Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2025/03/12 10:15 a.m.52 views

CVE-2025-21851

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y,arena_htab tests cause a segmentation fault and soft lockup.The same failure is not observed with 4k pages on aarch64. It tu...

3.3CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2025/03/27 2:15 p.m.52 views

CVE-2025-21870

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc4-topology: Harden loops for looking up ALH copiers Other, non DAI copier widgets could have the same stream name (sname) asthe ALH copier and in that case the copier->data is NULL, no alh_data isattached, which co...

6.8AI score0.00032EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.52 views

CVE-2025-21908

In the Linux kernel, the following vulnerability has been resolved: NFS: fix nfs_release_folio() to not deadlock via kcompactd writeback Add PF_KCOMPACTD flag and current_is_kcompactd() helper to check for it sonfs_release_folio() can skip calling nfs_wb_folio() from kcompactd. Otherwise NFS can de...

5.5CVSS7.2AI score0.00017EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.52 views

CVE-2025-21923

In the Linux kernel, the following vulnerability has been resolved: HID: hid-steam: Fix use-after-free when detaching device When a hid-steam device is removed it must clean up the client_hdev used forintercepting hidraw access. This can lead to scheduling deferred work toreattach the input device....

7.8CVSS7.2AI score0.00023EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.52 views

CVE-2025-21973

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: fix kernel panic in the bnxt_get_queue_stats{rx | tx} When qstats-get operation is executed, callbacks of netdev_stats_opsare called. The bnxt_get_queue_stats{rx | tx} collect per-queue statsfrom sw_stats in the rings.Bu...

6.8AI score0.00032EPSS
CVE
CVE
added 2025/04/03 8:15 a.m.52 views

CVE-2025-22006

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: ti: am65-cpsw: Fix NAPI registration sequence Registering the interrupts for TX or RX DMA Channels prior to registeringtheir respective NAPI callbacks can result in a NULL pointer dereference.This is seen in practice...

5.5CVSS7.1AI score0.00017EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.52 views

CVE-2025-22051

In the Linux kernel, the following vulnerability has been resolved: staging: gpib: Fix Oops after disconnect in agilent usb If the agilent usb dongle is disconnected subsequent calls to thedriver cause a NULL dereference Oops as the bus_interfaceis set to NULL on disconnect. This problem was introd...

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.52 views

CVE-2025-22061

In the Linux kernel, the following vulnerability has been resolved: net: airoha: Fix qid report in airoha_tc_get_htb_get_leaf_queue() Fix the following kernel warning deleting HTB offloaded leafs and/or rootHTB qdisc in airoha_eth driver properly reporting qid inairoha_tc_get_htb_get_leaf_queue rou...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.52 views

CVE-2025-22067

In the Linux kernel, the following vulnerability has been resolved: spi: cadence: Fix out-of-bounds array access in cdns_mrvl_xspi_setup_clock() If requested_clk > 128, cdns_mrvl_xspi_setup_clock() iterates over theentire cdns_mrvl_xspi_clk_div_list array without breaking out early,causing 'i' t...

7.8CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.52 views

CVE-2025-22091

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix page_size variable overflow Change all variables storing mlx5_umem_mkc_find_best_pgsz() result tounsigned long to support values larger than 31 and avoid overflow. For example: If we try to register 4GB of memory tha...

6.3AI score0.00026EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.52 views

CVE-2025-23162

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Don't try to trigger a full GT reset if VF VFs don't have access to the GDRST(0x941c) register that driveruses to reset a GT. Attempt to trigger a reset using debugfs: $ cat /sys/kernel/debug/dri/0000:00:02.1/gt0/force_r...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.52 views

CVE-2025-37759

In the Linux kernel, the following vulnerability has been resolved: ublk: fix handling recovery & reissue in ublk_abort_queue() Commit 8284066946e6 ("ublk: grab request reference when the request is handledby userspace") doesn't grab request reference in case of recovery reissue.Then the request ca...

6.8AI score0.00026EPSS
CVE
CVE
added 2025/05/01 2:15 p.m.52 views

CVE-2025-37764

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: fix firmware memory leaks Free the memory used to hold the results of firmware image processingwhen the module is unloaded. Fix the related issue of the same memory being leaked if processingof the firmware image f...

6.7AI score0.00025EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.52 views

CVE-2025-37808

In the Linux kernel, the following vulnerability has been resolved: crypto: null - Use spin lock instead of mutex As the null algorithm may be freed in softirq context throughaf_alg, use spin locks instead of mutexes to protect the defaultnull algorithm.

5.4AI score0.00036EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.52 views

CVE-2025-37828

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: mcq: Add NULL check in ufshcd_mcq_abort() A race can occur between the MCQ completion path and the abort handler:once a request completes, __blk_mq_free_request() sets rq->mq_hctx toNULL, meaning the subsequent ufshcd...

5.2AI score0.00026EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.52 views

CVE-2025-37844

In the Linux kernel, the following vulnerability has been resolved: cifs: avoid NULL pointer dereference in dbg call cifs_server_dbg() implies server to be non-NULL somove call under condition to avoid NULL pointer dereference. Found by Linux Verification Center (linuxtesting.org) with SVACE.

6.9AI score0.00036EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.52 views

CVE-2025-37857

In the Linux kernel, the following vulnerability has been resolved: scsi: st: Fix array overflow in st_setup() Change the array size to follow parms size instead of a fixed value.

6.8AI score0.00049EPSS
CVE
CVE
added 2025/05/20 6:15 p.m.52 views

CVE-2025-37985

In the Linux kernel, the following vulnerability has been resolved: USB: wdm: close race between wdm_open and wdm_wwan_port_stop Clearing WDM_WWAN_IN_USE must be the last action orwe can open a chardev whose URBs are still poisoned

6.5AI score0.00036EPSS
CVE
CVE
added 2025/05/29 2:15 p.m.52 views

CVE-2025-37999

In the Linux kernel, the following vulnerability has been resolved: fs/erofs/fileio: call erofs_onlinefolio_split() after bio_add_folio() If bio_add_folio() fails (because it is full),erofs_fileio_scan_folio() needs to submit the I/O request viaerofs_fileio_rq_submit() and allocate a new I/O reques...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/04/18 2:15 p.m.52 views

CVE-2025-40364

In the Linux kernel, the following vulnerability has been resolved: io_uring: fix io_req_prep_async with provided buffers io_req_prep_async() can import provided buffers, commit the ring stateby giving up on that before, it'll be reimported later if needed.

6.7AI score0.00027EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.51 views

CVE-1999-0400

Denial of service in Linux 2.2.0 running the ldd command on a core file.

4.6CVSS7AI score0.00658EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.51 views

CVE-1999-0401

A race condition in Linux 2.2.1 allows local users to read arbitrary memory from /proc files.

3.7CVSS6.7AI score0.00073EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.51 views

CVE-1999-0460

Buffer overflow in Linux autofs module through long directory names allows local users to perform a denial of service.

2.1CVSS6.9AI score0.00192EPSS
CVE
CVE
added 2000/04/12 4:0 a.m.51 views

CVE-2000-0227

The Linux 2.2.x kernel does not restrict the number of Unix domain sockets as defined by the wmem_max parameter, which allows local users to cause a denial of service by requesting a large number of sockets.

2.1CVSS6.5AI score0.00167EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.51 views

CVE-2001-1400

Unknown vulnerabilities in the UDP port allocation for Linux kernel before 2.2.19 could allow local users to cause a denial of service (deadlock).

2.1CVSS5.4AI score0.0006EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.51 views

CVE-2001-1551

Linux kernel 2.2.19 enables CAP_SYS_RESOURCE for setuid processes, which allows local users to exceed disk quota restrictions during execution of setuid programs.

2.1CVSS6.8AI score0.00083EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.51 views

CVE-2001-1572

The MAC module in Netfilter in Linux kernel 2.4.1 through 2.4.11, when configured to filter based on MAC addresses, allows remote attackers to bypass packet filters via small packets.

7.5CVSS6.6AI score0.00403EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.51 views

CVE-2002-1976

ifconfig, when used on the Linux kernel 2.2 and later, does not report when the network interface is in promiscuous mode if it was put in promiscuous mode using PACKET_MR_PROMISC, which could allow attackers to sniff the network without detection, as demonstrated using libpcap.

2.1CVSS6.5AI score0.00075EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.51 views

CVE-2004-1151

Multiple buffer overflows in the (1) sys32_ni_syscall and (2) sys32_vm86_warning functions in sys_ia32.c for Linux 2.6.x may allow local attackers to modify kernel memory and gain privileges.

7.2CVSS7.4AI score0.00052EPSS
CVE
CVE
added 2006/06/01 12:0 a.m.51 views

CVE-2005-0136

The Linux kernel before 2.6.11 on the Itanium IA64 platform has certain "ptrace corner cases" that allow local users to cause a denial of service (crash) via crafted syscalls, possibly related to MCA/INIT, a different vulnerability than CVE-2005-1761.

2.1CVSS5.4AI score0.00062EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.51 views

CVE-2005-0210

Netfilter in the Linux kernel 2.6.8.1 allows local users to cause a denial of service (memory consumption) via certain packet fragments that are reassembled twice, which causes a data structure to be allocated twice.

4.9CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2005/04/05 4:0 a.m.51 views

CVE-2005-0749

The load_elf_library in the Linux kernel before 2.6.11.6 allows local users to cause a denial of service (kernel crash) via a crafted ELF library or executable, which causes a free of an invalid pointer.

7.2CVSS5AI score0.00043EPSS
CVE
CVE
added 2005/05/17 4:0 a.m.51 views

CVE-2005-1264

Raw character devices (raw.c) in the Linux kernel 2.6.x call the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space, a similar vulnerability to CVE-2005-1589.

7.2CVSS5.2AI score0.00143EPSS
CVE
CVE
added 2005/05/17 4:0 a.m.51 views

CVE-2005-1589

The pkt_ioctl function in the pktcdvd block device ioctl handler (pktcdvd.c) in Linux kernel 2.6.12-rc4 and earlier calls the wrong function before passing an ioctl to the block device, which crosses security boundaries by making kernel address space accessible from user space and allows local user...

7.2CVSS6AI score0.00143EPSS
CVE
CVE
added 2005/08/23 4:0 a.m.51 views

CVE-2005-2099

The Linux kernel before 2.6.12.5 does not properly destroy a keyring that is not instantiated properly, which allows local users or remote attackers to cause a denial of service (kernel oops) via a keyring with a payload that is not empty, which causes the creation to fail, leading to a null derefe...

5CVSS6AI score0.0383EPSS
CVE
CVE
added 2009/10/19 8:0 p.m.51 views

CVE-2005-4881

The netlink subsystem in the Linux kernel 2.4.x before 2.4.37.6 and 2.6.x before 2.6.13-rc1 does not initialize certain padding fields in structures, which might allow local users to obtain sensitive information from kernel memory via unspecified vectors, related to the (1) tc_fill_qdisc, (2) tcf_f...

4.9CVSS6.5AI score0.00073EPSS
CVE
CVE
added 2006/02/07 6:6 p.m.51 views

CVE-2006-0454

Linux kernel before 2.6.15.3 down to 2.6.12, while constructing an ICMP response in icmp_send, does not properly handle when the ip_options_echo function in icmp.c fails, which allows remote attackers to cause a denial of service (crash) via vectors such as (1) record-route and (2) timestamp IP opt...

5CVSS6.1AI score0.06371EPSS
CVE
CVE
added 2006/03/21 6:2 p.m.51 views

CVE-2006-1342

net/ipv4/af_inet.c in Linux kernel 2.4 does not clear sockaddr_in.sin_zero before returning IPv4 socket names from the (1) getsockname, (2) getpeername, and (3) accept functions, which allows local users to obtain portions of potentially sensitive memory.

2.1CVSS5.5AI score0.00173EPSS
CVE
CVE
added 2006/04/19 6:18 p.m.51 views

CVE-2006-1524

madvise_remove in Linux kernel 2.6.16 up to 2.6.16.6 does not follow file and mmap restrictions, which allows local users to bypass IPC permissions and replace portions of readonly tmpfs files with zeroes, aka the MADV_REMOVE vulnerability. NOTE: this description was originally written in a way tha...

3.6CVSS7.1AI score0.00107EPSS
CVE
CVE
added 2006/05/12 1:2 a.m.51 views

CVE-2006-1860

lease_init in fs/locks.c in Linux kernel before 2.6.16.16 allows attackers to cause a denial of service (fcntl_setlease lockup) via actions that cause lease_init to free a lock that might not have been allocated on the stack.

2.1CVSS7.3AI score0.00107EPSS
CVE
CVE
added 2006/10/12 8:7 p.m.51 views

CVE-2006-4813

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

2.1CVSS7.2AI score0.00065EPSS
CVE
CVE
added 2007/01/04 2:0 a.m.51 views

CVE-2006-5749

The isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c in the Linux 2.4 kernel before 2.4.34-rc4 does not call the init_timer function for the ISDN PPP CCP reset state timer, which has unknown attack vectors and results in a system crash.

1.7CVSS7.1AI score0.00072EPSS
CVE
CVE
added 2007/01/30 7:28 p.m.51 views

CVE-2006-6535

The dev_queue_xmit function in Linux kernel 2.6 can fail before calling the local_bh_disable function, which could lead to data corruption and "node lockups." NOTE: it is not clear whether this issue is exploitable.

9.4CVSS6.1AI score0.01102EPSS
CVE
CVE
added 2008/05/02 4:5 p.m.51 views

CVE-2008-1675

The bdx_ioctl_priv function in the tehuti driver (tehuti.c) in Linux kernel 2.6.x before 2.6.25.1 does not properly check certain information related to register size, which has unspecified impact and local attack vectors, probably related to reading or writing kernel memory.

7.2CVSS5.7AI score0.00068EPSS
CVE
CVE
added 2008/10/03 5:41 p.m.51 views

CVE-2008-4410

The vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c in the Virtual Machine Interface (VMI) in the Linux kernel 2.6.26.5 invokes write_idt_entry where write_ldt_entry was intended, which allows local users to cause a denial of service (persistent application failure) via crafted function ca...

4.9CVSS5.7AI score0.00094EPSS
CVE
CVE
added 2010/06/03 2:30 p.m.51 views

CVE-2008-7256

mm/shmem.c in the Linux kernel before 2.6.28-rc8, when strict overcommit is enabled and CONFIG_SECURITY is disabled, does not properly handle the export of shmemfs objects by knfsd, which allows attackers to cause a denial of service (NULL pointer dereference and knfsd crash) or possibly have unspe...

1.2CVSS7.7AI score0.00108EPSS
CVE
CVE
added 2009/04/06 2:30 p.m.51 views

CVE-2009-1243

net/ipv4/udp.c in the Linux kernel before 2.6.29.1 performs an unlocking step in certain incorrect circumstances, which allows local users to cause a denial of service (panic) by reading zero bytes from the /proc/net/udp file and unspecified other files, related to the "udp seq_file infrastructure....

5.5CVSS5.2AI score0.00073EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.51 views

CVE-2012-2127

fs/proc/root.c in the procfs implementation in the Linux kernel before 3.2 does not properly interact with CLONE_NEWPID clone system calls, which allows remote attackers to cause a denial of service (reference leak and memory consumption) by making many connections to a daemon that uses PID namespa...

5CVSS6.3AI score0.01921EPSS
CVE
CVE
added 2016/06/29 2:10 p.m.51 views

CVE-2012-6703

Integer overflow in the snd_compr_allocate_buffer function in sound/core/compress_offload.c in the ALSA subsystem in the Linux kernel before 3.6-rc6-next-20120917 allows local users to cause a denial of service (insufficient memory allocation) or possibly have unspecified other impact via a crafted...

7.8CVSS7.7AI score0.00091EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.51 views

CVE-2013-3232

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS6.3AI score0.00075EPSS
Total number of security vulnerabilities10741