Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2024/07/29 3:15 p.m.55 views

CVE-2024-41029

In the Linux kernel, the following vulnerability has been resolved: nvmem: core: limit cell sysfs permissions to main attribute ones The cell sysfs attribute should not provide more access to the nvmemdata than the main attribute itself.For example if nvme_config::root_only was set, the cell attrib...

6.4AI score0.00088EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.55 views

CVE-2024-41033

In the Linux kernel, the following vulnerability has been resolved: cachestat: do not flush stats in recency check syzbot detects that cachestat() is flushing stats, which can sleep, in itsRCU read section (see 1 ). This is done in the workingset_test_recent()step (which checks if the folio's evict...

6.4AI score0.00103EPSS
CVE
CVE
added 2024/07/29 5:15 p.m.55 views

CVE-2024-42088

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Add platform entry for ETDM1_OUT_BE dai link Commit e70b8dd26711 ("ASoC: mediatek: mt8195: Remove afe-dai componentand rework codec link") removed the codec entry for the ETDM1_OUT_BEdai link entirely instea...

6.7AI score0.00103EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.55 views

CVE-2024-42109

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: unconditionally flush pending work before notifier syzbot reports: KASAN: slab-uaf in nft_ctx_update include/net/netfilter/nf_tables.h:1831KASAN: slab-uaf in nft_commit_release net/netfilter/nf_tables_api.c:95...

5.5CVSS6.4AI score0.00048EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.55 views

CVE-2024-42150

In the Linux kernel, the following vulnerability has been resolved: net: txgbe: remove separate irq request for MSI and INTx When using MSI or INTx interrupts, request_irq() for pdev->irq willconflict with request_threaded_irq() for txgbe->misc.irq, to causesystem crash. So remove txgbe_reque...

5.5CVSS6.6AI score0.00047EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.55 views

CVE-2024-42300

In the Linux kernel, the following vulnerability has been resolved: erofs: fix race in z_erofs_get_gbuf() In z_erofs_get_gbuf(), the current task may be migrated to anotherCPU between z_erofs_gbuf_id() and spin_lock(&gbuf->lock). Therefore, z_erofs_put_gbuf() will trigger the following issuewhic...

6.4AI score0.00076EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.55 views

CVE-2024-43815

In the Linux kernel, the following vulnerability has been resolved: crypto: mxs-dcp - Ensure payload is zero when using key slot We could leak stack memory through the payload field when runningAES with a key from one of the hardware's key slots. Fix this byensuring the payload field is set to 0 in...

7.1CVSS6.4AI score0.00049EPSS
CVE
CVE
added 2024/08/26 11:15 a.m.55 views

CVE-2024-43896

In the Linux kernel, the following vulnerability has been resolved: ASoC: cs-amp-lib: Fix NULL pointer crash if efi.get_variable is NULL Call efi_rt_services_supported() to check that efi.get_variable existsbefore calling it.

5.5CVSS7AI score0.00047EPSS
CVE
CVE
added 2024/09/13 6:15 a.m.55 views

CVE-2024-46683

In the Linux kernel, the following vulnerability has been resolved: drm/xe: prevent UAF around preempt fence The fence lock is part of the queue, therefore in the current designanything locking the fence should then also hold a ref to the queue toprevent the queue from being freed. However, current...

7.8CVSS7.2AI score0.00037EPSS
CVE
CVE
added 2024/09/13 7:15 a.m.55 views

CVE-2024-46703

In the Linux kernel, the following vulnerability has been resolved: Revert "serial: 8250_omap: Set the console genpd always on if no console suspend" This reverts commit 68e6939ea9ec3d6579eadeab16060339cdeaf940. Kevin reported that this causes a crash during suspend on platforms thatdont use PM dom...

5.5CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.55 views

CVE-2024-46789

In the Linux kernel, the following vulnerability has been resolved: mm/slub: add check for s->flags in the alloc_tagging_slab_free_hook When enable CONFIG_MEMCG & CONFIG_KFENCE & CONFIG_KMEMLEAK, the followingwarning always occurs,This is because the following call stack occurred:mem_pool_allock...

5.5CVSS5.1AI score0.00036EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.55 views

CVE-2024-46792

In the Linux kernel, the following vulnerability has been resolved: riscv: misaligned: Restrict user access to kernel memory raw_copy_{to,from}_user() do not call access_ok(), so this code alloweduserspace to access any virtual memory address.

3.3CVSS3.6AI score0.00033EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.55 views

CVE-2024-49990

In the Linux kernel, the following vulnerability has been resolved: drm/xe/hdcp: Check GSC structure validity Sometimes xe_gsc is not initialized when checked at HDCP capabilitycheck. Add gsc structure check to avoid null pointer error.

5.5CVSS5.3AI score0.00039EPSS
CVE
CVE
added 2024/10/21 7:15 p.m.55 views

CVE-2024-50011

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: soc-acpi-intel-rpl-match: add missing empty item There is no links_num in struct snd_soc_acpi_mach {}, and we test!link->num_adr as a condition to end the loop in hda_sdw_machine_select().So an empty item in struct ...

5.5CVSS5.2AI score0.00019EPSS
CVE
CVE
added 2024/10/29 1:15 a.m.55 views

CVE-2024-50071

In the Linux kernel, the following vulnerability has been resolved: pinctrl: nuvoton: fix a double free in ma35_pinctrl_dt_node_to_map_func() 'new_map' is allocated using devm_* which takes care of freeing theallocated data on device removal, call to .dt_free_map = pinconf_generic_dt_free_map doubl...

7.8CVSS7.5AI score0.00047EPSS
CVE
CVE
added 2024/11/05 6:15 p.m.55 views

CVE-2024-50100

In the Linux kernel, the following vulnerability has been resolved: USB: gadget: dummy-hcd: Fix "task hung" problem The syzbot fuzzer has been encountering "task hung" problems eversince the dummy-hcd driver was changed to use hrtimers instead ofregular timers. It turns out that the problems are ca...

5.5CVSS5.3AI score0.00035EPSS
CVE
CVE
added 2024/11/05 6:15 p.m.55 views

CVE-2024-50129

In the Linux kernel, the following vulnerability has been resolved: net: pse-pd: Fix out of bound for loop Adjust the loop limit to prevent out-of-bounds access when iterating overPI structures. The loop should not reach the index pcdev->nr_lines sincewe allocate exactly pcdev->nr_lines numbe...

7.8CVSS7.4AI score0.00047EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.55 views

CVE-2024-50214

In the Linux kernel, the following vulnerability has been resolved: drm/connector: hdmi: Fix memory leak in drm_display_mode_from_cea_vic() modprobe drm_connector_test and then rmmod drm_connector_test,the following memory leak occurs. The mode allocated in drm_mode_duplicate() called bydrm_display...

5.5CVSS5.3AI score0.00034EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.55 views

CVE-2024-50227

In the Linux kernel, the following vulnerability has been resolved: thunderbolt: Fix KASAN reported stack out-of-bounds read in tb_retimer_scan() KASAN reported following issue: BUG: KASAN: stack-out-of-bounds in tb_retimer_scan+0xffe/0x1550 [thunderbolt]Read of size 4 at addr ffff88810111fc1c by t...

7.1CVSS6.7AI score0.00035EPSS
CVE
CVE
added 2025/03/06 5:15 p.m.55 views

CVE-2024-58082

In the Linux kernel, the following vulnerability has been resolved: media: nuvoton: Fix an error check in npcm_video_ece_init() When function of_find_device_by_node() fails, it returns NULL instead ofan error code. So the corresponding error check logic should be modifiedto check whether the return...

7.3AI score0.00047EPSS
CVE
CVE
added 2025/03/12 10:15 a.m.55 views

CVE-2025-21851

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix softlockup in arena_map_free on 64k page kernel On an aarch64 kernel with CONFIG_PAGE_SIZE_64KB=y,arena_htab tests cause a segmentation fault and soft lockup.The same failure is not observed with 4k pages on aarch64. It tu...

3.3CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.55 views

CVE-2025-21903

In the Linux kernel, the following vulnerability has been resolved: mctp i3c: handle NULL header address daddr can be NULL if there is no neighbour table entry present,in that case the tx packet should be dropped. saddr will usually be set by MCTP core, but check for NULL in case apacket is transmi...

7.1AI score0.00032EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.55 views

CVE-2025-21911

In the Linux kernel, the following vulnerability has been resolved: drm/imagination: avoid deadlock on fence release Do scheduler queue fence release processing on a workqueue, ratherthan in the release function itself. Fixes deadlock issues such as the following: [ 607.400437] ====================...

5.5CVSS7.1AI score0.00017EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.55 views

CVE-2025-21977

In the Linux kernel, the following vulnerability has been resolved: fbdev: hyperv_fb: Fix hang in kdump kernel when on Hyper-V Gen 2 VMs Gen 2 Hyper-V VMs boot via EFI and have a standard EFI framebufferdevice. When the kdump kernel runs in such a VM, loading the efifbdriver may hang because of acc...

7.2AI score0.00032EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.55 views

CVE-2025-22099

In the Linux kernel, the following vulnerability has been resolved: drm: xlnx: zynqmp_dpsub: Add NULL check in zynqmp_audio_init devm_kasprintf() calls can return null pointers on failure.But some return values were not checked in zynqmp_audio_init(). Add NULL check in zynqmp_audio_init(), avoid re...

6.6AI score0.00044EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.55 views

CVE-2025-22100

In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race condition when gathering fdinfo group samples Commit e16635d88fa0 ("drm/panthor: add DRM fdinfo support") failed toprotect access to groups with an xarray lock, which could lead touse-after-free errors.

6.5AI score0.0004EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.55 views

CVE-2025-22110

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_queue: Initialize ctx to avoid memory allocation error It is possible that ctx in nfqnl_build_packet_message() could be usedbefore it is properly initialize, which is only initializedby nfqnl_get_sk_secctx(). T...

6.4AI score0.00044EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.55 views

CVE-2025-22114

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't clobber ret in btrfs_validate_super() Commit 2a9bb78cfd36 ("btrfs: validate system chunk array atbtrfs_validate_super()") introduces a call to validate_sys_chunk_array()in btrfs_validate_super(), which clobbers the val...

6.4AI score0.00044EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.55 views

CVE-2025-37751

In the Linux kernel, the following vulnerability has been resolved: x86/cpu: Avoid running off the end of an AMD erratum table The NULL array terminator at the end of erratum_1386_microcode wasremoved during the switch from x86_cpu_desc to x86_cpu_id. Thiscauses readers to run off the end of the ar...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.55 views

CVE-2025-37818

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Return NULL from huge_pte_offset() for invalid PMD LoongArch's huge_pte_offset() currently returns a pointer to a PMD sloteven if the underlying entry points to invalid_pte_table (indicating nomapping). Callers like smap...

5.3AI score0.00027EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.55 views

CVE-2025-37877

In the Linux kernel, the following vulnerability has been resolved: iommu: Clear iommu-dma ops on cleanup If iommu_device_register() encounters an error, it can end up tearingdown already-configured groups and default domains, however thiscurrently still leaves devices hooked up to iommu-dma (and e...

6.6AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.55 views

CVE-2025-37924

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix use-after-free in kerberos authentication Setting sess->user = NULL was introduced to fix the dangling pointercreated by ksmbd_free_user. However, it is possible another thread couldbe operating on the session and mak...

6.6AI score0.00221EPSS
CVE
CVE
added 2025/05/20 6:15 p.m.55 views

CVE-2025-37990

In the Linux kernel, the following vulnerability has been resolved: wifi: brcm80211: fmac: Add error handling for brcmf_usb_dl_writeimage() The function brcmf_usb_dl_writeimage() calls the functionbrcmf_usb_dl_cmd() but dose not check its return value. The'state.state' and the 'state.bytes' are uni...

6.6AI score0.00053EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.54 views

CVE-2001-0914

Linux kernel before 2.4.11pre3 in multiple Linux distributions allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, possibly related to poor error checking during ELF loading.

2.1CVSS6.6AI score0.00058EPSS
CVE
CVE
added 2003/08/07 4:0 a.m.54 views

CVE-2003-0476

The execve system call in Linux 2.4.x records the file descriptor of the executable process in the file table of the calling process, which allows local users to gain read access to restricted file descriptors.

2.1CVSS5.9AI score0.00111EPSS
CVE
CVE
added 2005/01/10 5:0 a.m.54 views

CVE-2004-1071

The binfmt_elf loader (binfmt_elf.c) in Linux kernel 2.4.x up to 2.4.27, and 2.6.x up to 2.6.8, does not properly handle a failed call to the mmap function, which causes an incorrect mapped image and may allow local users to execute arbitrary code.

7.2CVSS7.4AI score0.00052EPSS
CVE
CVE
added 2006/03/02 1:0 a.m.54 views

CVE-2005-3359

The atm module in Linux kernel 2.6 before 2.6.14 allows local users to cause a denial of service (panic) via certain socket calls that produce inconsistent reference counts for loadable protocol modules.

4.9CVSS5.8AI score0.00045EPSS
CVE
CVE
added 2005/11/27 12:3 a.m.54 views

CVE-2005-3848

Memory leak in the icmp_push_reply function in Linux 2.6 before 2.6.12.6 and 2.6.13 allows remote attackers to cause a denial of service (memory consumption) via a large number of crafted packets that cause the ip_append_data function to fail, aka "DST leak in icmp_push_reply."

7.8CVSS4.7AI score0.067EPSS
CVE
CVE
added 2006/05/09 8:0 p.m.54 views

CVE-2005-4798

Buffer overflow in NFS readlink handling in the Linux Kernel 2.4 up to 2.4.31 allows remote NFS servers to cause a denial of service (crash) via a long symlink, which is not properly handled in (1) nfs2xdr.c or (2) nfs3xdr.c and causes a crash in the NFS client.

5CVSS7.3AI score0.00892EPSS
CVE
CVE
added 2006/10/12 8:7 p.m.54 views

CVE-2006-4813

The __block_prepare_write function in fs/buffer.c for Linux kernel 2.6.x before 2.6.13 does not properly clear buffers during certain error conditions, which allows local users to read portions of files that have been unlinked.

2.1CVSS7.2AI score0.00065EPSS
CVE
CVE
added 2006/11/22 1:7 a.m.54 views

CVE-2006-6060

The NTFS filesystem code in Linux kernel 2.6.x up to 2.6.18, and possibly other versions, allows local users to cause a denial of service (CPU consumption) via a malformed NTFS file stream that triggers an infinite loop in the __find_get_block_slow function.

4.9CVSS7.1AI score0.00047EPSS
CVE
CVE
added 2007/04/24 4:19 p.m.54 views

CVE-2007-1353

The setsockopt function in the L2CAP and HCI Bluetooth support in the Linux kernel before 2.4.34.3 allows context-dependent attackers to read kernel memory and obtain sensitive information via unspecified vectors involving the copy_from_user function accessing an uninitialized stack buffer.

2.1CVSS6.9AI score0.00085EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.54 views

CVE-2007-3107

The signal handling in the Linux kernel before 2.6.22, including 2.6.2, when running on PowerPC systems using HTX, allows local users to cause a denial of service via unspecified vectors involving floating point corruption and concurrency, related to clearing of MSR bits.

2.1CVSS6AI score0.00086EPSS
CVE
CVE
added 2007/12/18 12:46 a.m.54 views

CVE-2007-6417

The shmem_getpage function (mm/shmem.c) in Linux kernel 2.6.11 through 2.6.23 does not properly clear allocated memory in some rare circumstances related to tmpfs, which might allow local users to read sensitive kernel data or cause a denial of service (crash).

7.2CVSS7.1AI score0.00046EPSS
CVE
CVE
added 2008/01/18 12:0 a.m.54 views

CVE-2008-0352

The Linux kernel 2.6.20 through 2.6.21.1 allows remote attackers to cause a denial of service (panic) via a certain IPv6 packet, possibly involving the Jumbo Payload hop-by-hop option (jumbogram).

7.8CVSS6.6AI score0.03354EPSS
CVE
CVE
added 2008/08/08 7:41 p.m.54 views

CVE-2008-3534

The shmem_delete_inode function in mm/shmem.c in the tmpfs implementation in the Linux kernel before 2.6.26.1 allows local users to cause a denial of service (system crash) via a certain sequence of file create, remove, and overwrite operations, as demonstrated by the insserv program, related to al...

4.9CVSS4.9AI score0.00046EPSS
CVE
CVE
added 2013/12/09 6:55 p.m.54 views

CVE-2013-6432

The ping_recvmsg function in net/ipv4/ping.c in the Linux kernel before 3.12.4 does not properly interact with read system calls on ping sockets, which allows local users to cause a denial of service (NULL pointer dereference and system crash) by leveraging unspecified privileges to execute a craft...

4.6CVSS7AI score0.00042EPSS
CVE
CVE
added 2017/04/05 2:59 p.m.54 views

CVE-2017-0332

An elevation of privilege vulnerability in the NVIDIA crypto driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel 3.10...

7.6CVSS6.9AI score0.00168EPSS
CVE
CVE
added 2017/04/19 11:59 p.m.54 views

CVE-2017-7979

The cookie feature in the packet action API implementation in net/sched/act_api.c in the Linux kernel 4.11.x through 4.11-rc7 mishandles the tb nlattr array, which allows local users to cause a denial of service (uninitialized memory access and refcount underflow, and system hang or crash) or possi...

7.8CVSS8.1AI score0.00044EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.54 views

CVE-2021-47121

In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbl_device_notify In case of caif_enroll_dev() fail, allocatedlink_support won't be assigned to the correspondingstructure. So simply free allocated pointer in caseof error.

5.5CVSS6.5AI score0.00014EPSS
Total number of security vulnerabilities10926