Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53096

In the Linux kernel, the following vulnerability has been resolved: interconnect: fix mem leak when freeing nodes The node link array is allocated when adding links to a node but is notdeallocated when nodes are destroyed.

6.5AI score0.00036EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53106

In the Linux kernel, the following vulnerability has been resolved: nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition This bug influences both st_nci_i2c_remove and st_nci_spi_remove.Take st_nci_i2c_remove as an example. In st_nci_i2c_probe, it called ndlc_probe and bound &nd...

6.6AI score0.00036EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.58 views

CVE-2023-53131

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a server shutdown leak Fix a race where kthread_stop() may prevent the threadfn from ever gettingcalled. If that happens the svc_rqst will not be cleaned up.

6.5AI score0.00027EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.58 views

CVE-2024-26729

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential null pointer dereference in dc_dmub_srv Fixes potential null pointer dereference warnings in thedc_dmub_srv_cmd_list_queue_execute() and dc_dmub_srv_is_hw_pwr_up()functions. In both functions, the 'dc...

5.5CVSS6.6AI score0.00083EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.58 views

CVE-2024-26755

In the Linux kernel, the following vulnerability has been resolved: md: Don't suspend the array for interrupted reshape md_start_sync() will suspend the array if there are spares that can beadded or removed from conf, however, if reshape is still in progress,this won't happen at all or data will be...

5.3CVSS5.2AI score0.00156EPSS
CVE
CVE
added 2024/05/17 12:15 p.m.58 views

CVE-2024-27409

In the Linux kernel, the following vulnerability has been resolved: dmaengine: dw-edma: HDMA: Add sync read before starting the DMA transfer in remote setup The Linked list element and pointer are not stored in the same memory asthe HDMA controller register. If the doorbell register is toggled befo...

6.5AI score0.00044EPSS
CVE
CVE
added 2024/06/21 11:15 a.m.58 views

CVE-2024-36281

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use mlx5_ipsec_rx_status_destroy to correctly delete status rules rx_create no longer allocates a modify_hdr instance that needs to becleaned up. The mlx5_modify_header_dealloc call will lead to a NULL pointerdereference....

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.58 views

CVE-2024-38574

In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpf_objec_load_prog(), there's no guarantee that obj->btf is non-NULLwhen passing it to btf__fd(), and this function does not perform anycheck before deref...

5.5CVSS6.5AI score0.00027EPSS
CVE
CVE
added 2024/06/21 11:15 a.m.58 views

CVE-2024-38622

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpu_core_irq_callback_handler() callback function pointer is compared to NULL,but then callback function is unconditionally called by this pointer.Fix this bug by ...

6.6AI score0.0004EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.58 views

CVE-2024-40938

In the Linux kernel, the following vulnerability has been resolved: landlock: Fix d_parent walk The WARN_ON_ONCE() in collect_domain_accesses() can be triggered whentrying to link a root mount point. This cannot work in practice becausethis directory is mounted, but the VFS check is done after the ...

6.4AI score0.00033EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.58 views

CVE-2024-40993

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix suspicious rcu_dereference_protected() When destroying all sets, we are either in pernet exit phase orare executing a "destroy all sets command" from userspace. The latterwas taken into account in ip_set_deref...

6.5AI score0.00116EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.58 views

CVE-2024-40996

In the Linux kernel, the following vulnerability has been resolved: bpf: Avoid splat in pskb_pull_reason syzkaller builds (CONFIG_DEBUG_NET=y) frequently trigger a debughint in pskb_may_pull. We'd like to retain this debug check because it might hint at integeroverflows and other issues (kernel cod...

7.8CVSS8.4AI score0.00025EPSS
CVE
CVE
added 2024/07/18 7:15 a.m.58 views

CVE-2024-41011

In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We don't get the right offset in that case. The GPU hasan unused 4K area of the register BAR space into which you canremap registers. We remap the HDP flush registe...

7.8CVSS8.1AI score0.00048EPSS
CVE
CVE
added 2025/01/11 1:15 p.m.58 views

CVE-2024-41149

In the Linux kernel, the following vulnerability has been resolved: block: avoid to reuse hctx not removed from cpuhp callback list If the 'hctx' isn't removed from cpuhp callback list, we can't reuse it,otherwise use-after-free may be triggered.

7.8CVSS6.6AI score0.00029EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.58 views

CVE-2024-42118

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Do not return negative stream id for array [WHY]resource_stream_to_stream_idx returns an array index and it return -1when not found; however, -1 is not a valid array index number. [HOW]When this happens, call ASSER...

6.6AI score0.00103EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42260

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Validate passed in drm syncobj handles in the performance extension If userspace provides an unknown or invalid handle anywhere in the handlearray the rest of the driver will not handle that well. Fix it by checking handle...

6.6AI score0.00057EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to beemptied in the interrupt handler. A subsequent transfer could thenread crap from the pr...

6.5AI score0.00085EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.58 views

CVE-2024-42293

In the Linux kernel, the following vulnerability has been resolved: arm64: mm: Fix lockless walks with static and dynamic page-table folding Lina reports random oopsen originating from the fast GUP code when16K pages are used with 4-level page-tables, the fourth level beingfolded at runtime due to ...

6.4AI score0.00076EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.58 views

CVE-2024-43845

In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updatingchecksum of '..' directory entry of a moved directory. This is indeedtrue as we pass on-stack diriter.fi to...

3.3CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2024/08/26 11:15 a.m.58 views

CVE-2024-43887

In the Linux kernel, the following vulnerability has been resolved: net/tcp: Disable TCP-AO static key after RCU grace period The lifetime of TCP-AO static_key is the same as the lasttcp_ao_info. On the socket destruction tcp_ao_info ceases to bewith RCU grace period, while tcp-ao static branch is ...

4.7CVSS6.6AI score0.00035EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.58 views

CVE-2024-44966

In the Linux kernel, the following vulnerability has been resolved: binfmt_flat: Fix corruption when not offsetting data start Commit 04d82a6d0881 ("binfmt_flat: allow not offsetting data start")introduced a RISC-V specific variant of the FLAT format which doesnot allocate any space for the (obsole...

5.5CVSS6.9AI score0.00048EPSS
CVE
CVE
added 2024/09/11 4:15 p.m.58 views

CVE-2024-45013

In the Linux kernel, the following vulnerability has been resolved: nvme: move stopping keep-alive into nvme_uninit_ctrl() Commit 4733b65d82bd ("nvme: start keep-alive after admin queue setup")moves starting keep-alive from nvme_start_ctrl() intonvme_init_ctrl_finish(), but don't move stopping keep...

5.5CVSS5.9AI score0.00042EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.58 views

CVE-2024-46788

In the Linux kernel, the following vulnerability has been resolved: tracing/osnoise: Use a cpumask to know what threads are kthreads The start_kthread() and stop_thread() code was not always called with theinterface_lock held. This means that the kthread variable could beunexpectedly changed causin...

5.5CVSS5.2AI score0.0003EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.58 views

CVE-2024-46808

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add missing NULL pointer check within dpcd_extend_address_range [Why & How]ASSERT if return NULL from kcalloc.

5.5CVSS5.2AI score0.00086EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.58 views

CVE-2024-46833

In the Linux kernel, the following vulnerability has been resolved: net: hns3: void array out of bound when loop tnl_num When query reg inf of SSU, it loops tnl_num times. However, tnl_num comesfrom hardware and the length of array is a fixed value. To void array outof bound, make sure the loop tim...

7.8CVSS7.4AI score0.00049EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.58 views

CVE-2024-47683

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip Recompute DSC Params if no Stream on Link [why]Encounter NULL pointer dereference uner mst + dsc setup. BUG: kernel NULL pointer dereference, address: 0000000000000008PGD 0 P4D 0Oops: 0000 [#1] PREEMPT SMP NOP...

5.5CVSS5.1AI score0.00047EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.58 views

CVE-2024-50034

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix lacks of icsk_syn_mss with IPPROTO_SMC Eric report a panic on IPPROTO_SMC, and give the factsthat when INET_PROTOSW_ICSK was set, icsk->icsk_sync_mss must be set too. Bug: Unable to handle kernel NULL pointer derefe...

5.5CVSS5.1AI score0.00036EPSS
CVE
CVE
added 2024/11/19 6:15 p.m.58 views

CVE-2024-53073

In the Linux kernel, the following vulnerability has been resolved: NFSD: Never decrement pending_async_copies on error The error flow in nfsd4_copy() calls cleanup_async_copy(), whichalready decrements nn->pending_async_copies.

5.5CVSS6.5AI score0.00046EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.58 views

CVE-2024-53238

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btmtk: adjust the position to init iso data anchor MediaTek iso data anchor init should be moved to where MediaTekclaims iso data interface.If there is an unexpected BT usb disconnect during setup flow,it will cause a NU...

5.5CVSS6.9AI score0.00023EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.58 views

CVE-2024-56534

In the Linux kernel, the following vulnerability has been resolved: isofs: avoid memory leak in iocharset A memleak was found as below: unreferenced object 0xffff0000d10164d8 (size 8):comm "pool-udisksd", pid 108217, jiffies 4295408555hex dump (first 8 bytes):75 74 66 38 00 cc cc cc utf8....backtra...

5.5CVSS6.4AI score0.00023EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.58 views

CVE-2024-56618

In the Linux kernel, the following vulnerability has been resolved: pmdomain: imx: gpcv2: Adjust delay after power up handshake The udelay(5) is not enough, sometimes below kernel panicstill be triggered: [ 4.012973] Kernel panic - not syncing: Asynchronous SError Interrupt[ 4.012976] CPU: 2 UID: 0...

5.5CVSS6.3AI score0.00028EPSS
CVE
CVE
added 2025/01/19 11:15 a.m.58 views

CVE-2025-21644

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix tlb invalidation when wedging If GuC fails to load, the driver wedges, but in the process it tries todo stuff that may not be initialized yet. This moves thexe_gt_tlb_invalidation_init() to be done earlier: as its own d...

5.5CVSS6.3AI score0.00028EPSS
CVE
CVE
added 2025/02/27 8:16 p.m.58 views

CVE-2025-21798

In the Linux kernel, the following vulnerability has been resolved: firewire: test: Fix potential null dereference in firewire kunit test kunit_kzalloc() may return a NULL pointer, dereferencing it withoutNULL check may lead to NULL dereference.Add a NULL check for test_state.

5.5CVSS6.5AI score0.00022EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.58 views

CVE-2025-21955

In the Linux kernel, the following vulnerability has been resolved: ksmbd: prevent connection release during oplock break notification ksmbd_work could be freed when after connection release.Increment r_count of ksmbd_conn to indicate that requestsare not finished yet and to not release the connect...

7.1AI score0.00034EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.58 views

CVE-2025-21973

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_opsare called. The bnxt_get_queue_stats{rx | tx} collect per-queue statsfrom sw_stats in the rings.Bu...

6.8AI score0.00032EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.58 views

CVE-2025-22047

In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix __apply_microcode_amd()'s return value When verify_sha256_digest() fails, __apply_microcode_amd() should propagatethe failure by returning false (and not -1 which is promoted to true).

6.5AI score0.00035EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.58 views

CVE-2025-22061

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airoha_tc_get_htb_get_leaf_queue() Fix the following kernel warning deleting HTB offloaded leafs and/or rootHTB qdisc in airoha_eth driver properly reporting qid inairoha_tc_get_htb_get_leaf_queue rou...

6.5AI score0.00044EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.58 views

CVE-2025-37869

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Use local fence in error path of xe_migrate_clear The intent of the error path in xe_migrate_clear is to wait on locallygenerated fence and then return. The code is waiting on m->fence whichcould be the local fence but t...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.58 views

CVE-2025-37937

In the Linux kernel, the following vulnerability has been resolved: objtool, media: dib8000: Prevent divide-by-zero in dib8000_set_dds() If dib8000_set_dds()'s call to dib8000_read32() returns zero, the resultis a divide-by-zero. Prevent that from happening. Fixes the following warning with an UBSA...

6.4AI score0.00049EPSS
CVE
CVE
added 2025/05/20 6:15 p.m.58 views

CVE-2025-37989

In the Linux kernel, the following vulnerability has been resolved: net: phy: leds: fix memory leak A network restart test on a router led to an out-of-memory condition,which was traced to a memory leak in the PHY LED trigger code. The root cause is misuse of the devm API. The registration function...

6.5AI score0.00036EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.57 views

CVE-2001-0316

Linux kernel 2.4 and 2.2 allows local users to read kernel memory and possibly gain privileges via a negative argument to the sysctl call.

4.6CVSS5.4AI score0.00274EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.57 views

CVE-2002-0060

IRC connection tracking helper module in the netfilter subsystem for Linux 2.4.18-pre9 and earlier does not properly set the mask for conntrack expectations for incoming DCC connections, which could allow remote attackers to bypass intended firewall restrictions.

7.5CVSS6.7AI score0.03326EPSS
CVE
CVE
added 2003/08/07 4:0 a.m.57 views

CVE-2003-0501

The /proc filesystem in Linux allows local users to obtain sensitive information by opening various entries in /proc/self before executing a setuid program, which causes the program to fail to change the ownership and permissions of those entries.

2.1CVSS5.4AI score0.00223EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.57 views

CVE-2005-2457

The driver for compressed ISO file systems (zisofs) in the Linux kernel before 2.6.12.5 allows local users and remote attackers to cause a denial of service (kernel crash) via a crafted compressed ISO file system.

5CVSS5.2AI score0.04853EPSS
CVE
CVE
added 2005/08/12 4:0 a.m.57 views

CVE-2005-2548

vlan_dev.c in the VLAN code for Linux kernel 2.6.8 allows remote attackers to cause a denial of service (kernel oops from null dereference) via certain UDP packets that lead to a function call with the wrong argument, as demonstrated using snmpwalk on snmpd.

5CVSS6.2AI score0.01836EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.57 views

CVE-2005-3106

Race condition in Linux 2.6, when threads are sharing memory mapping via CLONE_VM (such as linuxthreads and vfork), might allow local users to cause a denial of service (deadlock) by triggering a core dump while waiting for a thread that has just performed an exec.

4.7CVSS4.8AI score0.00078EPSS
CVE
CVE
added 2005/09/30 10:5 a.m.57 views

CVE-2005-3107

fs/exec.c in Linux 2.6, when one thread is tracing another thread that shares the same memory map, might allow local users to cause a denial of service (deadlock) by forcing a core dump when the traced thread is in the TASK_TRACED state.

2.1CVSS5.5AI score0.00091EPSS
CVE
CVE
added 2006/01/31 7:3 p.m.57 views

CVE-2006-0482

Linux kernel 2.6.15.1 and earlier, when running on SPARC architectures, allows local users to cause a denial of service (hang) via a "date -s" command, which causes invalid sign extended arguments to be provided to the get_compat_timespec function call.

2.1CVSS5.1AI score0.00066EPSS
CVE
CVE
added 2006/05/18 7:6 p.m.57 views

CVE-2006-1855

choose_new_parent in Linux kernel before 2.6.11.12 includes certain debugging code, which allows local users to cause a denial of service (panic) by causing certain circumstances involving termination of a parent process.

2.1CVSS6.9AI score0.00089EPSS
CVE
CVE
added 2006/04/27 5:6 p.m.57 views

CVE-2006-2071

Linux kernel 2.4.x and 2.6.x up to 2.6.16 allows local users to bypass IPC permissions and modify a readonly attachment of shared memory by using mprotect to give write permission to the attachment. NOTE: some original raw sources combined this issue with CVE-2006-1524, but they are different bugs.

2.1CVSS7.2AI score0.00107EPSS
Total number of security vulnerabilities10926