Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/07/28 11:21 a.m.83 views

CVE-2025-38478

CVE-2025-38478 concerns a Linux kernel bug in the Comedi driver where some subdevice instruction handlers may read uninitialized data. The issue arises because do_insn_ioctl() and do_insnlist_ioctl() allocate at least MIN_SAMPLES (16) data elements for instructions that write to a subdevice, but ...

5.5CVSS6.5AI score0.00156EPSS
CVE
CVE
added 2025/07/10 8:14 a.m.82 views

CVE-2025-38324

CVE-2025-38324 : The Linux kernel fix addresses a race in mpls_route_input_rcu() that could be triggered when called from mpls_getroute() under RTNL, where net->mpls.platform_label is updated under RTNL. The patch switches to rcu_dereference_rtnl() to silence the spurious lockdep warning and e...

5.5CVSS6.5AI score0.00178EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.82 views

CVE-2025-38346

CVE-2025-38346: Linux kernel ftrace UAF when lookup kallsyms after ftrace is disabled. Root cause: use-after-free accessing mod->name during module removal when ftrace_disable is active. Impact per CVSS: Local access with Low privileges required, High confidentiality/integrity/availability imp...

7.8CVSS6.5AI score0.00168EPSS
CVE
CVE
added 2025/07/19 11:59 a.m.82 views

CVE-2025-38351

CVE-2025-38351 affects the Linux kernel KVM component (x86) when Hyper-V hypercalls are enabled. The issue arises in PV TLB flush processing where non-canonical GVAs can reach INVVPID/INVLPGA paths, potentially triggering VM-Fail on Intel hardware (AMD may ignore). In practice, this can allow a g...

5.5CVSS7.1AI score0.00157EPSS
CVE
CVE
added 2025/07/25 12:47 p.m.82 views

CVE-2025-38365

CVE-2025-38365 affects the Linux kernel’s Btrfs filesystem. A race between a rename and directory inode logging could lead to file loss on crash/power-fail due to log replay deleting an intended entry. The fix pins the log root during renames before removing the old directory entry and unpins aft...

4.7CVSS6.5AI score0.00114EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.82 views

CVE-2025-38448

CVE-2025-38448 is a Linux kernel vulnerability in the USB gadget u_serial wakeup path. The issue is a race condition where gs_start_io() may call gs_start_rx() or gs_start_tx() after briefly dropping port_lock for usb_ep_queue(), allowing gs_close() or gserial_disconnect() to clear port.tty and p...

4.7CVSS6.3AI score0.00115EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.82 views

CVE-2025-38457

CVE-2025-38457 concerns a Linux kernel net/sched bug where grafting a qdisc to a non-existent parent class could cause a failure during qdisc initialization. The fix introduces early validation via qdisc_leaf so that attempting to attach to a non-class parent aborts before qdisc_create. Affected ...

5.5CVSS6.3AI score0.00161EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.82 views

CVE-2025-38473

CVE-2025-38473 affects the Linux kernel Bluetooth subsystem. A null-ptr-deref in l2cap_sock_resume_cb() can occur when handling l2cap sockets during resume/kill sequences. The fix adds a guard to ensure chan->data is not NULL, avoiding use-after-free/killed-socket access. The description refer...

5.5CVSS6.4AI score0.00156EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.82 views

CVE-2025-38476

CVE-2025-38476 affects the Linux kernel. The vulnerability is a use-after-free in rpl_do_srh_inline() caused by accessing ipv6 headers after skb_cow_head(), which could free the header. A fix makes oldhdr a local struct to prevent use-after-free. The issue is documented with a CVSS v3.1 vector (L...

7.8CVSS6.1AI score0.0015EPSS
CVE
CVE
added 2025/07/28 11:22 a.m.82 views

CVE-2025-38494

CVE-2025-38494 (Linux kernel) : In the HID core, hid_hw_raw_request() checks were bypassed by a low-level transport path, allowing the use of invalid parameters. The vulnerability was resolved in the Linux kernel; advisories from Debian/Amazon/RHEL references confirm the fix. Impact is high (loca...

7.8CVSS6.4AI score0.002EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.82 views

CVE-2026-23092

CVE-2026-23092 relates to a Linux kernel fix in iio: dac: ad3552r-hs_write_data_source where out-of-bounds writes could occur. The issue stemmed from using the write-return count as the index for null termination instead of the actual number of bytes copied by simple_write_to_buffer(). If count e...

7.8CVSS5.5AI score0.00186EPSS
CVE
CVE
added 2004/12/01 5:0 a.m.81 views

CVE-2004-1068

CVE-2004-1068 involves a missing serialization flaw in the unix_dgram_recvmsg path of Linux kernels 2.4.27 and earlier, and 2.6.x up to 2.6.9. The issue enables local users to potentially gain privileges due to a race condition. The description explicitly states the vulnerability is a local privi...

6.2CVSS7.3AI score0.00388EPSS
CVE
CVE
added 2005/06/30 4:0 a.m.81 views

CVE-2005-1762

CVE-2005-1762 affects AMD64 Linux kernel 2.6.8.1 and 2.6.10; a ptrace() address verification flaw allows local users to crash the kernel (denial of service). Root cause: inadequate verification of non-canonical addresses in amd64 ptrace. Impact: kernel crash; exploitation requires local access. R...

2.1CVSS5.7AI score0.00437EPSS
CVE
CVE
added 2005/08/16 4:0 a.m.81 views

CVE-2005-2555

CVE-2005-2555 affects the Linux kernel 2.6.x line. The issue is that socket policy access is not properly restricted to users with the CAP_NET_ADMIN capability, potentially allowing local users to perform unauthorized activities. The vulnerability is associated with the IPv4 and IPv6 socket glue ...

4.6CVSS5.3AI score0.00446EPSS
CVE
CVE
added 2005/11/23 9:0 p.m.81 views

CVE-2005-3784

CVE-2005-3784 concerns the Linux kernel 2.6.x series: auto-reap of child processes can include ptrace-attached children, causing a dangling ptrace reference that leads to local denial of service (crash) and potential root privileges. The description specifies the vulnerable condition is present i...

4.9CVSS4.7AI score0.00448EPSS
CVE
CVE
added 2006/05/18 7:0 p.m.81 views

CVE-2006-1528

CVE-2006-1528 affects the Linux kernel prior to 2.6.13. The vulnerability arises in the sg (SCSI generic) driver’s handling of memory-mapped I/O space during a dio transfer, allowing a local user to trigger a crash ( Denial of Service ). The connected documents confirm the issue is located in the...

4.9CVSS6.9AI score0.00441EPSS
CVE
CVE
added 2006/04/27 5:0 p.m.81 views

CVE-2006-2071

CVE-2006-2071 affects Linux kernels 2.4.x and 2.6.x up to 2.6.16. It arises from a flaw in the mprotect handling that allowed a local user to grant write permission to a read-only attachment of a shared memory segment, bypassing IPC permissions and enabling modification of the attachment. Reporte...

2.1CVSS7.2AI score0.00411EPSS
CVE
CVE
added 2006/06/23 10:0 a.m.81 views

CVE-2006-2448

Concrete details found: CVE-2006-2448 affects the Linux kernel on PowerPC, specifically versions before 2.6.16.21 and 2.6.17. The root cause is missing access_ok checks in PowerPC signal handling (signal_64.c, potentially signal_32.c). Impact as stated: local users could read arbitrary kernel mem...

5.6CVSS7.2AI score0.00366EPSS
CVE
CVE
added 2007/05/18 10:0 p.m.81 views

CVE-2007-2764

The CVE-2007-2764 entry concerns the embedded Linux kernel in certain Sun-Brocade SilkWorm switches prior to 20070516. The issue arises when a non-root user creates a kernel process, which can lead to a denial of service (kernel oops) and device reboot via unspecified vectors. The NVD entry assig...

7.8CVSS6.4AI score0.02401EPSS
CVE
CVE
added 2008/06/30 9:0 p.m.81 views

CVE-2008-2365

CVE-2008-2365 describes a race condition in Linux kernel ptrace/utrace support (kernel 2.6.9–2.6.25) used by RHEL4. A local user can cause a denial of service (oops) by issuing a long sequence of PTRACE_ATTACH calls that trigger a conflict between utrace_detach and report_quiescent due to a late ...

4.7CVSS4.9AI score0.00526EPSS
CVE
CVE
added 2008/12/22 3:0 p.m.81 views

CVE-2008-5702

CVE-2008-5702 concerns a buffer underflow in the Linux kernel watchdog driver IB700 SBC (ib700wdt.c) via the ibwdt_ioctl path. Affected software is the Linux kernel prior to 2.6.28-rc1; exploitation could occur through a WDIOC_SETTIMEOUT ioctl on /dev/watchdog by a local user. The Initial Descrip...

7.2CVSS4.5AI score0.00494EPSS
Web
CVE
CVE
added 2009/03/18 1:0 a.m.81 views

CVE-2009-0935

CVE-2009-0935 affects Linux kernel inotify_read across 2.6.27–2.6.27.13, 2.6.28–2.6.28.2, and 2.6.29-rc3. The issue allows local users to trigger a denial of service (OOPS) by reading with an invalid address to an inotify instance, causing the event list mutex to be unlocked twice and preventing ...

5.5CVSS5.1AI score0.0027EPSS
CVE
CVE
added 2009/12/02 4:0 p.m.81 views

CVE-2009-4026

CVE-2009-4026 affects the Linux kernel mac80211 subsystem prior to 2.6.32-rc8-next-20091201. A crafted Delete Block ACK (DELBA) packet can cause a remote denial of service (panic) due to an erroneous “code shuffling patch.” A fix is provided in the patch referenced as 2.6.32-rc8-next-20091201, an...

7.8CVSS6.5AI score0.0306EPSS
CVE
CVE
added 2010/02/15 6:0 p.m.81 views

CVE-2010-0623

The CVE-2010-0623 issue affects the Linux kernel versions prior to 2.6.33-rc7, where futex_lock_pi in kernel/futex.c mishandles a reference count. This allows local users to trigger a denial of service (OOPS) by exploiting an unmount of an ext3 filesystem. The SUSE entry confirms the same descrip...

4.9CVSS6.2AI score0.00404EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-0716

CVE-2011-0716 affects the Linux kernel older than 2.6.38. The vulnerability lies in the br_multicast_add_group function within net/bridge/br_multicast.c, triggered when a specific Ethernet bridge configuration is used. An attacker locally can cause memory corruption and a system crash by sending ...

4.7CVSS7AI score0.00368EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-1477

CVE-2011-1477 affects the Linux kernel (sound/oss/opl3.c) through multiple array index errors before 2.6.39. These flaws allow local users to cause a denial of service via heap memory corruption and, potentially, gain privileges by writing to /dev/sequencer. The issue is tied to Yamaha YM3812/OPL...

7.2CVSS8.1AI score0.00409EPSS
CVE
CVE
added 2011/09/06 4:0 p.m.81 views

CVE-2011-2184

The CVE-2011-2184 entry concerns Linux kernel prior to 2.6.39.1 where key_replace_session_keyring fails to initialize a structure member, enabling local users to trigger a NULL pointer dereference and system crash via KEYCTL_SESSION_TO_PARENT in keyctl. This is a distinct issue from CVE-2010-2960...

7.2CVSS7.5AI score0.00382EPSS
CVE
CVE
added 2012/05/24 11:0 p.m.81 views

CVE-2011-2898

CVE-2011-2898 concerns the Linux kernel AF_PACKET implementation. The flaw allows local users to read potentially sensitive kernel memory by exploiting inadequate restrictions on VLAN Tag Control Information data structures. The vulnerability is described as a kernel information leak in the AF_PA...

5.5CVSS4.8AI score0.00448EPSS
CVE
CVE
added 2012/05/17 10:0 a.m.81 views

CVE-2011-4594

The CVE-2011-4594 entry documents a local kernel vulnerability in the Linux kernel (__sys_sendmsg in net/socket.c) where crafted usage of sendmmsg can trigger an incorrect pointer dereference and crash the system. It affects kernel versions before 3.1, with the described impact being a denial of ...

5.5CVSS5.6AI score0.00429EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.81 views

CVE-2011-4914

The CVE-2011-4914 issue affects the Linux kernel ROSE protocol implementation prior to 2.6.39. It arises because data-length values are not verified against the actual data sent, enabling remote attackers to read kernel memory (out-of-bounds read) or cause a denial of service via crafted data to ...

6.4CVSS5.8AI score0.08793EPSS
CVE
CVE
added 2013/09/13 6:0 p.m.81 views

CVE-2013-2894

CVE-2013-2894 affects the Linux kernel HID subsystem, specifically drivers/hid/hid-lenovo-tpkbd.c. When CONFIG_HID_LENOVO_TPKBD is enabled, the vulnerability permits a physically proximate attacker to trigger a denial of service via a heap-based out-of-bounds write using a crafted USB device. The...

4.7CVSS5.7AI score0.00365EPSS
CVE
CVE
added 2013/09/13 6:0 p.m.81 views

CVE-2013-2898

The CVE-2013-2898 entry concerns the Linux kernel HID subsystem, specifically drivers/hid/hid-sensor-hub.c. When CONFIG_HID_SENSOR_HUB is enabled, the vulnerability affects the kernel up through version 3.11 and allows physically proximate attackers to obtain sensitive information from kernel mem...

1.9CVSS6.7AI score0.00364EPSS
CVE
CVE
added 2013/12/09 6:0 p.m.81 views

CVE-2013-7026

Summary of CVE-2013-7026 : The Linux kernel contains race conditions in ipc/shm.c (IPC_SHM with IPC_RMID) that can be exploited locally to trigger use-after-free and a system crash, potentially causing a denial of service. The issue affects kernels prior to 3.12.2. The referenced advisories indic...

4.7CVSS7.7AI score0.00413EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.81 views

CVE-2014-8480

CVE-2014-8480 affects the Linux kernel KVM subsystem: the instruction decoder in arch/x86/kvm/emulate.c lacks intended decoder-table flags for certain RIP-relative instructions. This can allow a guest OS user to trigger a NULL pointer dereference and crash the host OS (denial of service). The vul...

4.9CVSS6.7AI score0.0063EPSS
CVE
CVE
added 2016/10/16 9:0 p.m.81 views

CVE-2015-8953

CVE-2015-8953 affects the Linux kernel overlayfs: copy_up.c contains an incorrect cleanup path that leaks dentry references, enabling local DoS via operations on large files in a lower overlayfs layer. Affected component: overlayfs/copy_up.c in the kernel before 4.2.6. Impact: denial of service d...

5.5CVSS5.2AI score0.00543EPSS
CVE
CVE
added 2016/06/13 1:0 a.m.81 views

CVE-2016-2066

CVE-2016-2066 affects the MSM QDSP6 audio driver in the Linux kernel 3.x as used in Qualcomm QuIC Android contributions for MSM devices and related products. The issue is an integer signedness error in the msm-audio-effects-q6-v2.c path that handles ioctl commands, leading to memory corruption. P...

7.8CVSS7.3AI score0.01384EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.81 views

CVE-2017-0568

CVE-2017-0568 is a Broadcom Wi‑Fi driver elevation-of-privilege issue in Android kernels (3.10/3.18). An attacker controlling the dongle can abuse WLC_GET_VALID_CHANNELS results to inflate list->count, causing an out‑of‑bounds write when populating default_chan_list and enabling arbitrary code...

7.6CVSS6.9AI score0.01496EPSS
CVE
CVE
added 2019/08/19 1:50 a.m.81 views

CVE-2017-18552

CVE-2017-18552 affects the Linux kernel up to version 4.10 in net/rds/af_rds.c, where rds_recv_track_latency contains an out-of-bounds write and read. The connected Nessus advisories (Unity Linux UTSA advisories) mirror this issue and reference kernel versions before 4.11, with a commit in the Li...

7.8CVSS7.4AI score0.00387EPSS
CVE
CVE
added 2017/06/28 6:0 a.m.81 views

CVE-2017-9984

The CVE-2017-9984 issue affects the Linux kernel’s snd_msnd_interrupt path (sound/isa/msnd/msnd_pinnacle.c) and is a local, double-fetch vulnerability that can allow over-boundary access to a message queue head pointer, potentially enabling DoS or other impact. The advisory notes vulnerable until...

7.8CVSS7.5AI score0.00378EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.81 views

CVE-2021-47121

Rejected: CVE-2021-47121 entry withdrawn/not used; this CVE is not an active vulnerability entry.

5.5CVSS6.5AI score0.0023EPSS
CVE
CVE
added 2024/03/25 9:16 a.m.81 views

CVE-2021-47175

CVE-2021-47175: Linux kernel net/sched fq_pie OOB access in the traffic path (fq_pie_qdisc_enqueue). The issue manifests as slab-out-of-bounds read during packet enqueue, demonstrated by a kasan report when using tc with fq_pie. A fix was applied to the fq_pie path to prevent selecting an out-of-...

7.1CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2024/04/10 7:1 p.m.81 views

CVE-2021-47215

CVE-2021-47215 affects the Linux kernel mlx5e kTLS flow. The root cause is list corruption in TLS RX resync flow: entries are now protected against movements from resync_handle_seq_match() until resync handling in napi completes. This fixes stability/crashes in the RX resync path. The entry docum...

5.5CVSS6.4AI score0.00196EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.81 views

CVE-2021-47232

CVE-2021-47232 is a Linux kernel issue where a skb is taken from the per-session j1939 skb queue without incrementing the ref count, leading to a Use-after-Free if the skb is concurrently used. The patch "can: j1939: fix Use-after-Free, hold skb ref while in use" fixes this by holding a reference...

8.4CVSS8.1AI score0.00239EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.81 views

CVE-2021-47233

Summary of CVE-2021-47233 (Linux kernel): The issue is a NULL pointer dereference in regulator rt4801 when priv->enable_gpios is NULL, with devm_gpiod_get_array_optional possibly returning NULL if no GPIO is assigned. The vulnerability has been resolved in the Linux kernel; multiple advisories...

5.5CVSS6.7AI score0.00222EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.81 views

CVE-2021-47296

CVE-2021-47296 affects the Linux kernel KVM on PPC. The issue is a leak in vcpu_load due to vcpu_put not being called when a user copy fails, which can corrupt preempt notifiers and cause crashes. The vulnerability is resolved via a kernel patch (details present in the connected advisories), with...

5.5CVSS6.9AI score0.00225EPSS
CVE
CVE
added 2024/05/21 3:3 p.m.81 views

CVE-2021-47367

Affected software: Linux kernel virtio-net component. Issue: when using build_skb() in big mode, unused pages chained via private in big mode were not released, causing page leakage. Root cause: failure to release those pages after skb construction in big mode. Impact: potential resource leak; CV...

5.5CVSS7AI score0.00227EPSS
CVE
CVE
added 2024/05/22 6:19 a.m.81 views

CVE-2021-47448

CVE-2021-47448 affects the Linux kernel MPTCP recvmsg path. If the caller uses MSG_WAITALL and insufficient data remains to satisfy the request, recvmsg can stall in an infinite loop because mptcp_wait_data() detects MPTCP_DATA_READY and never clears it in that code path. This can trigger an RCU ...

5.5CVSS6.8AI score0.00196EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.81 views

CVE-2021-47529

CVE-2021-47529: Linux kernel vulnerability in iwlwifi memory management where memory allocated in reduce_power_data could leak on error (invalid TLV len or memory allocation failure). The issue has been fixed in the Linux kernel by freeing allocated memory in the error path before return. Connect...

5.5CVSS7AI score0.00205EPSS
CVE
CVE
added 2024/04/28 1:1 p.m.81 views

CVE-2022-48660

CVE-2022-48660 is a Linux kernel vulnerability affecting gpiolib: cdev on certain platforms (ex: nxp-ls1028). The issue occurred when the IRQ for lineevent_state was set before the IRQ was successfully registered, leading to a warning trace from free_irq() during gpio tests and a resource release...

5.5CVSS6.4AI score0.00236EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.81 views

CVE-2022-48706

The CVE-2022-48706 entry concerns the Linux kernel and a memory-leak in the virtual data path (vdpa) IFCVF path. Root cause: ifcvf_mgmt_dev leaks memory if not freed on exit and the existing cleanup in ifcvf_init_hw does not handle it, so the fix adds proper cleanup at the return path to ensure m...

5.5CVSS6.7AI score0.00207EPSS
Total number of security vulnerabilities14330