Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
LinuxLinux Kernel

10741 matches found

CVE
CVEadded 2024/07/16 12:15 p.m.53 views

CVE-2022-48818

In the Linux kernel, the following vulnerability has been resolved: net: dsa: mv88e6xxx: don't use devres for mdiobus As explained in commits:74b6d7d13307 ("net: dsa: realtek: register the MDIO bus under devres")5135e96a3dd2 ("net: dsa: don't allocate the slave_mii_bus using devres") mdiobus_free()...

6.5AI score0.00065EPSS
CVE
CVEadded 2024/07/16 12:15 p.m.53 views

CVE-2022-48821

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back to userland fails for the FASTRPC_IOCTL_ALLOC_DMA_BUFFioctl(), we shouldn't assume that 'buf->dmabuf' is still valid. In fact,dma_buf_fd() called fd_install(...

6.7AI score0.00078EPSS
CVE
CVEadded 2024/07/16 12:15 p.m.53 views

CVE-2022-48832

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 open_how::flags As reported by Jeff, dereferencing the openat2 syscall argument inaudit_match_perm() to obtain the open_how::flags can result in anoops/page-fault. This ...

6.3AI score0.00057EPSS
CVE
CVEadded 2024/08/21 7:15 a.m.53 views

CVE-2022-48877

In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extent_tree is not created This patch avoids the below panic. pc : __lookup_extent_tree+0xd8/0x760lr : f2fs_do_write_data_page+0x104/0x87csp : ffffffc010cbb3c0x29: ffffffc010cbb3e0 x28: 0000000000000000x2...

5.5CVSS6.6AI score0.00048EPSS
CVE
CVEadded 2024/08/21 7:15 a.m.53 views

CVE-2022-48889

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: sof-nau8825: fix module alias overflow The maximum name length for a platform_device_id entry is 20 charactersincluding the trailing NUL byte. The sof_nau8825.c file exceeds that,which causes an obscure error message: ...

5.5CVSS6.4AI score0.00036EPSS
CVE
CVEadded 2024/08/21 7:15 a.m.53 views

CVE-2022-48898

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dp: do not complete dp_aux_cmd_fifo_tx() if irq is not for aux transfer There are 3 possible interrupt sources are handled by DP controller,HPDstatus, Controller state changes and Aux read/write transaction.At every irq, DP...

4.7CVSS6.7AI score0.00028EPSS
CVE
CVEadded 2024/08/22 2:15 a.m.53 views

CVE-2022-48907

In the Linux kernel, the following vulnerability has been resolved: auxdisplay: lcd2s: Fix memory leak in ->remove() Once allocated the struct lcd2s_data is never freed.Fix the memory leak by switching to devm_kzalloc().

5.5CVSS6.5AI score0.0003EPSS
CVE
CVEadded 2024/08/22 2:15 a.m.53 views

CVE-2022-48922

In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The trace_hardirqs_{on,off}() require the caller to setup frame pointerproperly. This because these two functions use macro 'CALLER_ADDR1' (aka.__builtin_return_address(1)) to acquir...

5.5CVSS6.5AI score0.00043EPSS
CVE
CVEadded 2024/08/22 4:15 a.m.53 views

CVE-2022-48937

In the Linux kernel, the following vulnerability has been resolved: io_uring: add a schedule point in io_add_buffers() Looping ~65535 times doing kmalloc() calls can trigger soft lockups,especially with DEBUG features (like KASAN). [ 253.536212] watchdog: BUG: soft lockup - CPU#64 stuck for 26s! [b...

3.3CVSS7AI score0.00028EPSS
CVE
CVEadded 2024/09/23 10:15 a.m.53 views

CVE-2022-48945

In the Linux kernel, the following vulnerability has been resolved: media: vivid: fix compose size exceed boundary syzkaller found a bug: BUG: unable to handle page fault for address: ffffc9000a3b1000#PF: supervisor write access in kernel mode#PF: error_code(0x0002) - not-present pagePGD 100000067 ...

6.3AI score0.00181EPSS
CVE
CVEadded 2024/10/21 8:15 p.m.53 views

CVE-2022-48946

In the Linux kernel, the following vulnerability has been resolved: udf: Fix preallocation discarding at indirect extent boundary When preallocation extent is the first one in the extent block, thecode would corrupt extent tree header instead. Fix the problem and useudf_delete_aext() for deleting e...

5.5CVSS5.3AI score0.00054EPSS
CVE
CVEadded 2024/10/21 8:15 p.m.53 views

CVE-2022-48951

In the Linux kernel, the following vulnerability has been resolved: ASoC: ops: Check bounds for second channel in snd_soc_put_volsw_sx() The bounds checks in snd_soc_put_volsw_sx() are only being applied to thefirst channel, meaning it is possible to write out of bounds values to thesecond channel ...

7.8CVSS7.3AI score0.00034EPSS
CVE
CVEadded 2024/10/21 8:15 p.m.53 views

CVE-2022-48962

In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb is delivered to napi_gro_receive() which may free it, aftercalling this, dereferencing skb may trigger use-after-free.

7.8CVSS7.3AI score0.00045EPSS
CVE
CVEadded 2024/10/21 8:15 p.m.53 views

CVE-2022-48968

In the Linux kernel, the following vulnerability has been resolved: octeontx2-pf: Fix potential memory leak in otx2_init_tc() In otx2_init_tc(), if rhashtable_init() failed, it does not freetc->tc_entries_bitmap which is allocated in otx2_tc_alloc_ent_bitmap().

5.5CVSS5.2AI score0.00028EPSS
CVE
CVEadded 2024/10/21 8:15 p.m.53 views

CVE-2022-48987

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-dv-timings.c: fix too strict blanking sanity checks Sanity checks were added to verify the v4l2_bt_timings blanking fieldsin order to avoid integer overflows when userspace passes weird values. But that assumed that use...

5.5CVSS5.2AI score0.0005EPSS
CVE
CVEadded 2025/02/26 7:0 a.m.53 views

CVE-2022-49094

In the Linux kernel, the following vulnerability has been resolved: net/tls: fix slab-out-of-bounds bug in decrypt_internal The memory size of tls_ctx->rx.iv for AES128-CCM is 12 setting intls_set_sw_offload(). The return value of crypto_aead_ivsize()for "ccm(aes)" is 16. So memcpy() require 16 ...

5.4AI score0.00052EPSS
CVE
CVEadded 2025/02/26 7:0 a.m.53 views

CVE-2022-49141

In the Linux kernel, the following vulnerability has been resolved: net: dsa: felix: fix possible NULL pointer dereference As the possible failure of the allocation, kzalloc() may return NULLpointer.Therefore, it should be better to check the 'sgi' in order to preventthe dereference of NULL pointer...

5.5CVSS5.3AI score0.0003EPSS
CVE
CVEadded 2025/02/26 7:0 a.m.53 views

CVE-2022-49161

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8183_da7219_max98357_dev_probe The device_node pointer is returned by of_parse_phandle() with refcountincremented. We should use of_node_put() on it when done. This function only calls of_nod...

5.4AI score0.00041EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49245

In the Linux kernel, the following vulnerability has been resolved: ASoC: rockchip: Fix PM usage reference of rockchip_i2s_tdm_resume pm_runtime_get_sync will increment pm usage countereven it failed. Forgetting to putting operation willresult in reference leak here. We fix it by replacingit with p...

5.3AI score0.00031EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49469

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix anon_dev leak in create_subvol() When btrfs_qgroup_inherit(), btrfs_alloc_tree_block, orbtrfs_insert_root() fail in create_subvol(), we return without freeinganon_dev. Reorganize the error handling in create_subvol() to ...

5.3AI score0.00043EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49665

In the Linux kernel, the following vulnerability has been resolved: platform/x86: thinkpad_acpi: Fix a memory leak of EFCH MMIO resource Unlike release_mem_region(), a call to release_resource() does notfree the resource, so it has to be freed explicitly to avoid a memoryleak.

5.3AI score0.00041EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49702

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix hang during unmount when block group reclaim task is running When we start an unmount, at close_ctree(), if we have the reclaim taskrunning and in the middle of a data block group relocation, we can triggera deadlock whe...

5.3AI score0.00031EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49706

In the Linux kernel, the following vulnerability has been resolved: zonefs: fix zonefs_iomap_begin() for reads If a readahead is issued to a sequential zone file with an offsetexactly equal to the current file size, the iomap type is set toIOMAP_UNWRITTEN, which will prevent an IO, but the iomap le...

6.6AI score0.00033EPSS
CVE
CVEadded 2025/02/26 7:1 a.m.53 views

CVE-2022-49718

In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: Fix refcount leak in aic_of_ic_init of_get_child_by_name() returns a node pointer with refcountincremented, we should use of_node_put() on it when not need anymore.Add missing of_node_put() to avoid refcount leak...

5.5CVSS6.4AI score0.00022EPSS
CVE
CVEadded 2025/05/01 3:16 p.m.53 views

CVE-2022-49873

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix wrong reg type conversion in release_reference() Some helper functions will allocate memory. To avoid memory leaks, theverifier requires the eBPF program to release these memories by callingthe corresponding helper functio...

5.5CVSS6.3AI score0.00053EPSS
CVE
CVEadded 2025/05/01 3:16 p.m.53 views

CVE-2022-49915

In the Linux kernel, the following vulnerability has been resolved: mISDN: fix possible memory leak in mISDN_register_device() Afer commit 1fa5ae857bb1 ("driver core: get rid of struct device'sbus_id string array"), the name of device is allocated dynamically,add put_device() to give up the referen...

5.5CVSS6.4AI score0.00034EPSS
CVE
CVEadded 2023/09/04 3:15 a.m.53 views

CVE-2023-20846

In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.

4.2CVSS4AI score0.00015EPSS
CVE
CVEadded 2023/02/28 9:15 p.m.53 views

CVE-2023-22999

In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

5.5CVSS5.1AI score0.00016EPSS
CVE
CVEadded 2024/05/21 4:15 p.m.53 views

CVE-2023-52747

In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Restore allocated resources on failed copyout Fix a resource leak if an error occurs.

6.7AI score0.00021EPSS
CVE
CVEadded 2024/08/21 7:15 a.m.53 views

CVE-2023-52896

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota rescan and disable leading to NULL pointer deref If we have one task trying to start the quota rescan worker while anotherone is trying to disable quotas, we can end up hitting a race that resultsin th...

4.7CVSS6.4AI score0.00036EPSS
CVE
CVEadded 2025/03/27 5:15 p.m.53 views

CVE-2023-52940

In the Linux kernel, the following vulnerability has been resolved: mm: multi-gen LRU: fix crash during cgroup migration lru_gen_migrate_mm() assumes lru_gen_add_mm() runs prior to itself. Thisisn't true for the following scenario: CPU 1 CPU 2 clone()cgroup_can_fork()cgroup_procs_write()cgroup_post...

6.5AI score0.00036EPSS
CVE
CVEadded 2025/05/02 4:15 p.m.53 views

CVE-2023-53064

In the Linux kernel, the following vulnerability has been resolved: iavf: fix hang on reboot with ice When a system with E810 with existing VFs gets rebooted the followinghang may be observed. Pid 1 is hung in iavf_remove(), part of a network driver:PID: 1 TASK: ffff965400e5a340 CPU: 24 COMMAND: "s...

6.4AI score0.00026EPSS
CVE
CVEadded 2025/05/02 4:15 p.m.53 views

CVE-2023-53094

In the Linux kernel, the following vulnerability has been resolved: tty: serial: fsl_lpuart: fix race on RX DMA shutdown From time to time DMA completion can come in the middle of DMA shutdown: : :lpuart32_shutdown()lpuart_dma_shutdown()del_timer_sync()lpuart_dma_rx_complete()lpuart_copy_rx_to_tty(...

6.3AI score0.00027EPSS
CVE
CVEadded 2024/06/21 11:15 a.m.53 views

CVE-2024-33619

In the Linux kernel, the following vulnerability has been resolved: efi: libstub: only free priv.runtime_map when allocated priv.runtime_map is only allocated when efi_novamap is not set.Otherwise, it is an uninitialized value. In the error path, it is freedunconditionally. Avoid passing an uniniti...

5.5CVSS6.7AI score0.00012EPSS
CVE
CVEadded 2024/06/03 8:15 a.m.53 views

CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in itsIRQ handler to avoid triggering net_rx_action() softirq on exit fromnetif_rx(). The net_rx_a...

6.2CVSS7.6AI score0.00019EPSS
CVE
CVEadded 2024/06/08 1:15 p.m.53 views

CVE-2024-36970

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: Use request_module_nowait This appears to work around a deadlock regression that came inwith the LED merge in 6.9. The deadlock happens on my system with 24 iwlwifi radios, so maybeit something like all worker thread...

5.5CVSS6.5AI score0.00012EPSS
CVE
CVEadded 2024/06/19 2:15 p.m.53 views

CVE-2024-38574

In the Linux kernel, the following vulnerability has been resolved: libbpf: Prevent null-pointer dereference when prog to load has no BTF In bpf_objec_load_prog(), there's no guarantee that obj->btf is non-NULLwhen passing it to btf__fd(), and this function does not perform anycheck before deref...

5.5CVSS6.5AI score0.00027EPSS
CVE
CVEadded 2024/06/21 11:15 a.m.53 views

CVE-2024-38622

In the Linux kernel, the following vulnerability has been resolved: drm/msm/dpu: Add callback function pointer check before its call In dpu_core_irq_callback_handler() callback function pointer is compared to NULL,but then callback function is unconditionally called by this pointer.Fix this bug by ...

6.6AI score0.00039EPSS
CVE
CVEadded 2024/07/12 1:15 p.m.53 views

CVE-2024-40951

In the Linux kernel, the following vulnerability has been resolved: ocfs2: fix NULL pointer dereference in ocfs2_abort_trigger() bdev->bd_super has been removed and commit 8887b94d9322 change the usagefrom bdev->bd_super to b_assoc_map->host->i_sb. Since ocfs2 hasn't setbh->b_assoc_m...

5.5CVSS7.1AI score0.00039EPSS
CVE
CVEadded 2024/07/29 3:15 p.m.53 views

CVE-2024-41028

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMImatching functions, it must be terminated by a empty entry. Since this entry is missing, an array out-of-...

7.8CVSS6.5AI score0.0005EPSS
CVE
CVEadded 2024/07/29 3:15 p.m.53 views

CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmemdata than the main attribute itself.For example if nvme_config::root_only was set, the cell attrib...

6.4AI score0.00088EPSS
CVE
CVEadded 2024/07/29 3:15 p.m.53 views

CVE-2024-41052

In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Init the count variable in collecting hot-reset devices The count variable is used without initialization, it results in mistakesin the device counting and crashes the userspace if the get hot reset infopath is triggered.

5.5CVSS6.6AI score0.00039EPSS
CVE
CVEadded 2024/07/29 4:15 p.m.53 views

CVE-2024-42075

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix remap of arena. The bpf arena logic didn't account for mremap operation. Add a refcnt formultiple mmap events to prevent use-after-free in arena_vm_close.

5.5CVSS6.6AI score0.00054EPSS
CVE
CVEadded 2024/07/30 8:15 a.m.53 views

CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, request_irq() for pdev->irq willconflict with request_threaded_irq() for txgbe->misc.irq, to causesystem crash. So remove txgbe_reque...

5.5CVSS6.6AI score0.00047EPSS
CVE
CVEadded 2024/07/30 8:15 a.m.53 views

CVE-2024-42155

In the Linux kernel, the following vulnerability has been resolved: s390/pkey: Wipe copies of protected- and secure-keys Although the clear-key of neither protected- nor secure-keys isaccessible, this key material should only be visible to the callingprocess. So wipe all copies of protected- or sec...

1.9CVSS6.5AI score0.00026EPSS
CVE
CVEadded 2024/08/17 9:15 a.m.53 views

CVE-2024-42273

In the Linux kernel, the following vulnerability has been resolved: f2fs: assign CURSEG_ALL_DATA_ATGC if blkaddr is valid mkdir /mnt/test/compf2fs_io setflags compression /mnt/test/compdd if=/dev/zero of=/mnt/test/comp/testfile bs=16k count=1truncate --size 13 /mnt/test/comp/testfile In the above s...

6.3AI score0.00096EPSS
CVE
CVEadded 2024/08/17 9:15 a.m.53 views

CVE-2024-42279

In the Linux kernel, the following vulnerability has been resolved: spi: microchip-core: ensure TX and RX FIFOs are empty at start of a transfer While transmitting with rx_len == 0, the RX FIFO is not going to beemptied in the interrupt handler. A subsequent transfer could thenread crap from the pr...

6.5AI score0.00085EPSS
CVE
CVEadded 2024/08/17 9:15 a.m.53 views

CVE-2024-42296

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix return value of f2fs_convert_inline_inode() If device is readonly, make f2fs_convert_inline_inode()return EROFS instead of zero, otherwise it may triggerpanic during writeback of inline inode's dirty page asbelow: f2fs_wr...

6.6AI score0.00103EPSS
CVE
CVEadded 2024/08/17 10:15 a.m.53 views

CVE-2024-43815

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when runningAES with a key from one of the hardware's key slots. Fix this byensuring the payload field is set to 0 in...

7.1CVSS6.4AI score0.00049EPSS
CVE
CVEadded 2024/08/17 10:15 a.m.53 views

CVE-2024-43845

In the Linux kernel, the following vulnerability has been resolved: udf: Fix bogus checksum computation in udf_rename() Syzbot reports uninitialized memory access in udf_rename() when updatingchecksum of '..' directory entry of a moved directory. This is indeedtrue as we pass on-stack diriter.fi to...

3.3CVSS6.5AI score0.00038EPSS
Total number of security vulnerabilities10741