Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2016/08/06 10:0 a.m.85 views

CVE-2014-9870

The CVE-2014-9870 entry concerns the Linux kernel prior to 3.11 on ARM, including Android devices (Nexus 5/7) before 2016-08-05. It exposes a privilege-escalation path via improper handling of user-space access to the TPIDRURW register, enabling local attackers to gain privileges with a crafted a...

9.3CVSS7.5AI score0.01017EPSS
CVE
CVE
added 2016/08/06 10:0 a.m.85 views

CVE-2014-9892

The CVE-2014-9892 issue affects the Linux kernel (up to 4.7) in the snd_compr_tstamp path used by Android on Nexus 5/7 devices. Root cause: snd_compr_tstamp does not initialize a timestamp data structure, enabling a crafted app to obtain sensitive information. Impact: information disclosure possi...

5.5CVSS5.3AI score0.00499EPSS
CVE
CVE
added 2021/05/27 12:28 p.m.84 views

CVE-2008-2544

CVE-2008-2544 describes a local bypass where mounting the /proc filesystem inside a chroot can occur in read-write mode, allowing a user to bypass the chroot and gain write access to files they would not normally access. The connected documents reiterate the same description but do not provide pr...

5.5CVSS6.3AI score0.00303EPSS
CVE
CVE
added 2008/06/30 10:0 p.m.84 views

CVE-2008-2729

CVE-2008-2729 affects the Linux kernel before 2.6.19 on some AMD64 systems. The issue is in arch/x86_64/lib/copy_user.S where, after a kernel memory copy exception, destination memory locations aren’t erased, potentially letting a local user read residual data. Impact: local information disclosur...

4.9CVSS7AI score0.0057EPSS
CVE
CVE
added 2009/02/27 5:0 p.m.84 views

CVE-2009-0746

The CVE-2009-0746 entry concerns the Linux kernel ext4 code: make_indexed_dir in fs/ext4/namei.c fails to validate a rec_len field, allowing a local attacker to trigger a denial of service (OOPS) by mounting a crafted ext4 filesystem. Affected is kernel 2.6.27 up to 2.6.27.19 and 2.6.28 up to 2.6...

4.9CVSS6.7AI score0.0075EPSS
CVE
CVE
added 2009/08/28 3:0 p.m.84 views

CVE-2009-3001

Technical details about CVE-2009-3001 are not provided in the connected documents; the initial description states a kernel infoleak via getsockname on AF_LLC, but no vendor/product/version specifics or fixes are included. Monitor for updates.

4.9CVSS6.1AI score0.0102EPSS
CVE
CVE
added 2010/03/19 7:0 p.m.84 views

CVE-2009-4271

CVE-2009-4271 affects Linux kernel 2.6.9–2.6.17 on x86_64/amd64. A local unprivileged user can trigger a NULL pointer dereference when a crafted 32-bit process calls mprotect on the Virtual Dynamic Shared Object (VDSO) page, potentially causing a kernel panic (DoS). The issue is tied to memory pr...

4.7CVSS5.8AI score0.00324EPSS
Web
CVE
CVE
added 2010/01/27 5:0 p.m.84 views

CVE-2009-4272

CVE-2009-4272 relates to a Red Hat patch for net/ipv4/route.c in the Linux kernel 2.6.18 on RHEL 5. It enables remote attackers to cause a denial of service (deadlock) by sending crafted packets that trigger collisions in the IPv4 routing hash table, prompting a routing “emergency” with a hash ch...

7.8CVSS6.9AI score0.11051EPSS
CVE
CVE
added 2010/06/16 8:0 p.m.84 views

CVE-2010-2071

The CVE-2010-2071 entry corresponds to the Linux kernel issue where the btrfs_xattr_set_acl function in fs/btrfs/acl.c did not verify file ownership before applying ACLs. Affected: Linux kernel 2.6.34 and earlier. Impact: local users can bypass file permissions by setting arbitrary ACLs (demonstr...

4.6CVSS6.6AI score0.00469EPSS
CVE
CVE
added 2011/09/06 3:0 p.m.84 views

CVE-2011-2700

CVE-2011-2700 affects the Linux kernel prior to 2.6.39.4 on the N900 platform, where multiple buffer overflows in si4713_write_econtrol_string (drivers/media/radio/si4713-i2c.c) can be triggered by a crafted s_ext_ctrls operation using V4L2_CID_RDS_TX_PS_NAME or V4L2_CID_RDS_TX_RADIO_TEXT. The is...

2.1CVSS6.7AI score0.00507EPSS
CVE
CVE
added 2014/02/15 11:0 a.m.84 views

CVE-2011-2909

Summary (CVE-2011-2909): The Linux kernel (do_devinfo_ioctl in drivers/staging/comedi/comedi_fops.c) before 3.1 allows local users to leak sensitive kernel memory content through a copy of a short string. This is described as an information leak in the kernel staging area. Impact is local confide...

4.9CVSS5.8AI score0.00367EPSS
CVE
CVE
added 2013/06/08 10:0 a.m.84 views

CVE-2011-2942

CVE-2011-2942 is tied to a Red Hat patch affecting the Linux kernel 2.6.18-... on RHEL 5. The issue is in the bridge forward path, specifically br_forward.c __br_deliver, enabling a remote attacker on a bridged network to trigger a NULL pointer dereference and system crash (DoS) or potentially ot...

6.8CVSS8.3AI score0.01786EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.84 views

CVE-2015-2672

The CVE-2015-2672 entry concerns the Linux kernel’s xsave/xrstor implementation (arch/x86/include/asm/xsave.h). Vulnerable code paths exist in kernels before 3.19.2 where certain .altinstr_replacement pointers are created, failing to provide protection against instruction faulting. Local attacker...

5.5CVSS5.7AI score0.00365EPSS
CVE
CVE
added 2016/10/10 10:0 a.m.84 views

CVE-2016-5343

CVE-2016-5343 affects the Linux kernel driver drivers/soc/qcom/qdsp6v2/voice_svc.c (QDSP6v2 Voice Service) used in Qualcomm MSM Android contributions. The vulnerability is a buffer overflow in voice_svc_send_req triggered by a write request, which can cause memory corruption and enable a denial o...

9.8CVSS9.3AI score0.03304EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.84 views

CVE-2016-9755

CVE-2016-9755 affects the Linux kernel netfilter IPv6 reassembly logic prior to 4.9. It allows local users to cause a denial of service via a crafted application that uses socket, connect, and writev calls, due to an integer overflow / out-of-bounds write in the IPv6 reassembly path. The root cau...

7.8CVSS7.4AI score0.0039EPSS
CVE
CVE
added 2016/12/28 7:42 a.m.84 views

CVE-2016-9777

KVM in the Linux kernel (before 4.8.12) is vulnerable when I/O APIC is enabled. A guest user can craft an interrupt request to bypass VCPU index restrictions, potentially gaining host privileges or causing a host denial of service via out-of-bounds access and host crash. Affected components: arch...

7.8CVSS7.2AI score0.0038EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.84 views

CVE-2017-0576

CVE-2017-0576 is an elevation-of-privilege vulnerability in the Qualcomm Crypto Engine Driver that could allow a local malicious app to execute arbitrary code in the kernel context. Affected product scope is Android; kernels 3.10 and 3.18 are listed as vulnerable. The underlying issue is in the Q...

7.6CVSS6.9AI score0.0153EPSS
Web
CVE
CVE
added 2024/03/04 6:6 p.m.84 views

CVE-2021-47083

CVE-2021-47083 affects the Linux kernel’s pinctrl Mediatek code: when the eint virtual EINT number exceeds the GPIO count, it can trigger a global-out-of-bounds write to desc[eint_n]. The issue was fixed in the mediatek pinctrl path (pinctrl: mediatek: fix global-out-of-bounds issue). No exploit ...

7.1CVSS6.3AI score0.00227EPSS
CVE
CVE
added 2024/03/04 6:10 p.m.84 views

CVE-2021-47089

CVE-2021-47089 pertains to the Linux kernel: kfence memory leak when handling cat kfence objects. The leak stems from a missing release function for files opened via file_operations, causing allocated seq_file structures/related seq_buf to not be freed when the file is closed, as evidenced by kme...

3.3CVSS6.3AI score0.0019EPSS
CVE
CVE
added 2024/03/04 6:10 p.m.84 views

CVE-2021-47091

CVE-2021-47091 affects the Linux kernel mac80211 component. Root cause: locking in ieee80211_start_ap error path where local channel context release wasn’t guaranteed to hold local->mtx, risking improper synchronization. The fix enforces holding local->mtx when releasing the channel context...

5.5CVSS6.2AI score0.00168EPSS
CVE
CVE
added 2024/03/25 9:7 a.m.84 views

CVE-2021-47139

CVE-2021-47139 affects the Linux kernel hns3 driver. A race occurs because the netdevice is registered before client initialization completes, creating a window where changes to channels or rx CPU map can trigger hns3_set_rx_cpu_rmap() twice, leading to a crash (BUG at lib/cpu_rmap.c). The fix, a...

5.5CVSS6.5AI score0.00225EPSS
CVE
CVE
added 2024/03/25 9:7 a.m.84 views

CVE-2021-47146

CVE-2021-47146 concerns the Linux kernel where mld_newpack could panic when headroom is large because high-order page allocation was disallowed (skb_put() path). The issue is triggered during IPv6 multicast handling in mld_newpack/mld_send_initial_cr and can lead to a kernel crash; the provided t...

5.5CVSS6.4AI score0.00238EPSS
CVE
CVE
added 2024/03/25 9:16 a.m.84 views

CVE-2021-47160

CVE-2021-47160 corresponds to a Linux kernel vulnerability where PCR_MATRIX was set to all-ones when VLAN filtering was enabled and not reset when disabled, potentially allowing VLAN traffic leaks between bridges br0 and br1. The issue is addressed by removing the PCR_MATRIX write from mt7530_por...

7.1CVSS6.7AI score0.00233EPSS
CVE
CVE
added 2024/04/10 7:1 p.m.84 views

CVE-2021-47214

CVE-2021-47214 affects Linux kernel hugetlb/userfaultfd handling. The fix corrects reservation restoration on userfaultfd error in hugetlb_mcopy_atomic_pte() by treating the is_continue path like pagecache insertion and altering the new_pagecache_page flag (renamed to page_in_pagecache) so restor...

5.5CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2024/04/10 7:1 p.m.84 views

CVE-2021-47216

CVE-2021-47216 affects the Linux kernel SCSI AdvanSys driver. The root cause is a kernel pointer leak caused by printing pointers cast to unsigned long with %lx instead of using %p/%px. A patch fixes the issue by changing pointer printing format from %lx to %p, effectively printing the hashed poi...

5.5CVSS6.3AI score0.00226EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.84 views

CVE-2021-47245

CVE-2021-47245 affects the Linux kernel netfilter synproxy TCP option parser. The vulnerability arises from an out-of-bounds read in synproxy_parse_options when parsing TCP options; if length equals 1, the loop reads an opcode byte and, if it is not TCPOPT_EOL or TCPOPT_NOP, reads one more byte, ...

7.1CVSS6.7AI score0.00264EPSS
CVE
CVE
added 2024/05/21 2:20 p.m.84 views

CVE-2021-47283

CVE-2021-47283 concerns the Linux kernel where the SFC driver could leak IRQ resources when using legacy IRQs. The issue arises because the flag irqs_hooked was not set during initialization in legacy IRQ mode, causing non-freed interrupt descriptors on module removal. The vulnerability affects t...

5.5CVSS6.7AI score0.00222EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.84 views

CVE-2021-47343

CVE-2021-47343 is a Linux kernel issue in the device-mapper (dm) btree removal path. The bug could cause an uninitialized value to be assigned to new_root when removal fails, leading to out-of-bounds access in dm-thin metadata (details_root/details_info) and potential general protection faults. T...

5.5CVSS6.4AI score0.00259EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.84 views

CVE-2021-47390

CVE-2021-47390 concerns the Linux kernel KVM path on x86, where KASAN reports a stack-out-of-bounds access in kvm_make_vcpus_request_mask() when handling IOAPIC indirect requests. The root cause is that the vcpu_bitmap is allocated as a single stack long instead of a size equal to KVM_MAX_VCPUS, ...

7.1CVSS6.7AI score0.00259EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.84 views

CVE-2021-47398

The CVE-2021-47398 entry concerns a Linux kernel RDMA/hfi1 pointer leak. The vulnerability stemmed from printing secured pointers using unsigned long long with %llx, which could reveal addresses. The fix changes the formatting to print pointers with %p or %px, eliminating the cast to a large inte...

5.5CVSS6.6AI score0.00208EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.84 views

CVE-2021-47420

CVE-2021-47420 affects the Linux kernel in the DRM/AMDKFD path. The issue is a memory leak: memory allocated for ttm->sg by kmalloc in kfd_mem_dmamap_userptr is not freed in kfd_mem_dmaunmap_userptr. The vulnerability has been resolved by freeing the leaked memory. Connected advisories (Astra ...

5.5CVSS6.7AI score0.00194EPSS
CVE
CVE
added 2024/05/21 3:4 p.m.84 views

CVE-2021-47427

CVE-2021-47427 affects the Linux kernel SCSI/ISCSI code where iscsi_task could be freed after abort handling due to a goto to cleanup. Root cause: abort path introduced iscsi_get_conn()/iscsi_put_conn() but then cleanup could still perform a put on the iscsi_task. The fix reverts the goto and mov...

7.8CVSS6.8AI score0.00217EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.84 views

CVE-2021-47513

CVE-2021-47513 is a Linux kernel vulnerability affecting the net: dsa: felix MMIO filtering path. The issue is a memory leak in felix_setup_mmio_filtering that occurs if there is no CPU port defined. The vulnerability is fixed in the kernel by addressing the resource leak in the felix MMIO filter...

5.5CVSS6.9AI score0.00205EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.84 views

CVE-2021-47525

CVE-2021-47525 affects the Linux kernel, specifically the serial liteuart driver. The issue is a use-after-free and memory leak that occurs on unbind, where the port may remain registered after driver data is released, leading to potential use after free and serial-core memory leaks. The publishe...

7.8CVSS8.4AI score0.0023EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.84 views

CVE-2021-47526

CVE-2021-47526 is a Linux kernel vulnerability in the serial: liteuart driver causing a NULL pointer dereference in _remove() when drvdata isn’t set in _probe(). The root cause is missing drvdata assignment which leads to platform_get_drvdata() returning NULL in _remove(). The issue affects the L...

5.5CVSS7AI score0.00205EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.84 views

CVE-2021-47539

CVE-2021-47539 affects the Linux kernel RxRPC code. The issue is a use-after-free-like leak where a rxrpc_peer may be leaked during rxrpc_look_up_bundle() when handling a bundle candidate. The provided data states the root cause is a leak of the rxrpc_peer and the remediation is to call rxrpc_put...

5.5CVSS6.8AI score0.00222EPSS
CVE
CVE
added 2024/06/19 2:53 p.m.84 views

CVE-2021-47577

CVE-2021-47577 : In the Linux kernel, a race in the io-wq subsystem can occur between adding a new worker task_work and the wq exiting. The code checks IO_WQ_BIT_EXIT before creating a worker, and the exit path may cancel pending creations, creating a window where a newly added task_work is proce...

4.7CVSS6.5AI score0.00142EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.84 views

CVE-2022-48755

The CVE-2022-48755 issue is a Linux kernel vulnerability affecting powerpc64 systems where BPF code could emit ldbrx instructions not supported on processors older than ISA v2.06. The root cause is an ISA compatibility gap in the ldbrx path used by BPF_FROM_[L|E] and BPF_FROM_[L|B]E, leading to a...

5.5CVSS6.3AI score0.0021EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.84 views

CVE-2022-48756

CVE-2022-48756 relates to the Linux kernel DRM MSM DSI driver. The vulnerability stems from an invalid parameter check in msm_dsi_phy_enable where the function uses the PHY input before validating it, risking a NULL pointer dereference. The fix is to initialize the dev variable after performing t...

5.5CVSS6.9AI score0.0021EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.84 views

CVE-2022-48895

CVE-2022-48895 affects the Linux kernel iommu/arm-smmu component, specifically an issue where shutdown unregistration could trigger a NULL pointer dereference in the IOMMU path during reboot sequences. The issue was observed in stack traces leading to Oops in interrupt and kernel panic scenarios,...

5.5CVSS6.4AI score0.00209EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.84 views

CVE-2022-48931

CVE-2022-48931: Linux kernel configfs race when calling configfs_register_subsystem()/configfs_unregister_subsystem() can lead to kernel panic due to concurrent list modifications during link_group()/unlink_group(). The root cause is a race in configfs item management when parent configfs_subsyst...

4.7CVSS6.8AI score0.00165EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.84 views

CVE-2022-49052

The CVE-2022-49052 entry concerns a Linux kernel zram swap issue: when CLONE_VM occurs, a race could map zeroed data to userspace due to swap_slot_free_notify not counting swap slots, enabling a process to observe or rely on incorrect data until the fix patches out that notification and relies on...

5.5CVSS5.3AI score0.00274EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.84 views

CVE-2022-49071

CVE-2022-49071 affects the Linux kernel where drm/panel: ili9341 handling of an optional regulator could dereference a NULL or error pointer if the regulator lookup fails. The patch ensures that a failed optional regulator lookup resets the pointer to NULL, and notes that related functions like m...

5.5CVSS6.5AI score0.00245EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.84 views

CVE-2022-49250

CVE-2022-49250 : In the Linux kernel ASoC codecs rx-macro path, the AUX interpolator may access compander data without checking that compander exists, potentially causing an out-of-bounds access in the comp_enabled[] array. The issue is resolved by adding a guard before accessing compander data. ...

7.1CVSS5.4AI score0.00252EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.84 views

CVE-2022-49254

CVE-2022-49254 concerns the Linux kernel media TI-VPE driver. In cal_ctx_v4l2_init_formats(), the code assigns the result of devm_kzalloc() to ctx->active_fmt and then dereferences it unconditionally, which could cause a NULL pointer dereference if allocation fails. The vulnerability is mitiga...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.84 views

CVE-2022-49388

CVE-2022-49388 affects the Linux kernel ubi_create_volume() in the UBI subsystem. The issue is an use-after-free involving the 'eba_tbl' in the error handling path: ubi_eba_replace_table(vol, eba_tbl) assigns vol->eba_tbl = tbl, then on error the code path leads to ubi_eba_destroy_table(eba_tb...

7.8CVSS5.4AI score0.00283EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.84 views

CVE-2022-49487

CVE-2022-49487 affects the Linux kernel mtd/rawnand/syscalls for Intel NAND, where a null pointer dereference could occur if platform_get_resource() returns NULL. The fix moves using the resource after devm_ioremap_resource(), which checks for NULL to prevent dereference. Connected Astra Linux ad...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.84 views

CVE-2022-49506

The CVE-2022-49506 issue affects the Linux kernel DRM/Mediatek path, where a race between the vblank callback registration and disabling vblank could yield NULL callback data in the ovl IRQ path, risking kernel panic. The documented fix adds a vblank callback registration flow: register callback ...

5.5CVSS5.2AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.84 views

CVE-2022-49540

CVE-2022-49540 refers to a race in the Linux kernel’s RCU Tasks Rude grace-period handling. The issue occurs during boot when multiple CPUs come online and the rcu_tasks_rude_wait_gp() flow calls schedule_on_each_cpu(), which can mis-handle the online cpumask and produce a call trace in __flush_w...

4.7CVSS5.4AI score0.00183EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.84 views

CVE-2022-49672

CVE-2022-49672 refers to a race condition in the Linux kernel’s network/tun path: when destroying a tunNAPI object, the NAPI in the tun_file struct can be destroyed before the netdev, requiring explicit deletion of the NAPI. Syzbot observed this race as the queue was detached, enabling a potentia...

5.5CVSS5.3AI score0.00274EPSS
Total number of security vulnerabilities14330