Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/02/26 2:24 a.m.84 views

CVE-2022-49683

The CVE-2022-49683 entry concerns the Linux kernel, specifically the IIO ADC driver for adi-axi-adc. The root cause is a refcount leak where of_parse_phandle() returns a node pointer with an incremented refcount, and the patch adds a missing of_node_put() when the node is no longer needed. The ch...

5.5CVSS5.3AI score0.00252EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.84 views

CVE-2022-49686

CVE-2022-49686 affects the Linux kernel USB gadget UVC path (configfs-gadget: uvc) where uvcg_video_pump can double-add a request to the free list, leading to a kernel BUG and panic when an endpoint is disabled and the request is re-queued. The issue is demonstrated by kernel BUG at lib/list_debu...

7.8CVSS5.2AI score0.00234EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.84 views

CVE-2022-49718

CVE-2022-49718 concerns a Linux kernel issue in the irqchip/apple-aic path. The root cause is a refcount leak in aic_of_ic_init: of_get_child_by_name() returns a node pointer with an incremented refcount, and the patch adds a missing of_node_put() to release it when no longer needed. The connecte...

5.5CVSS6.4AI score0.00209EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.84 views

CVE-2022-49771

CVE-2022-49771 affects the Linux kernel’s dm-thin/ioctl path. The vulnerability arises when __list_versions uses dm_target_iterate twice under race conditions between the first size estimation and the second information retrieval, allowing module loading to occur between the two calls. The second...

4.7CVSS7AI score0.00137EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.84 views

CVE-2022-49772

CVE-2022-49772 affects the Linux kernel’s ALSA USB audio driver (snd_usbmidi_output_open). The vulnerability arises from a NULL port check that used snd_BUG_ON(); although the check is valid for unexpected NULL ports, this scenario can occur when a device reports an invalid endpoint during descri...

5.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.84 views

CVE-2022-49822

The CVE refers to a Linux kernel CIFS issue: when tlink setup fails, connections may not be released, causing a refcount leak in the CIFS module and leaking fscache info, which can lead to errors on subsequent mounts (e.g., CIFS: Cache volume key already in use). The vulnerability is tied to the ...

5.5CVSS6.5AI score0.00167EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.84 views

CVE-2022-49888

CVE-2022-49888 affects the ARM64 Linux kernel entry path. The Cortex-A76 erratum workaround (cortex_a76_erratum_1463225_debug_handler) was not inlined due to a patch, allowing a kprobe to probe the function and potentially trigger recursive exceptions and a stack overflow when a probed function e...

7.8CVSS6.8AI score0.00211EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.84 views

CVE-2022-50000

CVE-2022-50000 affects the Linux kernel netfilter flowtable cleanup. The issue arises when a flow table entry has pending hardware stats/add work; in that case HW delete work is skipped, causing a race between software/ hardware cleanup and potentially a use-after-free during flowtable teardown. ...

5.5CVSS6.5AI score0.00194EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.84 views

CVE-2022-50045

CVE-2022-50045 is a Linux kernel issue affecting the powerpc/pci path. The vulnerability arose from a locking interaction in get_phb_number(), which could cause a DEBUG_ATOMIC_SLEEP warning when sleep-prone OF routines are called while a hose_spinlock is held. The resolution involves modifying ge...

5.5CVSS6.1AI score0.00122EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.84 views

CVE-2022-50086

The CVE CVE-2022-50086 concerns a Linux kernel issue where concurrent writes to io cost qos (rq_qos) could cause the same rq_qos type to be added twice to a disk, leading to list walk corruption and potential crashes. Connected advisories (EulerOS/Nessus entries) reference the same description an...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.84 views

CVE-2022-50127

CVE-2022-50127 affects the Linux kernel RDMA/rxe path. The vulnerability occurs in rxe_create_qp() where rxe_qp_from_init() initializes qp before spinlocks are set up (before rxe_qp_init_req()). If an error happens prior to the proper initialization, an unwind path calls rxe_cleanup()/rxe_qp_do_c...

5.5CVSS6.5AI score0.00161EPSS
CVE
CVE
added 2024/03/02 9:59 p.m.84 views

CVE-2023-52570

CVE-2023-52570 affects the Linux kernel vfio/mdev path. The vulnerability is a NULL pointer dereference that can occur in mdev_unregister_parent() during module removal of the mdpy.mdpy (mdpy.ko), traced to probing/initialization flow (kobject_add_internal/kobject_init_and_add) and mdev_type_add(...

5.5CVSS6.8AI score0.00222EPSS
CVE
CVE
added 2024/05/17 2:2 p.m.84 views

CVE-2023-52671

CVE-2023-52671 : Linux kernel vulnerability in drm/amd/display related to ODM4:1 transition. The issue could hang or underflow when disabling an OPTC and reclaiming its OPPs for a different OPTC, due to OPPs not being properly disconnected from the disabled OPTC. The published description states ...

5.5CVSS6.7AI score0.00222EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.84 views

CVE-2023-52701

The CVE-2023-52701 entry concerns Linux kernel net handling: copying skb marks and skb_cb data led to a memory exposure via usercopy checks, observed as a kernel crash on arm64 when CONFIG_HARDENED_USERCOPY=y. Root cause: copying data from skb->cb[] and skb->mark can bypass size checks; pat...

7.1CVSS6.9AI score0.00227EPSS
CVE
CVE
added 2024/05/21 3:23 p.m.84 views

CVE-2023-52746

CVE-2023-52746 concerns a Spectre v1 gadget in the Linux kernel’s xfrm_xlate32_attr() path. The vulnerability arises from using the user-provided nla_type as an array index when type > XFRMA_MAX, potentially leaking kernel memory. The patch set introduces array_index_nospec() use to prevent sp...

2.5CVSS5.8AI score0.00243EPSS
CVE
CVE
added 2024/05/21 3:30 p.m.84 views

CVE-2023-52767

CVE-2023-52767 : In the Linux kernel, a NULL dereference could occur in the TLS path when tls_sw_splice_eof() runs as part of sendfile() with an empty plaintext/ciphertext sk_msg. The issue caused tls_push_record() to take the split path and tls_merge_open_record(), which assumed at least one pop...

5.5CVSS6.8AI score0.00172EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.84 views

CVE-2023-52782

The CVE-2023-52782 entry pertains to the Linux kernel net/mlx5e driver: it fixes a race in tracking xmit metadata for PTP WQ where the skb may not be present in the mapping when the metadata index is tracked, risking a null pointer dereference. The fix ensures skb is in metadata mapping before tr...

5.5CVSS6.4AI score0.00235EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.84 views

CVE-2023-52786

CVE-2023-52786 affects the Linux kernel ext4 subsystem. The issue is a race in the inline data check during direct IO (dio) writes: ext4_iomap_begin() can observe inline data concurrently with MAY_INLINE_DATA state clearing across a lock cycle, potentially allowing a dio write to proceed in an un...

4.7CVSS6.6AI score0.00179EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.84 views

CVE-2023-52852

CVE-2023-52852 concerns a Linux kernel vulnerability in f2fs compression code where a use-after-free can occur for the dic pointer during readahead/multi-page decompress flow. The root cause, as described in the connected docs, is that after f2fs_decompress_cluster() is invoked and a cached page ...

7.8CVSS6.7AI score0.00238EPSS
CVE
CVE
added 2024/05/21 3:32 p.m.84 views

CVE-2023-52874

CVE-2023-52874 (Linux kernel, x86/tdx): the vulnerability stems from an omission in the TDX_HYPERCALL path where RSI was not cleared when returning from TDCALL, risking speculation of VMM-provided values after the guest legally shares registers with the untrusted VMM. The issue originates from a ...

5.5CVSS6.7AI score0.00251EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.84 views

CVE-2023-53011

The CVE-2023-53011 issue concerns the Linux kernel’s stmmac driver (DWMAC5) where, by default, all safety features were enabled. If a hardware platform did not provide a safety_feat_cfg entry, enabling the automotive safety package could trigger a NULL pointer dereference during network device op...

5.5CVSS6.5AI score0.00187EPSS
CVE
CVE
added 2025/05/02 3:54 p.m.84 views

CVE-2023-53041

CVE-2023-53041 has concrete details in the Connected documents. The issue is in the Linux kernel’s qla2xxx SCSI driver: during controller add/remove, abort path completes commands with a lock still held, causing a lock-warning in dma_free_attrs. The observed call trace centers on qla2x00_async_sn...

5.5CVSS6.7AI score0.00168EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.84 views

CVE-2023-53139

The CVE-2023-53139 issue is in the Linux kernel’s NFC FDP code: it adds a null check for devm_kmalloc_array in fdp_nci_i2c_read_device_properties. If devm_kmalloc_array fails and fw_vsc_cfg is NULL, an out-of-bounds write can occur in device_property_read_u8_array. The vulnerability is addressed ...

5.5CVSS6.6AI score0.00155EPSS
CVE
CVE
added 2024/04/03 5:0 p.m.84 views

CVE-2024-26728

CVE-2024-26728 is a Linux kernel issue affecting the DRM/AMD display path, where a null-pointer dereference could occur during EDID reading. The fix switches to using an I2C adapter when there is no aux_mode in dc_link to prevent the dereference in scenarios involving DCN2.1 and HDMI connectors (...

5.5CVSS6.4AI score0.00205EPSS
CVE
CVE
added 2024/04/03 5:0 p.m.84 views

CVE-2024-26755

CVE-2024-26755 affects the Linux kernel's MD (multiple devices) subsystem. When a reshape is interrupted, a race can occur between an IO operation crossing the reshape position and a potential suspend of the array triggered by md_start_sync() finding a spare to add/remove from conf. This can dead...

5.3CVSS5.2AI score0.0065EPSS
CVE
CVE
added 2024/04/17 10:14 a.m.84 views

CVE-2024-26849

CVE-2024-26849 is a Linux kernel vulnerability affecting netlink attribute policy for NFTA_TARGET_REV. The minlen entry for NLA_BE32 is zero, causing validation to read past a malformed attribute (risk of kernelread). Concrete details appear in connected advisories (e.g., kernel commits a2ab02815...

5.5CVSS6.5AI score0.00223EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.84 views

CVE-2024-26867

CVE-2024-26867 concerns the Linux kernel issue in comedi_8255: subdevice initialization. The root cause, described across multiple sources, is a refactoring in comdrivers/comedi_8255.c where the io field in subdev_8255_private could be left NULL after initialization, because __subdev_8255_init() ...

5.5CVSS6.5AI score0.00193EPSS
CVE
CVE
added 2024/06/24 1:56 p.m.84 views

CVE-2024-33847

CVE-2024-33847 relates to the Linux kernel’s f2fs compression feature. The root cause is a truncation bug on released compressed inodes that can corrupt a f2fs image if a partial truncation changes the valid block count without updating i_blocks/total_valid_block_count. The patch fixes by allowin...

5.5CVSS6.6AI score0.00225EPSS
CVE
CVE
added 2024/05/17 1:23 p.m.84 views

CVE-2024-35798

CVE-2024-35798 is a Linux kernel vulnerability in btrfs where a race in read_extent_buffer_pages can cause uptodate status to be missed during concurrent reads of the same extent buffer. The issue can lead to concurrent modification and tree-checker errors (e.g., corrupted nodes) due to an unnece...

4.7CVSS6.8AI score0.00168EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.84 views

CVE-2024-35874

In CVE-2024-35874, the Linux kernel vulnerability is a NULL pointer dereference in the aio wakeup path. The issue arises because list_del_init_careful() must be the last access to the wait queue entry, effectively unlocking access, and finish_wait() could see an empty list head, skip locking, and...

5.5CVSS6.7AI score0.00193EPSS
CVE
CVE
added 2024/05/20 9:17 a.m.84 views

CVE-2024-35948

In the Linux kernel (bcachefs), a missing bounds check in superblock validation allowed journal entries to overrun the end of the clean section. The issue has been fixed with a bounds-check in the superblock validation path. No repair code for individual items is available; the entire superblock ...

8.4CVSS6.8AI score0.0023EPSS
CVE
CVE
added 2024/05/20 9:41 a.m.84 views

CVE-2024-35953

The CVE-2024-35953 issue affects the Linux kernel’s accel/ivpu code: ivpu_device->context_xa could deadlock because the XA lock could be held in a thread and interrupted by IRQs that also lock it. The fix is to pass XA_FLAGS_LOCK_IRQ during initialization to prevent the second lock in IRQ cont...

5.5CVSS6.5AI score0.00171EPSS
CVE
CVE
added 2024/06/21 10:18 a.m.84 views

CVE-2024-36281

CVE-2024-36281 affects the Linux kernel net/mlx5/IPsec rules. The vulnerability arises from rx_create and improper mlx5_modify_header_dealloc usage, which could lead to a NULL pointer dereference and an earlier rule-leak when two status rules are populated. The fix switches to mlx5_ipsec_rx_statu...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/05/30 3:29 p.m.84 views

CVE-2024-36935

CVE-2024-36935 : In the Linux kernel, a memory copy from userspace into a kernel buffer for the ice path could miss a terminating NUL, enabling an OOB read when sscanf() is used. The fix uses memdup_user_nul instead of memdup_user to guarantee NUL termination. Affected component is the kernel’s i...

7.1CVSS6.7AI score0.00213EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.84 views

CVE-2024-38569

CVE-2024-38569 concerns the Linux kernel driver for HISI PCIe in the perf subsystem. Description: the perf tool allows creating event groups; if the number of events in an event_group exceeds HISI_PCIE_MAX_COUNTERS, the driver may write past the end of the event_group array, causing an out-of-bou...

7.8CVSS8.4AI score0.00234EPSS
Web
CVE
CVE
added 2024/06/19 1:56 p.m.84 views

CVE-2024-38614

CVE-2024-38614 affects the Linux kernel OpenRISC traps handling. The issue: trap handling could send signals to kernel-mode threads (not user processes), which should not occur; it may be treated as an error when it happens. The patch adds explicit checks to terminate/die when these exceptions ar...

5.5CVSS6.4AI score0.0021EPSS
CVE
CVE
added 2024/06/21 10:18 a.m.84 views

CVE-2024-38622

CVE-2024-38622 concerns a Linux kernel issue in drm/msm/dpu where dpu_core_irq_callback_handler() checks a callback pointer for NULL but then unconditionally calls it. The vulnerability arises from calling a possibly NULL function pointer, which could lead to kernel behavior disruption. The fix a...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/07/29 2:31 p.m.84 views

CVE-2024-41025

In the connected documents, CVE-2024-41025 is described as a Linux kernel issue fixed by addressing a memory leak in the fastrpc audio daemon attach path. Specifically, the Audio PD daemon copies a name via init IOCTL into kernel memory that is allocated but not freed, causing a leak. The vulnera...

5.5CVSS6.4AI score0.00288EPSS
CVE
CVE
added 2024/07/29 2:57 p.m.84 views

CVE-2024-41061

CVE-2024-41061: In the Linux kernel’s DRM/AMD display code, an array-index-out-of-bounds can occur in dml2/FCLKChangeSupport when using out_lowest_state_idx as an index. The core fix is to always use index 0 in the condition to prevent out-of-bounds access. The vulnerability impact is rated HIGH ...

7.8CVSS6.6AI score0.00206EPSS
CVE
CVE
added 2024/07/29 3:52 p.m.84 views

CVE-2024-42064

The CVE-2024-42064 entry is a Linux kernel vulnerability affecting the DRM AMD display driver. The issue occurs when a pipe index is not set correctly, causing a driver crash. The fix adds code to skip a pipe whose idx is not properly set, mitigating the crash. Connected sources (MSRC and Nessus ...

5.5CVSS6.8AI score0.002EPSS
CVE
CVE
added 2024/07/30 7:47 a.m.84 views

CVE-2024-42162

CVE-2024-42162 : In the Linux kernel gve driver, reading NIC statistics could access priv->stats_report->stats when the NIC reported stats for only a subset of queues. The fix adds accounting for stopped queues to prevent invalid access. This is a high‑severity (CVSS v3.1 base score 7.0) lo...

7CVSS6.6AI score0.00195EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.84 views

CVE-2024-44978

CVE-2024-44978 affects the Linux kernel DRM/XE subsystem. The issue is a use-after-free risk where the last xe_exec_queue_put could destroy the VM if job->vm becomes invalid. The fix prevents this by freeing the job before xe_exec_queue_put, cherry-picking commit 32a42c93b74c8ca6d0915ea3eba21b...

7.8CVSS7.3AI score0.00219EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.84 views

CVE-2024-44994

CVE-2024-44994 is a Linux kernel issue in iommu_report_device_fault() where the return path was accidentally removed for partial faults, risking a crash. The problem has a known fix: restoring the missing return in iommu_report_device_fault(), as noted in the kernel commits referenced by the CVE ...

5.5CVSS5.2AI score0.00183EPSS
CVE
CVE
added 2025/01/19 11:52 a.m.84 views

CVE-2024-57918

Technical details for CVE-2024-57918 are not publicly provided in the connected documents; monitor for updates.

5.5CVSS6.3AI score0.00172EPSS
CVE
CVE
added 2025/01/21 12:18 p.m.84 views

CVE-2024-57943

CVE-2024-57943 affects the Linux kernel exFAT path where a newly allocated buffer head could write uninitialized data from the page cache. The root cause is that buffers marked as new were not zeroed before write_end(), risking data leakage or corruption. The remediation is a kernel commit that c...

7.8CVSS6.7AI score0.00192EPSS
CVE
CVE
added 2025/03/06 4:4 p.m.84 views

CVE-2025-21827

The CVE-2025-21827 entry is supported by connected sources describing a Linux kernel Bluetooth issue: Mediatek btusb lacked proper locking around usb_driver_claim_interface(), risking a NULL pointer dereference or an "Failed to claim iso interface" error when the code runs via the hci0 path durin...

5.5CVSS7.2AI score0.00131EPSS
CVE
CVE
added 2025/04/02 12:30 p.m.84 views

CVE-2025-21987

CVE-2025-21987: In Linux kernel DRM/AMDGPU, the bug is in init return value in amdgpu_ttm_clear_buffer; an uninitialized value could be returned if amdgpu_res_cleared returns true for all regions. The issue has been fixed via a cherry-picked commit (commit 7c62aacc3b452f73a1284198c81551035fac6d71...

5.5CVSS7.2AI score0.00174EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.84 views

CVE-2025-22048

Summary of CVE-2025-22048 (Linux kernel LoongArch BPF issue) : The problem was triggered by sign-extending the BPF return value. After commit 73c359d1d356, a5 (BPF return value) was sign-extended to a0, and for native calls the a0 value was propagated back to a5. For bpf2bpf calls this propagatio...

5.5CVSS6.4AI score0.00175EPSS
CVE
CVE
added 2025/05/01 1:7 p.m.84 views

CVE-2025-37762

CVE-2025-37762 affects the Linux kernel DRM virtio, where prepare_fb() error handling missed dmabuf unpinning, causing resource leaks on error paths. The vulnerability is fixed by correcting error handling in prepare_fb(), as noted in multiple sources (e.g., Astra Linux advisory citing the same d...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/05/09 6:41 a.m.84 views

CVE-2025-37847

CVE-2025-37847: In the Linux kernel, a deadlock could occur in accel/ivpu during ivpu_ms_cleanup() when runtime resume acquires file_priv->ms_lock, leading to a cold boot path that calls ivpu_ms_cleanup_all(). The issue is resolved by preventing runtime resume after ms_lock is acquired, avoidi...

5.5CVSS6.5AI score0.00173EPSS
Total number of security vulnerabilities14330