

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mpls: Fix warning during failed attribute validation The 'TCA_MPLS_LABEL' attribute is of 'NLA_U32' type, but has avalidation type of 'NLA_VALIDATE_FUNCTION'. This is an invalidcombination according to the comment ab...

7.8CVSS6.3AI score0.00051EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.54 views

CVE-2023-52985

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: imx8mm-verdin: Do not power down eth-phy Currently if suspending using either freeze or memory state, the fecdriver tries to power down the phy which leads to crash of the kerneland non-responsible kernel with the follo...

6.5AI score0.00036EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.54 views

CVE-2023-53000

In the Linux kernel, the following vulnerability has been resolved: netlink: prevent potential spectre v1 gadgets Most netlink attributes are parsed and validated from__nla_validate_parse() or validate_nla() u16 type = nla_type(nla); if (type == 0 || type > maxtype) { /* error or continue */ } @...

6.4AI score0.00035EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.54 views

CVE-2023-53036

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix call trace warning and hang when removing amdgpu device On GPUs with RAS enabled, below call trace and hang are observed whenshutting down device. v2: use DRM device unplugged flag instead of shutdown flag as the ch...

6.6AI score0.00025EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.54 views

CVE-2023-53047

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix race condition in amdtee_open_session There is a potential race condition in amdtee_open_session that maylead to use-after-free. For instance, in amdtee_open_session() aftersess->sess_mask is set, and before set...

6.3AI score0.00027EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.54 views

CVE-2023-53059

In the Linux kernel, the following vulnerability has been resolved: platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl It is possible to peep kernel page's data by providing larger insizein struct cros_ec_command1 when invoking EC host commands. Fix it by using zeroed memory.

6.4AI score0.00036EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.54 views

CVE-2023-53110

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler() When performing a stress test on SMC-R by rmmod mlx5_ib driverduring the wrk/nginx test, we found that there is a probabilityof triggering a panic while terminating all link gro...

6.5AI score0.00027EPSS
CVE
CVE
added 2024/01/28 1:15 p.m.54 views

CVE-2023-6200

A race condition was found in the Linux Kernel. Under certain conditions, an unauthenticated attacker from an adjacent network could send an ICMPv6 router advertisement packet, causing arbitrary code execution.

7.5CVSS7.8AI score0.00772EPSS
CVE
CVE
added 2024/06/24 2:15 p.m.54 views

CVE-2024-33847

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: don't allow unaligned truncation on released compress inode f2fs image may be corrupted after below testcase: mkfs.f2fs -O extra_attr,compression -f /dev/vdb mount /dev/vdb /mnt/f2fs touch /mnt/f2fs/file f2fs_io set...

6.6AI score0.00097EPSS
CVE
CVE
added 2024/06/08 1:15 p.m.54 views

CVE-2024-36965

In the Linux kernel, the following vulnerability has been resolved: remoteproc: mediatek: Make sure IPI buffer fits in L2TCM The IPI buffer location is read from the firmware that we load to theSystem Companion Processor, and it's not granted that both the SRAM(L2TCM) size that is defined in the de...

5.5CVSS7.2AI score0.00013EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.54 views

CVE-2024-38547

In the Linux kernel, the following vulnerability has been resolved: media: atomisp: ssh_css: Fix a null-pointer dereference in load_video_binaries The allocation failure of mycs->yuv_scaler_binary in load_video_binaries()is followed with a dereference of mycs->yuv_scaler_binary after thefollo...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.54 views

CVE-2024-38566

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix verifier assumptions about socket->sk The verifier assumes that 'sk' field in 'struct socket' is validand non-NULL when 'socket' pointer itself is trusted and non-NULL.That may not be the case when socket was just creat...

6.4AI score0.00144EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.54 views

CVE-2024-38569

In the Linux kernel, the following vulnerability has been resolved: drivers/perf: hisi_pcie: Fix out-of-bound access when valid event group The perf tool allows users to create event groups through followingcmd [1], but the driver does not check whether the array index is out ofbounds when writing ...

7.8CVSS8.4AI score0.00027EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.54 views

CVE-2024-39465

In the Linux kernel, the following vulnerability has been resolved: media: mgb4: Fix double debugfs remove Fixes an error where debugfs_remove_recursive() is called first on a parentdirectory and then again on a child which causes a kernel panic. [hverkuil: added Fixes/Cc tags]

5.5CVSS6.9AI score0.00047EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.54 views

CVE-2024-39510

In the Linux kernel, the following vulnerability has been resolved: cachefiles: fix slab-use-after-free in cachefiles_ondemand_daemon_read() We got the following issue in a fuzz test of randomly issuing the restorecommand: ==================================================================BUG: KASAN...

7.8CVSS8.3AI score0.0005EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.54 views

CVE-2024-40918

In the Linux kernel, the following vulnerability has been resolved: parisc: Try to fix random segmentation faults in package builds PA-RISC systems with PA8800 and PA8900 processors have had problemswith random segmentation faults for many years. Systems with earlierprocessors are much more stable....

6.3AI score0.00085EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.54 views

CVE-2024-41003

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix reg_set_min_max corruption of fake_reg Juan reported that after doing some changes to buzzer [0] and implementinga new fuzzing strategy guided by coverage, they noticed the following inone of the probes: [...]13: (79) r6 =...

6.6AI score0.00036EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.54 views

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat() is flushing stats, which can sleep, in itsRCU read section (see 1 ). This is done in the workingset_test_recent()step (which checks if the folio's evict...

6.4AI score0.00103EPSS
CVE
CVE
added 2024/07/29 5:15 p.m.54 views

CVE-2024-42088

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai componentand rework codec link") removed the codec entry for the ETDM1_OUT_BEdai link entirely instea...

6.7AI score0.00103EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.54 views

CVE-2024-42113

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts When using MSI/INTx interrupts, wx->num_q_vectors is uninitialized.Thus there will be kernel panic in wx_alloc_q_vectors() to allocatequeue vectors.

6.4AI score0.00085EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.54 views

CVE-2024-42128

In the Linux kernel, the following vulnerability has been resolved: leds: an30259a: Use devm_mutex_init() for mutex initialization In this driver LEDs are registered using devm_led_classdev_register()so they are automatically unregistered after module's remove() is done.led_classdev_unregister() ca...

6.7AI score0.00116EPSS
CVE
CVE
added 2024/08/08 9:15 a.m.54 views

CVE-2024-42256

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix server re-repick on subrequest retry When a subrequest is marked for needing retry, netfs will callcifs_prepare_write() which will make cifs repick the server for the opbefore renegotiating credits; it then calls cifs_iss...

9.8CVSS6.7AI score0.0028EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.54 views

CVE-2024-42293

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Fix lockless walks with static and dynamic page-table folding Lina reports random oopsen originating from the fast GUP code when16K pages are used with 4-level page-tables, the fourth level beingfolded at runtime due to ...

6.4AI score0.00076EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.54 views

CVE-2024-42319

In the Linux kernel, the following vulnerability has been resolved: mailbox: mtk-cmdq: Move devm_mbox_controller_register() after devm_pm_runtime_enable() When mtk-cmdq unbinds, a WARN_ON message with conditionpm_runtime_get_sync()

6.4AI score0.00131EPSS
CVE
CVE
added 2024/09/11 4:15 p.m.54 views

CVE-2024-45013

In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd ("nvme: start keep-alive after admin queue setup")moves starting keep-alive from nvme_start_ctrl() intonvme_init_ctrl_finish(), but don't move stopping keep...

5.5CVSS5.9AI score0.00042EPSS
CVE
CVE
added 2024/09/11 4:15 p.m.54 views

CVE-2024-45019

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Take state lock during tx timeout reporter mlx5e_safe_reopen_channels() requires the state lock taken. Thereferenced changed in the Fixes tag removed the lock to fix anotherissue. This patch adds it back but at a later p...

5.5CVSS5.9AI score0.00047EPSS
CVE
CVE
added 2024/09/13 7:15 a.m.54 views

CVE-2024-46706

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: mark last busy before uart_add_one_port With "earlycon initcall_debug=1 loglevel=8" in bootargs, kernelsometimes boot hang. It is because normal console still is not ready,but runtime suspend is called, so ...

5.5CVSS6AI score0.00039EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.54 views

CVE-2024-46727

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add otg_master NULL check within resource_log_pipe_topology_update [Why]Coverity reports NULL_RETURN warning. [How]Add otg_master NULL check.

5.5CVSS6.1AI score0.00047EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.54 views

CVE-2024-46748

In the Linux kernel, the following vulnerability has been resolved: cachefiles: Set the max subreq size for cache writes to MAX_RW_COUNT Set the maximum size of a subrequest that writes to cachefiles to beMAX_RW_COUNT so that we don't overrun the maximum write we can make to thebacking filesystem.

6.5AI score0.00057EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.54 views

CVE-2024-46767

In the Linux kernel, the following vulnerability has been resolved: net: phy: Fix missing of_node_put() for leds The call of of_get_child_by_name() will cause refcount incrementedfor leds, if it succeeds, it should call of_node_put() to decreaseit, fix it.

6.6AI score0.00065EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.54 views

CVE-2024-46823

In the Linux kernel, the following vulnerability has been resolved: kunit/overflow: Fix UB in overflow_allocation_test The 'device_name' array doesn't exist out of the'overflow_allocation_test' function scope. However, it is being used asa driver name when calling 'kunit_driver_create' from'kunit_d...

5.5CVSS5.1AI score0.00082EPSS
CVE
CVE
added 2024/10/09 3:15 p.m.54 views

CVE-2024-47662

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Remove register from DCN35 DMCUB diagnostic collection [Why]These registers should not be read from driver and triggering thesecurity violation when DMCUB work times out and diagnostics arecollected blocks Z8 entry...

5.5CVSS5.2AI score0.00044EPSS
CVE
CVE
added 2024/10/21 1:15 p.m.54 views

CVE-2024-49854

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix uaf for accessing waker_bfqq after splitting After commit 42c306ed7233 ("block, bfq: don't break merge chain inbfq_split_bfqq()"), if the current procress is the last holder of bfqq,the bfqq can be freed after bfq_s...

7.8CVSS7.3AI score0.00045EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.54 views

CVE-2024-50020

In the Linux kernel, the following vulnerability has been resolved: ice: Fix improper handling of refcount in ice_sriov_set_msix_vec_count() This patch addresses an issue with improper reference count handling in theice_sriov_set_msix_vec_count() function. First, the function calls ice_get_vf_by_id...

5.5CVSS5.1AI score0.00034EPSS
CVE
CVE
added 2024/11/08 6:15 a.m.54 views

CVE-2024-50176

In the Linux kernel, the following vulnerability has been resolved: remoteproc: k3-r5: Fix error handling when power-up failed By simply bailing out, the driver was violating its rule and internalassumptions that either both or no rproc should be initialized. E.g.,this could cause the first core to...

5.5CVSS6.5AI score0.0003EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.54 views

CVE-2024-50253

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the validity of nr_words in bpf_iter_bits_new() Check the validity of nr_words in bpf_iter_bits_new(). Without thischeck, when multiplication overflow occurs for nr_bits (e.g., whennr_words = 0x0400-0001, nr_bits becomes...

5.5CVSS5.6AI score0.0003EPSS
CVE
CVE
added 2024/11/19 2:16 a.m.54 views

CVE-2024-50281

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: dcp: fix NULL dereference in AEAD crypto operation When sealing or unsealing a key blob we currently do not wait forthe AEAD cipher operation to finish and simply return after submittingthe request. If there is some ...

5.5CVSS5.3AI score0.00029EPSS
CVE
CVE
added 2024/11/19 2:16 a.m.54 views

CVE-2024-50286

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-use-after-free in ksmbd_smb2_session_create There is a race condition between ksmbd_smb2_session_create andksmbd_expire_session. This patch add missing sessions_table_lockwhile adding/deleting session from global se...

7.8CVSS6.6AI score0.00042EPSS
CVE
CVE
added 2024/12/02 2:15 p.m.54 views

CVE-2024-53109

In the Linux kernel, the following vulnerability has been resolved: nommu: pass NULL argument to vma_iter_prealloc() When deleting a vma entry from a maple tree, it has to pass NULL tovma_iter_prealloc() in order to calculate internal state of the tree, butit passed a wrong argument. As a result, n...

5.5CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2024/12/24 12:15 p.m.54 views

CVE-2024-53149

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS.Correct the condition in the pmic_glink_ucsi_connector_status()callback, fixing Type-C orientation repo...

4.6CVSS6.5AI score0.00054EPSS
CVE
CVE
added 2025/02/27 3:15 a.m.54 views

CVE-2024-54458

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: bsg: Set bsg_queue to NULL after removal Currently, this does not cause any issues, but I believe it is necessary toset bsg_queue to NULL after removing it to prevent potential use-after-free(UAF) access.

7.8CVSS5.4AI score0.00017EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.54 views

CVE-2024-56547

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8n_barrier_cbs=8 nocbs_nthreads=8 nocbs_toggle=100 onoff_interval=60test_boost=2, will trigger the following war...

6.5AI score0.00042EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.54 views

CVE-2024-56669

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache tags before disabling ATS The current implementation removes cache tags after disabling ATS,leading to potential memory leaks and kernel crashes. Specifically,CACHE_TAG_DEVTLB type cache tags may still rema...

7.8CVSS6.5AI score0.00035EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.54 views

CVE-2024-56676

In the Linux kernel, the following vulnerability has been resolved: thermal: testing: Initialize some variables annoteded with _free() Variables annotated with __free() need to be initialized if the functioncan return before they get updated for the first time or the attempt tofree the memory point...

6.5AI score0.0004EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.54 views

CVE-2024-58094

In the Linux kernel, the following vulnerability has been resolved: jfs: add check read-only before truncation in jfs_truncate_nolock() Added a check for "read-only" mode in the jfs_truncate_nolockfunction to avoid errors related to writing to a read-onlyfilesystem. Call stack: block_write_begin() ...

6.6AI score0.00029EPSS
Total number of security vulnerabilities10741