Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2025/05/09 7:16 a.m.57 views

CVE-2025-37861

In the Linux kernel, the following vulnerability has been resolved: scsi: mpi3mr: Synchronous access b/w reset and tm thread for reply queue When the task management thread processes reply queues while the resetthread resets them, the task management thread accesses an invalid queue ID(0xFFFF), set...

7AI score0.00026EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.57 views

CVE-2025-37870

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: prevent hang on link training fail [Why]When link training fails, the phy clock will be disabled. However, inenable_streams, it is assumed that link training succeeded and themux selects the phy clock, causing a ha...

6.9AI score0.00025EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.57 views

CVE-2025-37968

In the Linux kernel, the following vulnerability has been resolved: iio: light: opt3001: fix deadlock due to concurrent flag access The threaded IRQ function in this driver is reading the flag twice: once tolock a mutex and once to unlock it. Even though the code setting the flagis designed to prev...

6.7AI score0.00031EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.56 views

CVE-1999-1225

rpc.mountd on Linux, Ultrix, and possibly other operating systems, allows remote attackers to determine the existence of a file on the server by attempting to mount that file, which generates different error messages depending on whether the file exists or not.

5CVSS6.9AI score0.00455EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.56 views

CVE-2001-1391

Off-by-one vulnerability in CPIA driver of Linux kernel before 2.2.19 allows users to modify kernel memory.

5.5CVSS5.2AI score0.00087EPSS
CVE
CVE
added 2004/12/23 5:0 a.m.56 views

CVE-2004-0816

Integer underflow in the firewall logging rules for iptables in Linux before 2.6.8 allows remote attackers to cause a denial of service (application crash) via a malformed IP packet.

7.5CVSS7.3AI score0.07792EPSS
CVE
CVE
added 2005/01/27 5:0 a.m.56 views

CVE-2004-0887

SUSE Linux Enterprise Server 9 on the S/390 platform does not properly handle a certain privileged instruction, which allows local users to gain root privileges.

7.2CVSS7.4AI score0.00047EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.56 views

CVE-2004-1333

Integer overflow in the vc_resize function in the Linux kernel 2.4 and 2.6 before 2.6.10 allows local users to cause a denial of service (kernel crash) via a short new screen value, which leads to a buffer overflow.

2.1CVSS7.1AI score0.0023EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.56 views

CVE-2005-0530

Signedness error in the copy_from_read_buf function in n_tty.c for Linux kernel 2.6.10 and 2.6.11rc1 allows local users to read kernel memory via a negative argument.

2.1CVSS5AI score0.00068EPSS
CVE
CVE
added 2005/06/16 4:0 a.m.56 views

CVE-2005-1265

The mmap function in the Linux Kernel 2.6.10 can be used to create memory maps with a start address beyond the end address, which allows local users to cause a denial of service (kernel crash).

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/09/14 7:3 p.m.56 views

CVE-2005-1913

The Linux kernel 2.6 before 2.6.12.1 allows local users to cause a denial of service (kernel panic) via a non group-leader thread executing a different program than was pending in itimer, which causes the signal to be delivered to the old group-leader task, which does not exist.

2.1CVSS7AI score0.00063EPSS
CVE
CVE
added 2005/08/08 4:0 a.m.56 views

CVE-2005-2500

Buffer overflow in the xdr_xcode_array2 function in xdr.c in Linux kernel 2.6.12, as used in SuSE Linux Enterprise Server 9, might allow remote attackers to cause a denial of service and possibly execute arbitrary code via crafted XDR data for the nfsacl protocol.

7.5CVSS7.9AI score0.02584EPSS
CVE
CVE
added 2005/12/14 7:3 p.m.56 views

CVE-2005-3358

Linux kernel before 2.6.15 allows local users to cause a denial of service (panic) via a set_mempolicy call with a 0 bitmask, which causes a panic when a page fault occurs.

4.9CVSS4.4AI score0.00185EPSS
CVE
CVE
added 2005/11/25 9:3 p.m.56 views

CVE-2005-3807

Memory leak in the VFS file lease handling in locks.c in Linux kernels 2.6.10 to 2.6.15 allows local users to cause a denial of service (memory exhaustion) via certain Samba activities that cause an fasync entry to be re-allocated by the fcntl_setlease function after the fasync queue has already be...

4.9CVSS6AI score0.00147EPSS
CVE
CVE
added 2006/03/22 8:6 p.m.56 views

CVE-2006-0038

Integer overflow in the do_replace function in netfilter for Linux before 2.6.16-rc3, when using "virtualization solutions" such as OpenVZ, allows local users with CAP_NET_ADMIN rights to cause a buffer overflow in the copy_from_user function.

6.9CVSS7.5AI score0.00091EPSS
CVE
CVE
added 2006/01/06 11:3 a.m.56 views

CVE-2006-0095

dm-crypt in Linux kernel 2.6.15 and earlier does not clear a structure before it is freed, which leads to a memory disclosure that could allow local users to obtain sensitive information about a cryptographic key.

2.1CVSS4.8AI score0.00132EPSS
CVE
CVE
added 2006/03/12 9:2 p.m.56 views

CVE-2006-0557

sys_mbind in mempolicy.c in Linux kernel 2.6.16 and earlier does not sanity check the maxnod variable before making certain computations for the get_nodes function, which has unknown impact and attack vectors.

4.9CVSS6.1AI score0.00079EPSS
CVE
CVE
added 2006/04/05 5:4 p.m.56 views

CVE-2006-1055

The fill_write_buffer function in sysfs/file.c in Linux kernel 2.6.12 up to versions before 2.6.17-rc1 does not zero terminate a buffer when a length of PAGE_SIZE or more is requested, which might allow local users to cause a denial of service (crash) by causing an out-of-bounds read.

4.9CVSS7.2AI score0.00064EPSS
CVE
CVE
added 2006/05/22 4:6 p.m.56 views

CVE-2006-1858

SCTP in Linux kernel before 2.6.16.17 allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a chunk length that is inconsistent with the actual length of provided parameters.

7.8CVSS7.6AI score0.1139EPSS
CVE
CVE
added 2006/06/30 9:5 p.m.56 views

CVE-2006-2934

SCTP conntrack (ip_conntrack_proto_sctp.c) in netfilter for Linux kernel 2.6.17 before 2.6.17.3 and 2.6.16 before 2.6.16.23 allows remote attackers to cause a denial of service (crash) via a packet without any chunks, which causes a variable to contain an invalid value that is later used to derefer...

5CVSS7.1AI score0.23284EPSS
CVE
CVE
added 2006/12/11 11:28 p.m.56 views

CVE-2006-5871

smbfs in Linux kernel 2.6.8 and other versions, and 2.4.x before 2.4.34, when UNIX extensions are enabled, ignores certain mount options, which could cause clients to use server-specified uid, gid and mode settings.

4.1CVSS7.2AI score0.0007EPSS
CVE
CVE
added 2007/03/12 11:19 p.m.56 views

CVE-2007-1000

The ipv6_getsockopt_sticky function in net/ipv6/ipv6_sockglue.c in the Linux kernel before 2.6.20.2 allows local users to read arbitrary kernel memory via certain getsockopt calls that trigger a NULL dereference.

7.2CVSS5.7AI score0.00221EPSS
CVE
CVE
added 2007/05/29 8:30 p.m.56 views

CVE-2007-2451

Unspecified vulnerability in drivers/crypto/geode-aes.c in GEODE-AES in the Linux kernel before 2.6.21.3 allows attackers to obtain sensitive information via unspecified vectors.

5CVSS5.6AI score0.00858EPSS
CVE
CVE
added 2007/08/13 9:17 p.m.56 views

CVE-2007-4311

The xfer_secondary_pool function in drivers/char/random.c in the Linux kernel 2.4 before 2.4.35 performs reseed operations on only the first few bytes of a buffer, which might make it easier for attackers to predict the output of the random number generator, related to incorrect use of the sizeof o...

6.8CVSS6.1AI score0.00606EPSS
CVE
CVE
added 2008/01/31 9:0 p.m.56 views

CVE-2007-4998

cp, when running with an option to preserve symlinks on multiple OSes, allows local, user-assisted attackers to overwrite arbitrary files via a symlink attack using crafted directories containing multiple source files that are copied to the same destination.

6.9CVSS6.5AI score0.00027EPSS
CVE
CVE
added 2008/09/03 2:12 p.m.56 views

CVE-2008-3792

net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4 does not verify that the SCTP-AUTH extension is enabled before proceeding with SCTP-AUTH API functions, which allows attackers to cause a denial of service (NULL pointer dereferen...

7.1CVSS5AI score0.0444EPSS
Web
CVE
CVE
added 2008/09/16 11:0 p.m.56 views

CVE-2008-4113

The sctp_getsockopt_hmac_ident function in net/sctp/socket.c in the Stream Control Transmission Protocol (sctp) implementation in the Linux kernel before 2.6.26.4, when the SCTP-AUTH extension is enabled, relies on an untrusted length value to limit copying of data from kernel memory, which allows ...

4.7CVSS4.7AI score0.00179EPSS
Web
CVE
CVE
added 2009/07/01 1:0 p.m.56 views

CVE-2009-2287

The kvm_arch_vcpu_ioctl_set_sregs function in the KVM in Linux kernel 2.6 before 2.6.30, when running on x86 systems, does not validate the page table root in a KVM_SET_SREGS call, which allows local users to cause a denial of service (crash or hang) via a crafted cr3 value, which triggers a NULL p...

4.9CVSS6.8AI score0.00064EPSS
CVE
CVE
added 2012/06/13 10:24 a.m.56 views

CVE-2011-2211

The osf_wait4 function in arch/alpha/kernel/osf_sys.c in the Linux kernel before 2.6.39.4 on the Alpha platform uses an incorrect pointer, which allows local users to gain privileges by writing a certain integer value to kernel memory.

7.2CVSS8.4AI score0.00047EPSS
CVE
CVE
added 2013/04/05 9:55 p.m.56 views

CVE-2013-1858

The clone system-call implementation in the Linux kernel before 3.8.3 does not properly handle a combination of the CLONE_NEWUSER and CLONE_FS flags, which allows local users to gain privileges by calling chroot and leveraging the sharing of the / directory between a parent process and a child proc...

7.2CVSS6.6AI score0.01201EPSS
CVE
CVE
added 2013/05/03 11:57 a.m.56 views

CVE-2013-1959

kernel/user_namespace.c in the Linux kernel before 3.8.9 does not have appropriate capability requirements for the uid_map and gid_map files, which allows local users to gain privileges by opening a file within an unprivileged process and then modifying the file within a privileged process.

3.7CVSS6.2AI score0.01052EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.56 views

CVE-2013-3226

The sco_sock_recvmsg function in net/bluetooth/sco.c in the Linux kernel before 3.9-rc7 does not initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.5AI score0.00058EPSS
CVE
CVE
added 2014/04/14 11:55 p.m.56 views

CVE-2014-2739

The cma_req_handler function in drivers/infiniband/core/cma.c in the Linux kernel 3.14.x through 3.14.1 attempts to resolve an RDMA over Converged Ethernet (aka RoCE) address that is properly resolved within a different module, which allows remote attackers to cause a denial of service (incorrect p...

4.6CVSS6.7AI score0.00379EPSS
CVE
CVE
added 2014/10/13 10:55 a.m.56 views

CVE-2014-7284

The net_get_random_once implementation in net/core/utils.c in the Linux kernel 3.13.x and 3.14.x before 3.14.5 on certain Intel processors does not perform the intended slow-path operation to initialize random seeds, which makes it easier for remote attackers to spoof or disrupt IP communication by...

6.4CVSS5AI score0.01011EPSS
CVE
CVE
added 2016/08/07 9:59 p.m.56 views

CVE-2015-0568

Use-after-free vulnerability in the msm_set_crop function in drivers/media/video/msm/msm_camera.c in the MSM-Camera driver for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allows attackers to gain privileges or cause a ...

7.8CVSS7.3AI score0.00464EPSS
CVE
CVE
added 2015/12/28 11:59 a.m.56 views

CVE-2015-7884

The vivid_fb_ioctl function in drivers/media/platform/vivid/vivid-osd.c in the Linux kernel through 4.3.3 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel memory via a crafted application.

2.3CVSS2.9AI score0.00021EPSS
CVE
CVE
added 2016/08/06 8:59 p.m.56 views

CVE-2016-6516

Race condition in the ioctl_file_dedupe_range function in fs/ioctl.c in the Linux kernel through 4.7 allows local users to cause a denial of service (heap-based buffer overflow) or possibly gain privileges by changing a certain count value, aka a "double fetch" vulnerability.

7.4CVSS7.3AI score0.00516EPSS
CVE
CVE
added 2017/01/12 8:59 p.m.56 views

CVE-2017-0404

An elevation of privilege vulnerability in the kernel sound subsystem could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....

7.6CVSS6.5AI score0.00327EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.56 views

CVE-2017-0579

An elevation of privilege vulnerability in the Qualcomm video driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.00254EPSS
CVE
CVE
added 2017/05/12 3:29 p.m.56 views

CVE-2017-0620

An elevation of privilege vulnerability in the Qualcomm Secure Channel Manager driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Ver...

7.6CVSS6.6AI score0.00052EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.56 views

CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.

7.8CVSS7.6AI score0.00077EPSS
CVE
CVE
added 2017/04/23 5:59 a.m.56 views

CVE-2017-8063

drivers/media/usb/dvb-usb/cxusb.c in the Linux kernel 4.9.x and 4.10.x before 4.10.12 interacts incorrectly with the CONFIG_VMAP_STACK option, which allows local users to cause a denial of service (system crash) or possibly have unspecified other impact by leveraging use of more than one virtual pa...

7.8CVSS8.1AI score0.00101EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.56 views

CVE-2021-47125

In the Linux kernel, the following vulnerability has been resolved: sch_htb: fix refcount leak in htb_parent_to_leaf_offload The commit ae81feb7338c ("sch_htb: fix null pointer dereferenceon a null new_q") fixes a NULL pointer dereference bug, but itis not correct. Because htb_graft_helper properly...

5.5CVSS6.6AI score0.00017EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.56 views

CVE-2021-47147

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix a resource leak in an error handling path If an error occurs after a successful 'pci_ioremap_bar()' call, it must beundone by a corresponding 'pci_iounmap()' call, as already done in theremove function.

6.2CVSS6.1AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47239

In the Linux kernel, the following vulnerability has been resolved: net: usb: fix possible use-after-free in smsc75xx_bind The commit 46a8b29c6306 ("net: usb: fix memory leak in smsc75xx_bind")fails to clean up the work scheduled in smsc75xx_reset->smsc75xx_set_multicast, which leads to use-afte...

7.8CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47240

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: fix OOB Read in qrtr_endpoint_post Syzbot reported slab-out-of-bounds Read inqrtr_endpoint_post. The problem was in wrongsize type: if (len != ALIGN(size, 4) + hdrlen) goto err; If size from qrtr_hdr is 4294967293 (0xfff...

7.1CVSS6.6AI score0.00064EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47341

In the Linux kernel, the following vulnerability has been resolved: KVM: mmio: Fix use-after-free Read in kvm_vm_ioctl_unregister_coalesced_mmio BUG: KASAN: use-after-free in kvm_vm_ioctl_unregister_coalesced_mmio+0x7c/0x1ec arch/arm64/kvm/../../../virt/kvm/coalesced_mmio.c:183Read of size 8 at add...

7.8CVSS6.8AI score0.00021EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.56 views

CVE-2021-47363

In the Linux kernel, the following vulnerability has been resolved: nexthop: Fix division by zero while replacing a resilient group The resilient nexthop group torture tests in fib_nexthop.sh exposed apossible division by zero while replacing a resilient group [1]. Thedivision by zero occurs when t...

5.5CVSS6.3AI score0.00014EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47512

In the Linux kernel, the following vulnerability has been resolved: net/sched: fq_pie: prevent dismantle issue For some reason, fq_pie_destroy() did not copyworking code from pie_destroy() and other qdiscs,thus causing elusive bug. Before calling del_timer_sync(&q->adapt_timer),we need to ensure...

5.5CVSS6.9AI score0.00018EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.56 views

CVE-2021-47536

In the Linux kernel, the following vulnerability has been resolved: net/smc: fix wrong list_del in smc_lgr_cleanup_early smc_lgr_cleanup_early() meant to delete the linkgroup from the link group list, but it deletedthe list head by mistake. This may cause memory corruption since we didn'tremove the...

6.7AI score0.00025EPSS
Total number of security vulnerabilities10926