Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2025/05/01 3:16 p.m.57 views

CVE-2022-49777

In the Linux kernel, the following vulnerability has been resolved: Input: i8042 - fix leaking of platform device on module removal Avoid resetting the module-wide i8042_platform_device pointer ini8042_probe() or i8042_remove(), so that the device can be properlydestroyed by i8042_exit() on module ...

6.6AI score0.00099EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.57 views

CVE-2022-49826

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix double ata_host_put() in ata_tport_add() In the error path in ata_tport_add(), when calling put_device(),ata_tport_release() is called, it will put the refcount of 'ap->host'. And then ata_host_put() i...

6.4AI score0.00099EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.57 views

CVE-2022-49880

In the Linux kernel, the following vulnerability has been resolved: ext4: fix warning in 'ext4_da_release_space' Syzkaller report issue as follows:EXT4-fs (loop0): Free/Dirty block detailsEXT4-fs (loop0): free_blocks=0EXT4-fs (loop0): dirty_blocks=0EXT4-fs (loop0): Block reservation detailsEXT4-fs ...

5.5CVSS6.4AI score0.00034EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.57 views

CVE-2022-49916

In the Linux kernel, the following vulnerability has been resolved: rose: Fix NULL pointer dereference in rose_send_frame() The syzkaller reported an issue: KASAN: null-ptr-deref in range [0x0000000000000380-0x0000000000000387]CPU: 0 PID: 4069 Comm: kworker/0:15 Not tainted 6.0.0-syzkaller-02734-g0...

5.5CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2023/09/04 3:15 a.m.57 views

CVE-2023-20850

In imgsys_cmdq, there is a possible out of bounds write due to a missing valid range checking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07340433; Issue ID: ALPS07340381.

6.5CVSS6.6AI score0.0002EPSS
CVE
CVE
added 2023/06/28 10:15 p.m.57 views

CVE-2023-3359

An issue was discovered in the Linux kernel brcm_nvram_parse in drivers/nvmem/brcm_nvram.c. Lacks for the check of the return value of kzalloc() can cause the NULL Pointer Dereference.

5.5CVSS5.1AI score0.00018EPSS
CVE
CVE
added 2024/05/14 2:23 p.m.57 views

CVE-2023-52655

In the Linux kernel, the following vulnerability has been resolved: usb: aqc111: check packet for fixup for true limit If a device sends a packet that is inbetween 0and sizeof(u64) the value passed to skb_trim()as length will wrap around ending up as some verylarge value. The driver will then proce...

6.7AI score0.00022EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.57 views

CVE-2023-52785

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Fix racing issue between ufshcd_mcq_abort() and ISR If command timeout happens and cq complete IRQ is raised at the same time,ufshcd_mcq_abort clears lprb->cmd and a NULL pointer deref happens in theISR. Error l...

4.7CVSS6.7AI score0.00094EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.57 views

CVE-2023-52893

In the Linux kernel, the following vulnerability has been resolved: gsmi: fix null-deref in gsmi_get_variable We can get EFI variables without fetching the attribute, so we mustallow for that in gsmi. commit 859748255b43 ("efi: pstore: Omit efivars caching EFI varstoreaccess layer") added a new get...

5.5CVSS6.5AI score0.00048EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.57 views

CVE-2023-52896

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between quota rescan and disable leading to NULL pointer deref If we have one task trying to start the quota rescan worker while anotherone is trying to disable quotas, we can end up hitting a race that resultsin th...

4.7CVSS6.4AI score0.00036EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.57 views

CVE-2023-52906

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mpls: Fix warning during failed attribute validation The 'TCA_MPLS_LABEL' attribute is of 'NLA_U32' type, but has avalidation type of 'NLA_VALIDATE_FUNCTION'. This is an invalidcombination according to the comment ab...

7.8CVSS6.3AI score0.00051EPSS
CVE
CVE
added 2025/03/27 5:15 p.m.57 views

CVE-2023-53032

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Fix overflow before widen in the bitmap_ip_create() function. When first_ip is 0, last_ip is 0xFFFFFFFF, and netmask is 31, the value ofan arithmetic expression 2 <

6.8AI score0.00083EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.57 views

CVE-2023-53050

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix memory leak in margining Memory for the usb4->margining needs to be relased for the upstream portof the router as well, even though the debugfs directory gets releasedwith the router device removal. Fix this.

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.57 views

CVE-2023-53091

In the Linux kernel, the following vulnerability has been resolved: ext4: update s_journal_inum if it changes after journal replay When mounting a crafted ext4 image, s_journal_inum may change after journalreplay, which is obviously unreasonable because we have successfully loadedand replayed the j...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.57 views

CVE-2023-53116

In the Linux kernel, the following vulnerability has been resolved: nvmet: avoid potential UAF in nvmet_req_complete() An nvme target ->queue_response() operation implementation may free therequest passed as argument. Such implementation potentially could resultin a use after free of the request...

6.4AI score0.00036EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.57 views

CVE-2023-53137

In the Linux kernel, the following vulnerability has been resolved: ext4: Fix possible corruption when moving a directory When we are renaming a directory to a different directory, we need toupdate '..' entry in the moved directory. However nothing prevents moveddirectory from being modified and ev...

6.8AI score0.00036EPSS
CVE
CVE
added 2024/02/05 8:15 a.m.57 views

CVE-2024-22386

A race condition was found in the Linux kernel's drm/exynos device driver in exynos_drm_crtc_atomic_disable() function. This can result in a null pointer dereference issue, possibly leading to a kernel panic or denial of service issue.

5.3CVSS4.6AI score0.0001EPSS
CVE
CVE
added 2024/04/17 10:15 a.m.57 views

CVE-2024-26834

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_flow_offload: release dst in case direct xmit path is used Direct xmit does not use it since it calls dev_queue_xmit() to sendpackets, hence it calls dst_release(). kmemleak reports: unreferenced object 0xffff88814f4...

5.5CVSS6.6AI score0.00026EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.57 views

CVE-2024-27061

In the Linux kernel, the following vulnerability has been resolved: crypto: sun8i-ce - Fix use after free in unprepare sun8i_ce_cipher_unprepare should be called beforecrypto_finalize_skcipher_request, because client callbacks mayimmediately free memory, that isn't needed anymore. But it will beuse...

7.8CVSS6.6AI score0.00022EPSS
CVE
CVE
added 2024/05/17 1:15 p.m.57 views

CVE-2024-35793

In the Linux kernel, the following vulnerability has been resolved: debugfs: fix wait/cancellation handling during remove Ben Greear further reports deadlocks during concurrent debugfsremove while files are being accessed, even though the code inquestion now uses debugfs cancellations. Turns out th...

7AI score0.00072EPSS
CVE
CVE
added 2024/06/03 8:15 a.m.57 views

CVE-2024-36962

In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses local_bh_disable()/local_bh_enable() in itsIRQ handler to avoid triggering net_rx_action() softirq on exit fromnetif_rx(). The net_rx_a...

6.2CVSS7.6AI score0.00019EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.57 views

CVE-2024-38539

In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Fix kmemleak in rdma_core observed during blktests nvme/rdma use siw When running blktests nvme/rdma, the following kmemleak issue will appear. kmemleak: Kernel memory leak detector initialized (mempool available:36041)km...

5.5CVSS7AI score0.00012EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.57 views

CVE-2024-38551

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Assign dummy when codec not specified for a DAI link MediaTek sound card drivers are checking whether a DAI link is presentand used on a board to assign the correct parameters and this is doneby checking the codec D...

5.5CVSS7AI score0.00013EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.57 views

CVE-2024-38592

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Init ddp_comp with devm_kcalloc() In the case where conn_routes is true we allocate an extra slot inthe ddp_comp array but mtk_drm_crtc_create() never seemed toinitialize it in the test case I ran. For me, this caused...

6.7AI score0.00022EPSS
CVE
CVE
added 2024/07/29 7:15 a.m.57 views

CVE-2024-41018

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Add a check for attr_names and oatbl Added out-of-bound checking for *ane (ATTR_NAME_ENTRY).

6.6AI score0.00131EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.57 views

CVE-2024-41028

In the Linux kernel, the following vulnerability has been resolved: platform/x86: toshiba_acpi: Fix array out-of-bounds access In order to use toshiba_dmi_quirks[] together with the standard DMImatching functions, it must be terminated by a empty entry. Since this entry is missing, an array out-of-...

7.8CVSS6.5AI score0.0005EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.57 views

CVE-2024-42113

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: initialize num_q_vectors for MSI/INTx interrupts When using MSI/INTx interrupts, wx->num_q_vectors is uninitialized.Thus there will be kernel panic in wx_alloc_q_vectors() to allocatequeue vectors.

6.4AI score0.00085EPSS
CVE
CVE
added 2024/08/07 4:15 p.m.57 views

CVE-2024-42239

In the Linux kernel, the following vulnerability has been resolved: bpf: Fail bpf_timer_cancel when callback is being cancelled Given a schedule: timer1 cb timer2 cb bpf_timer_cancel(timer2); bpf_timer_cancel(timer1); Both bpf_timer_cancel calls would wait for the other callback to finishexecuting,...

5.5CVSS6.4AI score0.0003EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.57 views

CVE-2024-43816

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Revise lpfc_prep_embed_io routine with proper endian macro usages On big endian architectures, it is possible to run into a memory out ofbounds pointer dereference when FCP targets are zoned. In lpfc_prep_embed_io, the ...

6.5AI score0.00109EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.57 views

CVE-2024-44951

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix TX fifo corruption Sometimes, when a packet is received on channel A at almost the same timeas a packet is about to be transmitted on channel B, we observe with alogic analyzer that the received packet on cha...

7.8CVSS7.4AI score0.00039EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.57 views

CVE-2024-44967

In the Linux kernel, the following vulnerability has been resolved: drm/mgag200: Bind I2C lifetime to DRM device Managed cleanup with devm_add_action_or_reset() will release the I2Cadapter when the underlying Linux device goes away. But the connectorstill refers to it, so this cleanup leaves behind...

7.8CVSS7.4AI score0.0005EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.57 views

CVE-2024-46718

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Don't overmap identity VRAM mapping Overmapping the identity VRAM mapping is triggering hardware bugs oncertain platforms. Use 2M pages for the last unaligned (to 1G) VRAMchunk. v2: Always use 2M pages for last chunk (Fei Y...

6.8AI score0.00057EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.57 views

CVE-2024-46831

In the Linux kernel, the following vulnerability has been resolved: net: microchip: vcap: Fix use-after-free error in kunit test This is a clear use-after-free error. We remove it, and rely on checkingthe return code of vcap_del_rule.

7.8CVSS8AI score0.00048EPSS
CVE
CVE
added 2024/09/30 4:15 p.m.57 views

CVE-2024-46869

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel_pcie: Allocate memory for driver private data Fix driver not allocating memory for struct btintel_data which is usedto store internal data.

5.5CVSS5.3AI score0.00039EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.57 views

CVE-2024-49980

In the Linux kernel, the following vulnerability has been resolved: vrf: revert "vrf: Remove unnecessary RCU-bh critical section" This reverts commit 504fc6f4f7f681d2a03aa5f68aad549d90eab853. dev_queue_xmit_nit is expected to be called with BH disabled.__dev_queue_xmit has the following: /* Disable...

5.5CVSS5.2AI score0.00038EPSS
CVE
CVE
added 2024/11/07 10:15 a.m.57 views

CVE-2024-50161

In the Linux kernel, the following vulnerability has been resolved: bpf: Check the remaining info_cnt before repeating btf fields When trying to repeat the btf fields for array of nested struct, itdoesn't check the remaining info_cnt. The following splat will bereported when the value of ret * nele...

5.5CVSS5.2AI score0.00034EPSS
CVE
CVE
added 2024/11/08 6:15 a.m.57 views

CVE-2024-50174

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal arraywhen entries are being simultaneously added and removed. However thereis still a race betwee...

4.7CVSS6.5AI score0.00022EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.57 views

CVE-2024-56547

In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8n_barrier_cbs=8 nocbs_nthreads=8 nocbs_toggle=100 onoff_interval=60test_boost=2, will trigger the following war...

6.5AI score0.00042EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.57 views

CVE-2024-56669

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Remove cache tags before disabling ATS The current implementation removes cache tags after disabling ATS,leading to potential memory leaks and kernel crashes. Specifically,CACHE_TAG_DEVTLB type cache tags may still rema...

7.8CVSS6.5AI score0.00035EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.57 views

CVE-2024-56674

In the Linux kernel, the following vulnerability has been resolved: virtio_net: correct netdev_tx_reset_queue() invocation point When virtnet_close is followed by virtnet_open, some TX completions canpossibly remain unconsumed, until they are finally processed during thefirst NAPI poll after the ne...

5.5CVSS6.3AI score0.00037EPSS
CVE
CVE
added 2025/02/27 8:16 p.m.57 views

CVE-2025-21801

In the Linux kernel, the following vulnerability has been resolved: net: ravb: Fix missing rtnl lock in suspend/resume path Fix the suspend/resume path by ensuring the rtnl lock is held whererequired. Calls to ravb_open, ravb_close and wol operations must beperformed under the rtnl lock to prevent ...

6.5AI score0.00039EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.57 views

CVE-2025-21946

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix out-of-bounds in parse_sec_desc() If osidoffset, gsidoffset and dacloffset could be greater than smb_ntsdstruct size. If it is smaller, It could cause slab-out-of-bounds.And when validating sid, It need to check it inclu...

7.1AI score0.00034EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.57 views

CVE-2025-21949

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Set hugetlb mmap base address aligned with pmd size With ltp test case "testcases/bin/hugefork02", there is a dmesg errorreport message such as: kernel BUG at mm/hugetlb.c:5550!Oops - BUG[#1]:CPU: 0 UID: 0 PID: 1517 Comm...

5.5CVSS6.9AI score0.00031EPSS
CVE
CVE
added 2025/04/02 1:15 p.m.57 views

CVE-2025-21987

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: init return value in amdgpu_ttm_clear_buffer Otherwise an uninitialized value can be returned ifamdgpu_res_cleared returns true for all regions. Possibly closes: https://gitlab.freedesktop.org/drm/amd/-/issues/3812 (che...

7.2AI score0.00032EPSS
CVE
CVE
added 2025/04/03 8:15 a.m.57 views

CVE-2025-22000

In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: drop beyond-EOF folios with the right number of refs When an after-split folio is large and needs to be dropped due to EOF,folio_put_refs(folio, folio_nr_pages(folio)) should be used to drop allpage cache refs. Othe...

5.5CVSS7.1AI score0.00022EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.57 views

CVE-2025-22031

In the Linux kernel, the following vulnerability has been resolved: PCI/bwctrl: Fix NULL pointer dereference on bus number exhaustion When BIOS neglects to assign bus numbers to PCI bridges, the kernelattempts to correct that during PCI device enumeration. If it runs outof bus numbers, no pci_bus i...

5.5CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.57 views

CVE-2025-22034

In the Linux kernel, the following vulnerability has been resolved: mm/gup: reject FOLL_SPLIT_PMD with hugetlb VMAs Patch series "mm: fixes for device-exclusive entries (hmm)", v2. Discussing the PageTail() call in make_device_exclusive_range() withWilly, I recently discovered [1] that device-exclu...

6.3AI score0.00034EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.57 views

CVE-2025-22051

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in agilent usb If the agilent usb dongle is disconnected subsequent calls to thedriver cause a NULL dereference Oops as the bus_interfaceis set to NULL on disconnect. This problem was introd...

5.5CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.57 views

CVE-2025-22082

In the Linux kernel, the following vulnerability has been resolved: iio: backend: make sure to NULL terminate stack buffer Make sure to NULL terminate the buffer iniio_backend_debugfs_write_reg() before passing it to sscanf(). It is astack variable so we should not assume it will 0 initialized.

6.7AI score0.00034EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.57 views

CVE-2025-37842

In the Linux kernel, the following vulnerability has been resolved: spi: fsl-qspi: use devm function instead of driver remove Driver use devm APIs to manage clk/irq/resources and register the spicontroller, but the legacy remove function will be called first duringdevice detach and trigger kernel p...

6.5AI score0.00033EPSS
Web
Total number of security vulnerabilities10926