Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2024/05/22 6:19 a.m.85 views

CVE-2021-47439

The CVE-2021-47439 issue concerns the Linux kernel’s net: dsa: microchip ksz driver. Root cause: during rmmod, ksz_switch_remove unregisters a switch while a non-zero mib_interval can cause ksz_mac_link_down to reschedule mib_read_work, leading to a null pointer access to dp->slave after unreg...

5.5CVSS6.9AI score0.00225EPSS
CVE
CVE
added 2024/05/22 6:19 a.m.85 views

CVE-2021-47440

CVE-2021-47440 refers to a Linux kernel issue in the encx24j600 driver where devm_regmap_init_encx24j600 could return an error (e.g., out of memory) and later dereference a null register cache pointer. The resolved description in the CVE notes that this could cause a null pointer dereference duri...

2.3CVSS5.9AI score0.00215EPSS
CVE
CVE
added 2024/05/22 8:19 a.m.85 views

CVE-2021-47481

CVE-2021-47481 concerns the Linux kernel RDMA mlx5 path. The connected sources confirm a concrete flaw where the ODP xarray was not initialized when creating an ODP MR, allowing an out-of-bounds/invalid access that triggers a crash (page fault) due to reg_create() setting a desc_size. The fix des...

5.5CVSS6.5AI score0.0018EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.85 views

CVE-2021-47535

CVE-2021-47535 concerns the Linux kernel DRM MSM A6XX driver. The issue arises in a6xx_get_gmu_registers() where three sets of GMU registers are read but the allocation for the array wasn’t updated, triggering a KASAN slab-out-of-bounds write (Write of size 8) in _a6xx_get_gmu_registers. Public n...

6.2CVSS6.5AI score0.00234EPSS
CVE
CVE
added 2024/05/24 3:12 p.m.85 views

CVE-2021-47562

Summary (CVE-2021-47562) : In Linux kernel ice driver, a mismatch in XDP/Rx/Tx queue sizing caused by vsi->txq_map being sized to the doubled vsi->alloc_txq could trigger a kernel NULL pointer dereference when ethtool -L configures XDP rings and Rx/Tx counts differ. The root cause is the tx...

5.5CVSS6.3AI score0.0021EPSS
CVE
CVE
added 2024/06/19 2:53 p.m.85 views

CVE-2021-47585

CVE-2021-47585 concerns a memory leak in the Linux kernel's btrfs __add_inode_ref path. The issue arises from allocating victim_name with kmalloc at two points (lines 1104 and 1169) and returning from the function without freeing the previously allocated memory when backref_in_log() returns an er...

5.5CVSS7AI score0.0025EPSS
CVE
CVE
added 2024/06/19 2:53 p.m.85 views

CVE-2021-47588

CVE-2021-47588 relates to the Linux kernel SIT (IPv6 over SIT) vulnerability. The issue arises from sit_init_net calling ipip6_dev_free(), which is the sit dev->priv_destructor already freed by register_netdevice() if something goes wrong, risking a double-free path. The available connected ad...

5.5CVSS6.5AI score0.00253EPSS
CVE
CVE
added 2024/04/28 1:0 p.m.85 views

CVE-2022-48645

CVE-2022-48645 – Linux kernel ENETC offload: The TSN features (taprio, cbs, gate, police) could be configured via PF registers but were not intended to be accessible from VFs. Accessing VF-exposed registers could trigger kernel paging faults and a crash. The fix split enetc_setup_tc() into separa...

5.5CVSS6.7AI score0.00225EPSS
CVE
CVE
added 2024/04/28 1:1 p.m.85 views

CVE-2022-48657

CVE-2022-48657 is a Linux kernel vulnerability affecting the arm64 topology code. The root cause is an overflow risk in amu_fie_setup due to cpufreq_get_hw_max_freq() returning the max frequency in kHz as an unsigned int, while freq_inv_set_max_ratio() expects that value in Hz as a 64-bit type. M...

7.8CVSS6.8AI score0.00248EPSS
CVE
CVE
added 2024/04/28 1:1 p.m.85 views

CVE-2022-48668

CVE-2022-48668 relates to the Linux kernel SMB3 implementation. The issue was that collapse range did not discard the affected cached region, risking temporary data corruption of the file during operations (as observed in xfstest generic/031). The fix stabilizes collapse range behavior and also i...

3.3CVSS6.4AI score0.00195EPSS
CVE
CVE
added 2024/05/03 2:52 p.m.85 views

CVE-2022-48675

CVE-2022-48675 is a Linux kernel issue in IB/core involving a nested deadlock between exiting mmap (exit_mmap/__mmu_notifier_release) and a mutex held during ib_umem_odp_map_dma_and_lock. The root cause is a potential deadlock when mmput() is called while umem_mutex is held, triggering a lock in ...

5.5CVSS6.4AI score0.00178EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.85 views

CVE-2022-48732

The CVE-2022-48732 issue affects the Linux kernel’s DRM Nouveau component, caused by an off-by-one error in BIOS boundary parsing of embedded init scripts. This bounds-checking flaw can reject access to the last byte, causing driver initialization to fail on Apple eMac systems with GeForce 2 MX G...

7.8CVSS8.3AI score0.00235EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.85 views

CVE-2022-48734

CVE-2022-48734 affects the Linux kernel in the btrfs subsystem. The issue is a deadlock caused by quota disable interactions with the qgroup rescan worker and other transactions (e.g., block group relocation) when quota is disabled. The described sequence involves Task A starting a transaction an...

5.5CVSS7.2AI score0.00178EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.85 views

CVE-2022-48740

CVE-2022-48740 refers to a Linux kernel vulnerability where on error paths from cond_read_list() and duplicate_policydb_cond_list(), cond_list_destroy() could be called twice, causing a NULL pointer dereference. The fix zeroes cond_list_len in cond_list_destroy() and sets cond_list to NULL after ...

7.8CVSS8.3AI score0.00245EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.85 views

CVE-2022-48752

CVE-2022-48752 affects the Linux kernel on PowerPC power_pmu_disable handling. The fix (commit 2c9ac51b850d) calls clear_pmi_irq_pending only if PMI is pending to avoid clearing PMI when an overflown PMC is detected, addressing a PMI/PMC race in power_pmu_disable triggered under CONFIG_PPC_IRQ_SO...

5.5CVSS6.6AI score0.0021EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.85 views

CVE-2022-48806

The CVE-2022-48806 issue is confirmed in the Linux kernel under ee1004 EEPROM reads. The root cause was that ee1004_eeprom_read() could read more than the i2c block data limit because i2c_smbus_read_i2c_block_data_or_emulated() uses an unsigned 8-bit length; if the requested read spanned a 256-by...

5.5CVSS6.4AI score0.00281EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.85 views

CVE-2022-49062

The CVE-2022-49062 issue affects the Linux kernel component cachefiles, specifically a KASAN slab-out-of-bounds in cachefiles_set_volume_xattr. The bug arose when the code did not use the actual length of volume coherency data while setting the xattr, leading to an out-of-bounds write (noted in K...

7.8CVSS5.1AI score0.00241EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.85 views

CVE-2022-49082

CVE-2022-49082 in the Linux kernel: a use-after-free in mpt3sas during _scsih_expander_node_remove() was caused by freeing the port field via mpt3sas_transport_port_remove(), leading to a use-after-free when ioc_info() runs (e.g., during rmmod). The fix adds a local variable port_id to capture th...

7.8CVSS5.5AI score0.00237EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.85 views

CVE-2022-49149

The CVE-2022-49149 issue concerns the Linux kernel’s rxrpc timer race: a timer in the rxrpc_call structure can be started from packet input paths running under softirq with only the RCU read lock held. This allowed a call to be destroyed concurrently with timer start, potentially restarting a tim...

4.7CVSS5.3AI score0.00165EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.85 views

CVE-2022-49170

CVE-2022-49170 concerns the F2FS implementation in the Linux kernel. The root cause was a missing sanity check on curseg->alloc_type, which could widen an array-bounds access of sbi->block_count[] (UBSAN: array-index-out-of-bounds) when mounting/operating a corrupted image. The issue manife...

7.8CVSS5.2AI score0.00259EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.85 views

CVE-2022-49208

CVE-2022-49208 : Linux kernel RDMA/irdma vulnerability where an integer underflow may occur in irdma_sc_ceq_init() when subtracting info->dev->hmc_fpm_misc.max_ceqs. This value may come from firmware (irdma_sc_parse_fpm_query_buf()) and could be zero, enabling a potential underflow. The iss...

5.5CVSS5.4AI score0.00252EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.85 views

CVE-2022-49239

CVE-2022-49239 : The Linux kernel ASoC codecs wcd934x path is fixed by addressing a missing of_node_put() after of_parse_phandle() returned a device_node with an incremented refcount. The bug resembles a leaked reference fix in a related commit. The connected advisories (Astra Linux, SUSE, Nessus...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.85 views

CVE-2022-49249

Summary (CVE-2022-49249) In the Linux kernel, the ASoC codecs WC938X path was fixed to prevent array out-of-bounds when an enum is treated as an int. The root cause was using integers to index an enum, which could access memory beyond the array on platforms like aarch64 (where long is 8 bytes whi...

7.1CVSS6.5AI score0.00259EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.85 views

CVE-2022-49261

CVE-2022-49261 affects the Linux kernel’s drm/i915/gem subsystem, where a missing boundary check in vm_access allows an out-of-bounds read/write via an unvalidated len before memcpy, potentially triggering a kernel page fault. The issue is illustrated by an access path that hits memcopy_erms and ...

7.8CVSS5.2AI score0.00276EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.85 views

CVE-2022-49266

CVE-2022-49266 (Linux kernel) : The vulnerability arises in the block layer where the patch that prevents calling rq_qos_done_bio() for untracked bios caused blk-iocost to mis-handle merged bios, leaving them “in-flight.” The fix adds a new flag BIO_QOS_MERGED to mark merged bios and ensures rq_q...

5.5CVSS5.5AI score0.00273EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.85 views

CVE-2022-49369

CVE-2022-49369 concerns a memory leak in the Linux kernel’s amt_rcv() path: when an amt packet is received and no matching socket is found, the received skb is not freed, potentially leaking memory. The issue is described as resolved in the kernel; connected docs reference patches addressing the ...

5.5CVSS5.5AI score0.00243EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.85 views

CVE-2022-49459

Mode C: CVE-2022-49459 affects the Linux kernel (notably kernel 5.10/5.15 in Astra Linux) with a NULL-dereference risk in sr_thermal_probe due to platform_get_resource() possibly returning NULL. The vulnerability stems from insufficient NULL checks, and a fix adds a proper NULL check to prevent d...

5.5CVSS5.4AI score0.00253EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.85 views

CVE-2022-49463

CVE-2022-49463 refers to a Linux kernel issue where thermal/drivers/imx_sc_thermal_probe could leak a device tree node reference. The root cause is that of_find_node_by_name() returns a node pointer with refcount incremented and was not paired with a corresponding of_node_put() when done, causing...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.85 views

CVE-2022-49483

CVE-2022-49483 affects the Linux kernel code path for DRM MSM Display (drm/msm/disp/dpu1). The issue is a NULL pointer dereference that can occur when uninitializing DRM, specifically if hw_intr is NULL and the driver clears interrupts during drm uninit or during probe/bind failure paths, leading...

5.5CVSS5.3AI score0.00243EPSS
CVE
CVE
added 2025/03/27 4:42 p.m.85 views

CVE-2022-49742

The CVE-2022-49742 issue affects the Linux kernel’s f2fs code. It describes a lock initialization order problem where spin_lock(&sbi->error_lock) is taken before spin_lock_init() is called, flagging a lockdep warning in f2fs_handle_error(). The recommended remediation is to initialize locks (a...

5.5CVSS6.5AI score0.00114EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.85 views

CVE-2022-49777

CVE-2022-49777 affects the Linux kernel where a leaking of the i8042 platform device could occur on module removal. The fix prevents resetting the module-wide i8042_platform_device pointer in i8042_probe() or i8042_remove(), so the device can be properly destroyed by i8042_exit() during module un...

5.5CVSS6.6AI score0.00184EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.85 views

CVE-2022-49802

CVE-2022-49802 affects the Linux kernel ftrace: a NULL pointer dereference can occur in ftrace_add_mod() when ftrace_mod was not initialized as a list head. The issue arises because kzalloc() can leave list pointers NULL and code may call list_del() on an uninitialized entry, triggering an Oops a...

5.5CVSS6.4AI score0.0019EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.85 views

CVE-2022-49811

In CVE-2022-49811, the Linux kernel’s DRBD subsystem is affected by a use-after-free in drbd_create_device(), caused when the drbd_destroy_connection() frees the underlying connection while it may still be referenced. The connected documents confirm the fix is to use the safe() iterator to preven...

7.8CVSS6.6AI score0.00194EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.85 views

CVE-2022-49813

In CVE-2022-49813, the vulnerability is in the Linux kernel ena driver. The root cause is in ena_init() where the workqueue created by create_singlethread_workqueue() is not destroyed if pci_register_driver() fails, causing a resource leak. The fix adds a call to destroy_workqueue() on pci_regist...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.85 views

CVE-2022-49835

CVE-2022-49835 relates to the Linux kernel ALSA: hda subsystem where memory leaks could occur in add_widget_node due to how kobject_add allocates kobject->name and may not free the kobject on error. The root cause is failure to recycle resources when kobject_add fails, leading to a potential m...

5.5CVSS6.6AI score0.00166EPSS
CVE
CVE
added 2025/06/18 10:54 a.m.85 views

CVE-2022-49934

The CVE-2022-49934 vulnerability affects the Linux kernel’s wifi stack (mac80211) where UAF can occur in ieee80211_scan_rx() after the null check due to race with __ieee80211_scan_completed() and cfg80211_scan_done() freeing scan_req. The issue is mitigated by a fix in the kernel that prevents ac...

7.8CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.85 views

CVE-2022-50008

CVE-2022-50008 affects the Linux kernel kprobes subsystem. The issue arises when __disable_kprobe() and its call to disarm_kprobe() interact with a probe that has already been disarmed, triggering WARN_ONCE() and leading to incomplete cleanup. This can cause an infinite loop in tk->rp.kp.list ...

5.5CVSS6.7AI score0.00208EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.85 views

CVE-2022-50028

CVE-2022-50028 concerns the Linux kernel gadgetfs subsystem. The issue arises in gadgetfs: ep_io where, after usb_ep_queue(), if wait_for_completion_interruptible() is interrupted, the kernel must wait for the IRQ to finish; otherwise complete() called from epio_complete() can corrupt the stack. ...

5.5CVSS6.5AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.85 views

CVE-2022-50111

CVE-2022-50111 concerns a Linux kernel issue in the ASoC mt6359 driver where a refcount leak occurs. The root cause is that in mt6359_parse_dt() and mt6359_accdet_parse_dt(), a reference returned by of_get_child_by_name() is not balanced with of_node_put(), leaving a leaked reference. The availab...

5.5CVSS6.6AI score0.00202EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.85 views

CVE-2022-50120

The CVE-2022-50120 issue in the Linux kernel’s remoteproc driver (imx_rproc) is documented in multiple sources. It concerns a refcount leak in imx_rproc_addr_init caused by of_parse_phandle() returning a node pointer with an incremented refcount; the fix is to call of_node_put() on it when it is ...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.85 views

CVE-2022-50131

CVE-2022-50131 : In the Linux kernel HID MCP2221 driver, the function mcp_smbus_write() could overflow a destination buffer because the length (0–255) was derived from user data without a proper bound check on the write buffer. The Smatch warnings show &mcp->txbuf[5] and buf being too small fo...

7.8CVSS7AI score0.00187EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.85 views

CVE-2022-50149

CVE-2022-50149 : Linux kernel driver core vulnerability in __driver_attach where async probing could deadlock with dev locks. Reproduced when async probes are allowed but memory/work limits force synchronous execution, causing ABBA-style deadlock with __driver_attach_async_helper holding device l...

5.5CVSS6.8AI score0.00122EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.85 views

CVE-2022-50152

CVE-2022-50152 is resolved in the Linux kernel via a fix for usb: ohci-nxp: refcount leak in ohci_hcd_nxp_probe. The issue arises because of_parse_phandle() returns a node pointer with an incremented refcount and lacks a corresponding of_node_put() when the node is no longer needed. The patch add...

5.5CVSS6.4AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.85 views

CVE-2022-50157

CVE-2022-50157 affects the Linux kernel PCI subsystem (PCI: microchip: Fix refcount leak in mc_pcie_init_irq_domains). The issue arises because of_get_next_child() returns a node pointer with the refcount incremented, and mc_pcie_init_irq_domains() fails to call of_node_put() in some error paths,...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:4 a.m.85 views

CVE-2022-50229

CVE-2022-50229 is a Linux kernel vulnerability in the ALSA bcd2000 driver. The issue is a use-after-free (UAF) bug that occurs on the error path during probing: when snd_card_register() fails, the driver frees midi_out_urb before it is killed, enabling a UAF condition. The observed log pattern me...

7.8CVSS6.5AI score0.00204EPSS
CVE
CVE
added 2023/06/28 11:8 a.m.85 views

CVE-2023-1295

CVE-2023-1295 describes a time-of-check to time-of-use issue in the Linux kernel io_uring IORING_OP_CLOSE path, affecting kernels 5.6–5.11 (inclusive). The flaw, a local privilege escalation, is introduced by the commit b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb and patched in 9eac1904d3364254d622b...

7.8CVSS6.8AI score0.00218EPSS
CVE
CVE
added 2023/03/01 12:0 a.m.85 views

CVE-2023-23005

The CVE-2023-23005 issue affects the Linux kernel prior to 6.2. It occurs in mm/memory-tiers.c where alloc_memory_type is misinterpreted (treating an error pointer as NULL in the error case), potentially enabling an availability impact. The root cause is the incorrect handling of the alloc_memory...

5.5CVSS5.1AI score0.00268EPSS
CVE
CVE
added 2024/03/02 9:59 p.m.85 views

CVE-2023-52559

CVE-2023-52559 concerns the Linux kernel iommu/vt-d suspension path. The issue arises because iommu_suspend() is called with IRQs disabled and memory could be allocated with GFP_KERNEL during the suspend callback, potentially re-enabling IRQs and causing intermittent suspend/hibernate problems. O...

5.5CVSS6.2AI score0.00224EPSS
CVE
CVE
added 2024/05/21 3:30 p.m.85 views

CVE-2023-52750

The CVE-2023-52750 entry concerns the Linux kernel on arm64 where CPU_BIG_ENDIAN must be restricted to using a trusted assembler (GNU as or LLVM IAS 15.x or newer). Before LLVM 15, LLVM’s integrated assembler could byte-swap NOPs for big-endian targets, causing a sequence of bytes that matched th...

5.5CVSS6.6AI score0.0024EPSS
CVE
CVE
added 2024/05/21 3:30 p.m.85 views

CVE-2023-52761

CVE-2023-52761 : In the Linux kernel, the riscv VMAP_STACK overflow detection patch (commit 31da94c25aea) adds CONFIG_VMAP_STACK support and fixes a race where two CPUs could overflow the kernel stack and corrupt each other. The changes introduce a per-CPU overflow stack lookup (via an asm macro)...

5.5CVSS6.9AI score0.00254EPSS
Total number of security vulnerabilities14330