Lucene search

K
LinuxLinux Kernel

10926 matches found

CVE
CVE
added 2013/06/08 1:5 p.m.53 views

CVE-2011-3619

The apparmor_setprocattr function in security/apparmor/lsm.c in the Linux kernel before 3.0 does not properly handle invalid parameters, which allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by writing to a /proc/#####/at...

4.6CVSS6.2AI score0.00056EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.53 views

CVE-2012-6536

net/xfrm/xfrm_user.c in the Linux kernel before 3.6 does not verify that the actual Netlink message length is consistent with a certain header field, which allows local users to obtain sensitive information from kernel heap memory by leveraging the CAP_NET_ADMIN capability and providing a (1) new o...

2.1CVSS5.5AI score0.00055EPSS
CVE
CVE
added 2013/11/12 2:35 p.m.53 views

CVE-2013-4512

Buffer overflow in the exitcode_proc_write function in arch/um/kernel/exitcode.c in the Linux kernel before 3.12 allows local users to cause a denial of service or possibly have unspecified other impact by leveraging root privileges for a write operation.

4.7CVSS7.1AI score0.00131EPSS
CVE
CVE
added 2016/12/08 9:59 p.m.53 views

CVE-2016-9120

Race condition in the ion_ioctl function in drivers/staging/android/ion/ion.c in the Linux kernel before 4.6 allows local users to gain privileges or cause a denial of service (use-after-free) by calling ION_IOC_FREE on two CPUs at the same time.

9.3CVSS7.2AI score0.00276EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.53 views

CVE-2017-0433

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the touchscreen chipset. This issue is rated as High because it first requires compromising a privileged process. Product: Android. ...

7.6CVSS6.6AI score0.0012EPSS
CVE
CVE
added 2017/02/08 3:59 p.m.53 views

CVE-2017-0443

An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.1...

7.6CVSS6.6AI score0.00137EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.53 views

CVE-2017-0524

An elevation of privilege vulnerability in the Synaptics touchscreen driver could enable a local malicious application to execute arbitrary code within the context of the kernel. This issue is rated as High because it first requires compromising a privileged process. Product: Android. Versions: Ker...

7.6CVSS6.6AI score0.00254EPSS
CVE
CVE
added 2017/03/08 1:59 a.m.53 views

CVE-2017-0531

An information disclosure vulnerability in the Qualcomm Wi-Fi driver could enable a local malicious application to access data outside of its permission levels. This issue is rated as Moderate because it first requires compromising a privileged process. Product: Android. Versions: Kernel-3.10, Kern...

4.7CVSS4.3AI score0.00283EPSS
CVE
CVE
added 2024/03/15 9:15 p.m.53 views

CVE-2021-47121

In the Linux kernel, the following vulnerability has been resolved: net: caif: fix memory leak in cfusbl_device_notify In case of caif_enroll_dev() fail, allocatedlink_support won't be assigned to the correspondingstructure. So simply free allocated pointer in caseof error.

5.5CVSS6.5AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.53 views

CVE-2021-47282

In the Linux kernel, the following vulnerability has been resolved: spi: bcm2835: Fix out-of-bounds access with more than 4 slaves Commit 571e31fa60b3 ("spi: bcm2835: Cache CS register value for->prepare_message()") limited the number of slaves to 3 at compile-time.The limitation was necessitate...

7.8CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.53 views

CVE-2021-47507

In the Linux kernel, the following vulnerability has been resolved: nfsd: Fix nsfd startup race (again) Commit bd5ae9288d64 ("nfsd: register pernet ops last, unregister first")has re-opened rpc_pipefs_event() race against nfsd_net_id registration(register_pernet_subsys()) which has been fixed by co...

6.5AI score0.00028EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.53 views

CVE-2021-47508

In the Linux kernel, the following vulnerability has been resolved: btrfs: free exchange changeset on failures Fstests runs on my VMs have show several kmemleak reports like the following. unreferenced object 0xffff88811ae59080 (size 64):comm "xfs_io", pid 12124, jiffies 4294987392 (age 6.368s)hex ...

6.8AI score0.00026EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.53 views

CVE-2021-47519

In the Linux kernel, the following vulnerability has been resolved: can: m_can: m_can_read_fifo: fix memory leak in error branch In m_can_read_fifo(), if the second call to m_can_fifo_read() fails,the function jump to the out_fail label and returns without callingm_can_receive_skb(). This means tha...

7.5CVSS5.2AI score0.00038EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.53 views

CVE-2021-47569

In the Linux kernel, the following vulnerability has been resolved: io_uring: fail cancellation for EXITING tasks WARNING: CPU: 1 PID: 20 at fs/io_uring.c:6269 io_try_cancel_userdata+0x3c5/0x640 fs/io_uring.c:6269CPU: 1 PID: 20 Comm: kworker/1:0 Not tainted 5.16.0-rc1-syzkaller #0Workqueue: events ...

6.6AI score0.0007EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.53 views

CVE-2021-47593

In the Linux kernel, the following vulnerability has been resolved: mptcp: clear 'kern' flag from fallback sockets The mptcp ULP extension relies on sk->sk_sock_kern being set correctly:It prevents setsockopt(fd, IPPROTO_TCP, TCP_ULP, "mptcp", 6); fromworking for plain tcp sockets (any userspace...

5.5CVSS6.9AI score0.00012EPSS
CVE
CVE
added 2022/10/17 12:15 p.m.53 views

CVE-2022-3541

A vulnerability classified as critical has been found in Linux Kernel. This affects the function spl2sw_nvmem_get_mac_address of the file drivers/net/ethernet/sunplus/spl2sw_driver.c of the component BPF. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue...

7.8CVSS6.2AI score0.00016EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.53 views

CVE-2022-48643

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix nft_counters_enabled underflow at nf_tables_addchain() syzbot is reporting underflow of nft_counters_enabled counter atnf_tables_addchain() [1], for commit 43eb8949cfdffa76 ("netfilter:nf_tables: do not le...

6.6AI score0.00028EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.53 views

CVE-2022-48649

In the Linux kernel, the following vulnerability has been resolved: mm/slab_common: fix possible double free of kmem_cache When doing slub_debug test, kfence's 'test_memcache_typesafe_by_rcu'kunit test case cause a use-after-free error: BUG: KASAN: use-after-free in kobject_del+0x14/0x30Read of siz...

7.8CVSS6.3AI score0.00019EPSS
CVE
CVE
added 2024/06/20 12:15 p.m.53 views

CVE-2022-48731

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: avoid scanning potential huge holes When using devm_request_free_mem_region() and devm_memremap_pages() toadd ZONE_DEVICE memory, if requested free mem region's end pfn werehuge(e.g., 0x400000000), the node_end_pfn() w...

5.5CVSS5.4AI score0.00032EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.53 views

CVE-2022-48800

In the Linux kernel, the following vulnerability has been resolved: mm: vmscan: remove deadlock due to throttling failing to make progress A soft lockup bug in kcompactd was reported in a private bugzilla withthe following visible in dmesg; watchdog: BUG: soft lockup - CPU#33 stuck for 26s! [kcompa...

5.5CVSS6.9AI score0.00028EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.53 views

CVE-2022-48830

In the Linux kernel, the following vulnerability has been resolved: can: isotp: fix potential CAN frame reception race in isotp_rcv() When receiving a CAN frame the current code logic does not considerconcurrently receiving processes which do not show up in real worldusage. Ziyang Xuan writes: The ...

6.6AI score0.00087EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.53 views

CVE-2022-48832

In the Linux kernel, the following vulnerability has been resolved: audit: don't deref the syscall args when checking the openat2 open_how::flags As reported by Jeff, dereferencing the openat2 syscall argument inaudit_match_perm() to obtain the open_how::flags can result in anoops/page-fault. This ...

6.3AI score0.00057EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.53 views

CVE-2022-48873

In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release Do not remove the map from the list on error path infastrpc_init_create_process, instead call fastrpc_map_put, to avoiduse-after-free. Do not remove it on fastrp...

7.8CVSS6.5AI score0.00038EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.53 views

CVE-2022-48877

In the Linux kernel, the following vulnerability has been resolved: f2fs: let's avoid panic if extent_tree is not created This patch avoids the below panic. pc : __lookup_extent_tree+0xd8/0x760lr : f2fs_do_write_data_page+0x104/0x87csp : ffffffc010cbb3c0x29: ffffffc010cbb3e0 x28: 0000000000000000x2...

5.5CVSS6.6AI score0.00048EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.53 views

CVE-2022-48922

In the Linux kernel, the following vulnerability has been resolved: riscv: fix oops caused by irqsoff latency tracer The trace_hardirqs_{on,off}() require the caller to setup frame pointerproperly. This because these two functions use macro 'CALLER_ADDR1' (aka.__builtin_return_address(1)) to acquir...

5.5CVSS6.5AI score0.00043EPSS
CVE
CVE
added 2024/08/22 4:15 a.m.53 views

CVE-2022-48932

In the Linux kernel, the following vulnerability has been resolved: net/mlx5: DR, Fix slab-out-of-bounds in mlx5_cmd_dr_create_fte When adding a rule with 32 destinations, we hit the following out-of-bandaccess issue: BUG: KASAN: slab-out-of-bounds in mlx5_cmd_dr_create_fte+0x18ee/0x1e70 This patch...

5.5CVSS7AI score0.00036EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.53 views

CVE-2022-48995

In the Linux kernel, the following vulnerability has been resolved: Input: raydium_ts_i2c - fix memory leak in raydium_i2c_send() There is a kmemleak when test the raydium_i2c_ts with bpf mock device: unreferenced object 0xffff88812d3675a0 (size 8):comm "python3", pid 349, jiffies 4294741067 (age 9...

5.5CVSS5.3AI score0.00037EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.53 views

CVE-2022-49016

In the Linux kernel, the following vulnerability has been resolved: net: mdiobus: fix unbalanced node reference count I got the following report while doing device(mscc-miim) load testwith CONFIG_OF_UNITTEST and CONFIG_OF_DYNAMIC enabled: OF: ERROR: memory leak, expected refcount 1 instead of 2,of_...

5.5CVSS5.2AI score0.00072EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.53 views

CVE-2022-49067

In the Linux kernel, the following vulnerability has been resolved: powerpc: Fix virt_addr_valid() for 64-bit Book3E & 32-bit mpe: On 64-bit Book3E vmalloc space starts at 0x8000000000000000. Because of the way __pa() works we have:__pa(0x8000000000000000) == 0, and thereforevirt_to_pfn(0x800000000...

5.4AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.53 views

CVE-2022-49146

In the Linux kernel, the following vulnerability has been resolved: virtio: use virtio_device_ready() in virtio_device_restore() After waking up a suspended VM, the kernel prints the following tracefor virtio drivers which do not directly call virtio_device_ready() inthe .restore: PM: suspend exit ...

5.2AI score0.00039EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.53 views

CVE-2022-49387

In the Linux kernel, the following vulnerability has been resolved: watchdog: rzg2l_wdt: Fix 32bit overflow issue The value of timer_cycle_us can be 0 due to 32bit overflow.For eg:- If we assign the counter value "0xfff" for computingmaxval. This patch fixes this issue by appending ULL to 1024, so ...

5.5CVSS5.6AI score0.00022EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.53 views

CVE-2022-49582

In the Linux kernel, the following vulnerability has been resolved: net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering The "ds" iterator variable used in dsa_port_reset_vlan_filtering() ->dsa_switch_for_each_port() overwrites the "dp" received as argument,which is later used...

5.5CVSS5.4AI score0.00028EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.53 views

CVE-2022-49633

In the Linux kernel, the following vulnerability has been resolved: icmp: Fix data-races around sysctl_icmp_echo_enable_probe. While reading sysctl_icmp_echo_enable_probe, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

4.7CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.53 views

CVE-2022-49662

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix lockdep splat in in6_dump_addrs() As reported by syzbot, we should not use rcu_dereference()when rcu_read_lock() is not held. WARNING: suspicious RCU usage5.19.0-rc2-syzkaller #0 Not tainted net/ipv6/addrconf.c:5175 suspi...

5.4AI score0.00039EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.53 views

CVE-2022-49718

In the Linux kernel, the following vulnerability has been resolved: irqchip/apple-aic: Fix refcount leak in aic_of_ic_init of_get_child_by_name() returns a node pointer with refcountincremented, we should use of_node_put() on it when not need anymore.Add missing of_node_put() to avoid refcount leak...

5.5CVSS6.4AI score0.00028EPSS
CVE
CVE
added 2025/05/01 3:15 p.m.53 views

CVE-2022-49769

In the Linux kernel, the following vulnerability has been resolved: gfs2: Check sb_bsize_shift after reading superblock Fuzzers like to scribble over sb_bsize_shift but in reality it's veryunlikely that this field would be corrupted on its own. Nevertheless itshould be checked to avoid the possibil...

6.5AI score0.00095EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49779

In the Linux kernel, the following vulnerability has been resolved: kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case In __unregister_kprobe_top(), if the currently unregistered probe haspost_handler but other child probes of the aggrprobe do not havepost_handler, the post_ha...

6.4AI score0.00096EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49800

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event() test_gen_synth_cmd() only free buf in fail path, hence buf will leakwhen there is no failure. Add kfree(buf) to prevent the memleak. Thesame reason and s...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49801

In the Linux kernel, the following vulnerability has been resolved: tracing: Fix memory leak in tracing_read_pipe() kmemleak reports this issue: unreferenced object 0xffff888105a18900 (size 128):comm "test_progs", pid 18933, jiffies 4336275356 (age 22801.766s)hex dump (first 32 bytes):25 73 00 90 8...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49810

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix missing xas_retry() calls in xarray iteration netfslib has a number of places in which it performs iteration of an xarraywhilst being under the RCU read lock. It should call xas_retry() as thefirst thing inside of the lo...

6.5AI score0.00027EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49813

In the Linux kernel, the following vulnerability has been resolved: net: ena: Fix error handling in ena_init() The ena_init() won't destroy workqueue created bycreate_singlethread_workqueue() when pci_register_driver() failed.Call destroy_workqueue() when pci_register_driver() failed to prevent the...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49825

In the Linux kernel, the following vulnerability has been resolved: ata: libata-transport: fix error handling in ata_tport_add() In ata_tport_add(), the return value of transport_add_device() isnot checked. As a result, it causes null-ptr-deref while removingthe module, because transport_remove_dev...

6.3AI score0.00094EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49832

In the Linux kernel, the following vulnerability has been resolved: pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map Here is the BUG report by KASAN about null pointer dereference: BUG: KASAN: null-ptr-deref in strcmp+0x2e/0x50Read of size 1 at addr 0000000000000000 by task ...

6.4AI score0.00128EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49869

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible crash in bnxt_hwrm_set_coal() During the error recovery sequence, the rtnl_lock is not held for theentire duration and some datastructures may be freed during the sequence.Check for the BNXT_STATE_OPEN flag in...

5.5CVSS6.4AI score0.00051EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.53 views

CVE-2022-49888

In the Linux kernel, the following vulnerability has been resolved: arm64: entry: avoid kprobe recursion The cortex_a76_erratum_1463225_debug_handler() function is called whenhandling debug exceptions (and synchronous exceptions from BRKinstructions), and so is called when a probed function execute...

7.8CVSS6.8AI score0.00063EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.53 views

CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, thedereference of self->aq_vec[i] is not checked and then leads to theindex out of range error.Also fixed thi...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.53 views

CVE-2022-50100

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpus_mask The following warning was triggered on a large machine early in boot ona distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: 10...

6.3AI score0.00025EPSS
CVE
CVE
added 2023/09/04 3:15 a.m.53 views

CVE-2023-20846

In imgsys_cmdq, there is a possible out of bounds read due to a missing valid range checking. This could lead to local information disclosure with System execution privileges needed. User interaction is needed for exploitation. Patch ID: ALPS07354023; Issue ID: ALPS07340098.

4.2CVSS4AI score0.00018EPSS
CVE
CVE
added 2024/04/17 4:15 p.m.53 views

CVE-2023-52645

In the Linux kernel, the following vulnerability has been resolved: pmdomain: mediatek: fix race conditions with genpd If the power domains are registered first with genpd and after that the driver attempts to power them on in the probe sequence, then it ispossible that a race condition occurs if g...

4.7CVSS6.5AI score0.00007EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.53 views

CVE-2023-52744

In the Linux kernel, the following vulnerability has been resolved: RDMA/irdma: Fix potential NULL-ptr-dereference in_dev_get() can return NULL which will cause a failure once idev isdereferenced in in_dev_for_each_ifa_rtnl(). This patch adds acheck for NULL value in idev beforehand. Found by Linux...

5.5CVSS6.7AI score0.00094EPSS
Total number of security vulnerabilities10926