Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2022/10/21 11:15 a.m.53 views

CVE-2022-3636

A vulnerability, which was classified as critical, was found in Linux Kernel. This affects the function __mtk_ppe_check_skb of the file drivers/net/ethernet/mediatek/mtk_ppe.c of the component Ethernet Handler. The manipulation leads to use after free. It is recommended to apply a patch to fix this...

7.8CVSS6.2AI score0.00015EPSS
CVE
CVE
added 2013/09/16 1:1 p.m.52 views

CVE-2013-2890

drivers/hid/hid-sony.c in the Human Interface Device (HID) subsystem in the Linux kernel through 3.11, when CONFIG_HID_SONY is enabled, allows physically proximate attackers to cause a denial of service (heap-based out-of-bounds write) via a crafted device.

4.7CVSS7.3AI score0.00068EPSS
CVE
CVE
added 2013/08/25 3:27 a.m.52 views

CVE-2013-4205

Memory leak in the unshare_userns function in kernel/user_namespace.c in the Linux kernel before 3.10.6 allows local users to cause a denial of service (memory consumption) via an invalid CLONE_NEWUSER unshare call.

4.7CVSS5.6AI score0.00107EPSS
CVE
CVE
added 2017/04/04 6:59 p.m.52 views

CVE-2016-5870

The msm_ipc_router_close function in net/ipc_router/ipc_router_socket.c in the ipc_router component for the Linux kernel 3.x, as used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices and other products, allow attackers to cause a denial of service (NULL pointer dereference...

7.8CVSS7.8AI score0.00071EPSS
CVE
CVE
added 2016/11/16 5:59 a.m.52 views

CVE-2016-7912

Use-after-free vulnerability in the ffs_user_copy_worker function in drivers/usb/gadget/function/f_fs.c in the Linux kernel before 4.5.3 allows local users to gain privileges by accessing an I/O data structure after a certain callback call.

9.3CVSS7.3AI score0.00279EPSS
CVE
CVE
added 2017/04/05 2:59 p.m.52 views

CVE-2017-0325

An elevation of privilege vulnerability in the NVIDIA I2C HID driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.1...

7.6CVSS6.9AI score0.00184EPSS
CVE
CVE
added 2017/04/05 2:59 p.m.52 views

CVE-2017-0339

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10...

7.6CVSS7.5AI score0.00195EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.52 views

CVE-2017-0427

An elevation of privilege vulnerability in the kernel file system could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as Critical due to the possibility of a local permanent device compromise, which may require reflashing the op...

9.3CVSS7.2AI score0.0012EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.52 views

CVE-2017-0445

An elevation of privilege vulnerability in the HTC touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3....

7.6CVSS6.6AI score0.0012EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.52 views

CVE-2017-0456

An elevation of privilege vulnerability in the Qualcomm IPA driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10,...

7.6CVSS6.6AI score0.00254EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.52 views

CVE-2017-0461

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kern...

4.7CVSS4.3AI score0.00283EPSS
CVE
CVE
added 2017/04/07 10:59 p.m.52 views

CVE-2017-0570

An elevation of privilege vulnerability in the Broadcom Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.9AI score0.00254EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.52 views

CVE-2017-17854

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 allows local users to cause a denial of service (integer overflow and memory corruption) or possibly have unspecified other impact by leveraging unrestricted integer values for pointer arithmetic.

7.8CVSS7.6AI score0.00077EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.52 views

CVE-2021-47251

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix skb length check in ieee80211_scan_rx() Replace hard-coded compile-time constants for header length checkwith dynamic determination based on the frame type. Otherwise, wehit a validation WARN_ON in cfg80211 later. [st...

7.8CVSS6.7AI score0.00054EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.52 views

CVE-2021-47264

In the Linux kernel, the following vulnerability has been resolved: ASoC: core: Fix Null-point-dereference in fmt_single_name() Check the return value of devm_kstrdup() in case ofNull-point-dereference.

5.5CVSS6.7AI score0.00053EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.52 views

CVE-2021-47286

In the Linux kernel, the following vulnerability has been resolved: bus: mhi: core: Validate channel ID when processing command completions MHI reads the channel ID from the event ring element sent by thedevice which can be any value between 0 and 255. In order toprevent any out of bound accesses, ...

7.8CVSS6.8AI score0.00097EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.52 views

CVE-2021-47312

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: Fix dereference of null pointer flow In the case where chain->flags & NFT_CHAIN_HW_OFFLOAD is false thennft_flow_rule_create is not called and flow is NULL. The subsequenterror handling execution via label ...

5.5CVSS5.4AI score0.00069EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.52 views

CVE-2021-47336

In the Linux kernel, the following vulnerability has been resolved: smackfs: restrict bytes count in smk_set_cipso() Oops, I failed to update subject line. From 07571157c91b98ce1a4aa70967531e64b78e8346 Mon Sep 17 00:00:00 2001Date: Mon, 12 Apr 2021 22:25:06 +0900Subject: [PATCH] smackfs: restrict b...

7.8CVSS6.7AI score0.00019EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.52 views

CVE-2021-47524

In the Linux kernel, the following vulnerability has been resolved: serial: liteuart: fix minor-number leak on probe errors Make sure to release the allocated minor number before returning onprobe errors.

6.7AI score0.00023EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.52 views

CVE-2021-47530

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix wait_fence submitqueue leak We weren't dropping the submitqueue reference in all paths. Inparticular, when the fence has already been signalled. Split outa helper to simplify handling this in the various different retu...

6.6AI score0.0003EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.52 views

CVE-2021-47584

In the Linux kernel, the following vulnerability has been resolved: iocost: Fix divide-by-zero on donation from low hweight cgroup The donation calculation logic assumes that the donor has non-zeroafter-donation hweight, so the lowest active hweight a donating cgroup canhave is 2 so that it can don...

5.5CVSS6.9AI score0.00011EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.52 views

CVE-2021-47601

In the Linux kernel, the following vulnerability has been resolved: tee: amdtee: fix an IS_ERR() vs NULL bug The __get_free_pages() function does not return error pointers it returnsNULL so fix this condition to avoid a NULL dereference.

5.5CVSS7AI score0.00012EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.52 views

CVE-2021-47658

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a potential gpu_metrics_table memory leak Memory is allocated for gpu_metrics_table in renoir_init_smc_tables(),but not freed in int smu_v12_0_fini_smc_tables(). Free it!

5.4AI score0.00029EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.52 views

CVE-2022-48643

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() syzbot is reporting underflow of nft_counters_enabled counter atnf_tables_addchain() [1], for commit 43eb8949cfdffa76 ("netfilter:nf_tables: do not le...

6.6AI score0.00026EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.52 views

CVE-2022-48661

In the Linux kernel, the following vulnerability has been resolved: gpio: mockup: Fix potential resource leakage when register a chip If creation of software node fails, the locally allocated stringarray is left unfreed. Free it on error path.

5.5CVSS6.7AI score0.00018EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.52 views

CVE-2022-48668

In the Linux kernel, the following vulnerability has been resolved: smb3: fix temporary data corruption in collapse range collapse range doesn't discard the affected cached regionso can risk temporarily corrupting the file data. Thisfixes xfstest generic/031 I also decided to merge a minor cleanup ...

6.4AI score0.00034EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.52 views

CVE-2022-48725

In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix refcounting leak in siw_create_qp() The atomic_inc() needs to be paired with an atomic_dec() on the errorpath.

5.5CVSS7AI score0.00027EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.52 views

CVE-2022-48730

In the Linux kernel, the following vulnerability has been resolved: dma-buf: heaps: Fix potential spectre v1 gadget It appears like nr could be a Spectre v1 gadget as it's supplied by auser and used as an array index. Prevent the contentsof kernel memory from being leaked to userspace via speculati...

5.5CVSS6.4AI score0.00019EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.52 views

CVE-2022-48745

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Use del_timer_sync in fw reset flow of halting poll Substitute del_timer() with del_timer_sync() in fw reset pollingdeactivation flow, in order to prevent a race condition which occurswhen del_timer() is called and timer ...

6.5AI score0.00038EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.52 views

CVE-2022-48751

In the Linux kernel, the following vulnerability has been resolved: net/smc: Transitional solution for clcsock race issue We encountered a crash in smc_setsockopt() and it is caused byaccessing smc->clcsock after clcsock was released. BUG: kernel NULL pointer dereference, address: 00000000000000...

4.7CVSS6.2AI score0.00019EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.52 views

CVE-2022-48769

In the Linux kernel, the following vulnerability has been resolved: efi: runtime: avoid EFIv2 runtime services on Apple x86 machines Aditya reports [0] that his recent MacbookPro crashes in the firmwarewhen using the variable services at runtime. The culprit appears to be acall to QueryVariableInfo...

6.4AI score0.00039EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.52 views

CVE-2022-48787

In the Linux kernel, the following vulnerability has been resolved: iwlwifi: fix use-after-free If no firmware was present at all (or, presumably, all of thefirmware files failed to parse), we end up unbinding by callingdevice_release_driver(), which calls remove(), which then iniwlwifi calls iwl_d...

7.8CVSS8.2AI score0.00037EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.52 views

CVE-2022-48811

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: don't release napi in __ibmvnic_open() If __ibmvnic_open() encounters an error such as when setting link state,it calls release_resources() which frees the napi structures needlessly.Instead, have __ibmvnic_open() only cle...

6.4AI score0.00065EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.52 views

CVE-2022-48867

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Prevent use after free on completion memory On driver unload any pending descriptors are flushed at thetime the interrupt is freed:idxd_dmaengine_drv_remove() ->drv_disable_wq() ->idxd_wq_free_irq() ->idxd...

7.8CVSS6.3AI score0.00044EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.52 views

CVE-2022-48872

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Fix use-after-free race condition for maps It is possible that in between calling fastrpc_map_get() untilmap->fl->lock is taken in fastrpc_free_map(), another thread can callfastrpc_map_lookup() and get a refer...

7CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2024/08/22 4:15 a.m.52 views

CVE-2022-48932

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte When adding a rule with 32 destinations, we hit the following out-of-bandaccess issue: BUG: KASAN: slab-out-of-bounds in mlx5_cmd_dr_create_fte+0x18ee/0x1e70 This patch...

5.5CVSS7AI score0.00036EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.52 views

CVE-2022-48971

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix not cleanup led when bt_init fails bt_init() calls bt_leds_init() to register led, but if it fails later,bt_leds_cleanup() is not called to unregister it. This can cause panic if the argument "bluetooth-power" in tex...

5.5CVSS5.2AI score0.00034EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.52 views

CVE-2022-48980

In the Linux kernel, the following vulnerability has been resolved: net: dsa: sja1105: avoid out of bounds access in sja1105_init_l2_policing() The SJA1105 family has 45 L2 policing table entries(SJA1105_MAX_L2_POLICING_COUNT) and SJA1110 has 110(SJA1110_MAX_L2_POLICING_COUNT). Keeping the table st...

7.8CVSS7.3AI score0.0003EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.52 views

CVE-2022-49031

In the Linux kernel, the following vulnerability has been resolved: iio: health: afe4403: Fix oob read in afe4403_read_raw KASAN report out-of-bounds read as follows: BUG: KASAN: global-out-of-bounds in afe4403_read_raw+0x42e/0x4c0Read of size 4 at addr ffffffffc02ac638 by task cat/279 Call Trace:a...

7.1CVSS6.6AI score0.00034EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.52 views

CVE-2022-49047

In the Linux kernel, the following vulnerability has been resolved: ep93xx: clock: Fix UAF in ep93xx_clk_register_gate() arch/arm/mach-ep93xx/clock.c:154:2: warning: Use of memory after it is freed [clang-analyzer-unix.Malloc]arch/arm/mach-ep93xx/clock.c:151:2: note: Taking true branchif (IS_ERR(cl...

7.8CVSS5.5AI score0.0003EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.52 views

CVE-2022-49048

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix panic when forwarding a pkt with no in6 dev kongweibin reported a kernel panic in ip6_forward() when input interfacehas no in6 dev associated. The following tc commands were used to reproduce this panic:tc qdisc del dev v...

5.4AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.52 views

CVE-2022-49146

In the Linux kernel, the following vulnerability has been resolved: virtio: use virtio_device_ready() in virtio_device_restore() After waking up a suspended VM, the kernel prints the following tracefor virtio drivers which do not directly call virtio_device_ready() inthe .restore: PM: suspend exit ...

5.2AI score0.00031EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.52 views

CVE-2022-49172

In the Linux kernel, the following vulnerability has been resolved: parisc: Fix non-access data TLB cache flush faults When a page is not present, we get non-access data TLB faults fromthe fdc and fic instructions in flush_user_dcache_range_asm andflush_user_icache_range_asm. When these occur, the ...

5.3AI score0.00031EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49364

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to clear dirty inode in f2fs_evict_inode() As Yanming reported in bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=215904 The kernel message is shown below: kernel BUG at fs/f2fs/inode.c:825!Call Trace:evict+0x282/0x...

5.3AI score0.00052EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49387

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2l_wdt: Fix 32bit overflow issue The value of timer_cycle_us can be 0 due to 32bit overflow.For eg:- If we assign the counter value "0xfff" for computingmaxval. This patch fixes this issue by appending ULL to 1024, so ...

5.5CVSS5.6AI score0.00017EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49528

In the Linux kernel, the following vulnerability has been resolved: media: i2c: dw9714: Disable the regulator when the driver fails to probe When the driver fails to probe, we will get the following splat: [ 59.305988] ------------[ cut here ]------------[ 59.306417] WARNING: CPU: 2 PID: 395 at dri...

5.3AI score0.00041EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49582

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering The "ds" iterator variable used in dsa_port_reset_vlan_filtering() ->dsa_switch_for_each_port() overwrites the "dp" received as argument,which is later used...

5.5CVSS5.4AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49633

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl_icmp_echo_enable_probe. While reading sysctl_icmp_echo_enable_probe, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

4.7CVSS6.5AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49654

In the Linux kernel, the following vulnerability has been resolved: net: dsa: qca8k: reset cpu port on MTU change It was discovered that the Documentation lacks of a fundamental detailon how to correctly change the MAX_FRAME_SIZE of the switch. In fact if the MAX_FRAME_SIZE is changed while the cpu...

5.4AI score0.00043EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.52 views

CVE-2022-49662

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6_dump_addrs() As reported by syzbot, we should not use rcu_dereference()when rcu_read_lock() is not held. WARNING: suspicious RCU usage5.19.0-rc2-syzkaller #0 Not tainted net/ipv6/addrconf.c:5175 suspi...

5.4AI score0.00031EPSS
Total number of security vulnerabilities10741