Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/07/10 7:42 a.m.81 views

CVE-2025-38315

CVE-2025-38315 concerns a Linux kernel Bluetooth driver issue (btintel). The root cause is a mismatch between the EFI variable size and the known struct btintel_dsbr size, which could lead to a stack overflow if the EFI variable is larger than expected. The fix alters the check to rely on the kno...

5.5CVSS6.6AI score0.00135EPSS
CVE
CVE
added 2025/07/10 8:14 a.m.81 views

CVE-2025-38320

CVE-2025-38320 affects the Linux kernel on arm64/ptrace, describing a stack-out-of-bounds read in regs_get_kernel_stack_nth() detected by KASAN. The issue is illustrated by a long kernel trace showing a read of size 8 at a stack address belonging to task 1.sh/2550, with the buggy frame located in...

7.1CVSS6.2AI score0.00174EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.81 views

CVE-2025-38326

CVE-2025-38326: Linux kernel AOE driver vulnerability where aoe device rq_list isn’t cleaned on down, causing blk_mq_freeze_queue() to sleep and hang. Fix clears the rq_list before blk_mq_freeze_queue(). No exploitation details provided; remediation is the kernel fix.

5.5CVSS6.4AI score0.00179EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.81 views

CVE-2025-38331

CVE-2025-38331 fixes a Linux kernel vulnerability in the cortina Ethernet driver where TOE/TSO must be used on all TCP traffic to prevent driver instability, lockups, and crashes. The issue arises from a mismatch between TOE and segmentation; the data path offloads IP/TCP parsing, checksums, and ...

5.5CVSS6.8AI score0.00145EPSS
CVE
CVE
added 2025/07/25 12:47 p.m.81 views

CVE-2025-38364

CVE-2025-38364 pertains to Linux kernel Maple_tree: MA_STATE_PREALLOC handling in mas_preallocate. The flaw prevented allocations when MA_STATE_PREALLOC was set; preallocation checks could undercount, leading to a WARN_ON() and a subsequent null pointer dereference on larger future requests (e.g....

5.5CVSS6.3AI score0.00156EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.81 views

CVE-2025-38382

CVE-2025-38382 corresponds to a Linux kernel (btrfs) issue fixed in the log replay extref iteration. The root cause was an uninitialized victim_name.len when we jump to the next loop iteration from __inode_add_ref() while processing extrefs, leading to invalid memory access. The fix initializes v...

5.5CVSS6.3AI score0.00156EPSS
CVE
CVE
added 2025/07/25 1:13 p.m.81 views

CVE-2025-38406

CVE-2025-38406 affects the Linux kernel wifi driver ath6kl: the vulnerability originates from an unnecessary WARN_ON() when firmware input is bad. The description clarifies that bad firmware input is unrelated to the driver stack and does not constitute an exploitable condition; the fix instead p...

5.5CVSS6.5AI score0.00172EPSS
CVE
CVE
added 2025/07/25 2:16 p.m.81 views

CVE-2025-38427

Summary: CVE-2025-38427 in the Linux kernel fixes a framebuffer relocation bug where screen_info frames were tied to boot CPU addresses, not accounting for PCI host-bridge offsets. During boot, firmware may assign a different PCI memory offset, relocating PCI graphics framebuffer addresses. The k...

5.5CVSS6.2AI score0.00155EPSS
CVE
CVE
added 2025/07/25 2:16 p.m.81 views

CVE-2025-38430

CVE-2025-38430 affects the Linux kernel NFS server (nfsd). The issue arises when processing NFSv4 compound requests; if the request is not NFSPROC4_COMPOUND, examining cstate may yield undefined results. A patch adds a guard to verify that the RPC procedure being executed is NFSPROC4_COMPOUND, pr...

5.5CVSS6.4AI score0.00174EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.81 views

CVE-2025-38437

CVE-2025-38437 : In the Linux kernel, a use-after-free in ksmbd during oplock/lease break ack was fixed. If ksmbd_iov_pin_rsp returns an error, use-after-free can occur by accessing opinfo->state and opinfo_put, and ksmbd_fd_put could be called twice. The vulnerability affects the ksmbd compon...

7.8CVSS6.4AI score0.00151EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.80 views

CVE-2004-0109

CVE-2004-0109 describes a buffer overflow in the Linux kernel ISO9660 filesystem for 2.4/2.5/2.6, allowing local users with physical access to overflow kernel memory and execute arbitrary code via a malformed CD containing a long symbolic link entry. The connected documents do not provide additio...

4.6CVSS6.6AI score0.00557EPSS
CVE
CVE
added 2004/04/30 4:0 a.m.80 views

CVE-2004-0427

The CVE-2004-0427 issue affects Linux kernels: do_fork in 2.4.x prior to 2.4.26 and 2.6.x prior to 2.6.6 fails to decrement mm_count when an error occurs after activating the child mm_struct, causing a memory leak and a local denial-of-service via CLONE_VM. The description specifies the root caus...

2.1CVSS5.8AI score0.00468EPSS
CVE
CVE
added 2005/02/24 5:0 a.m.80 views

CVE-2005-0531

CVE-2005-0531 refers to a bug in the Linux kernel (2.6.10 and 2.6.11 before 2.6.11-rc4) where the atm_get_addr function in addr.c could be triggered by negative length arguments, allowing a local user to overwrite substantial kernel memory. The issue stems from insufficient input validation in th...

2.1CVSS5.4AI score0.005EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.80 views

CVE-2005-3180

The CVE-2005-3180 issue concerns the Linux kernel Orinoco wireless driver (orinoco.c). In kernels up to 2.6.13 and earlier, memory from a previously used packet is not cleared when the packet length is increased, which can allow a remote attacker to observe sensitive information (information leak...

5CVSS4.9AI score0.03542EPSS
CVE
CVE
added 2005/10/20 4:0 a.m.80 views

CVE-2005-3275

CVE-2005-3275 describes a race in the Linux kernel NAT code (ip_nat_proto_tcp.c and ip_nat_proto_udp.c) where a variable is incorrectly declared static. This enables a remote attacker to cause memory corruption by NATing two packets for the same protocol simultaneously, leading to a denial of ser...

2.6CVSS5.8AI score0.03344EPSS
CVE
CVE
added 2005/10/20 4:0 a.m.80 views

CVE-2005-3276

CVE-2005-3276 affects the Linux 2.6 kernel: the sys_get_thread_area path in process.c may copy an uninitialized data structure to userspace, exposing kernel memory to a local user. Affected versions are 2.6 before 2.6.12.4 and 2.6.13. The impact is information disclosure of kernel data to untrust...

2.1CVSS5.6AI score0.00446EPSS
CVE
CVE
added 2006/04/18 10:0 a.m.80 views

CVE-2006-0744

CVE-2006-0744 affects the Linux kernel before 2.6.16.5. The issue arises from handling uncanonical return addresses on Intel EM64T CPUs, where an exception is reported in SYSRET instead of the next instruction, causing the kernel exception handler to run on the user stack with an incorrect GS. Im...

4.9CVSS7.1AI score0.00465EPSS
CVE
CVE
added 2006/03/27 12:0 a.m.80 views

CVE-2006-1066

CVE-2006-1066 is tied to the Linux kernel prior to 2.6.16 on x86_64 with preemption enabled. The vulnerability allows a local attacker to trigger a denial of service (oops) by using multiple ptrace tasks performing single steps, which can cause corruption of the DEBUG_STACK stack during the do_de...

1.2CVSS5.2AI score0.0034EPSS
CVE
CVE
added 2006/07/10 7:0 p.m.80 views

CVE-2006-2936

CVE-2006-2936 affects the ftdi_sio USB/serial driver in Linux kernels 2.6.x (up to at least 2.6.17). The issue lets local users trigger memory consumption DoS by writing more data to a serial port than the hardware can handle, causing queued data and potential resource exhaustion. Public referenc...

7.8CVSS7AI score0.02906EPSS
CVE
CVE
added 2006/11/22 1:0 a.m.80 views

CVE-2006-6053

CVE-2006-6053 affects the Linux kernel 2.6.x: the ext3fs_dirhash function can crash the kernel via a malformed ext3 stream, enabling a local user to cause a denial of service. The issue is tied to the ext3 filesystem code in the 2.6.x series and is listed among kernel vulnerabilities addressed by...

4.9CVSS6.9AI score0.0052EPSS
CVE
CVE
added 2007/08/13 7:0 p.m.80 views

CVE-2007-3851

CVE-2007-3851 affects the Linux kernel’s i915 DRM path on Intel 965-era chipsets. The flaw lets a local user with access to an X11 session and DRM write to arbitrary memory via a crafted batchbuffer, enabling privilege escalation. The issue is tied to the DRM/i915 driver before kernel 2.6.22.2. P...

6CVSS6AI score0.00313EPSS
CVE
CVE
added 2008/01/29 7:0 p.m.80 views

CVE-2007-6694

CVE-2007-6694 : A NULL pointer dereference in the CHRP PowerPC kernel code (chrp_show_cpuinfo in setup.c) may be triggered when of_get_property fails, potentially enabling a local denial-of-service (crash) on Linux kernel 2.4.21–2.6.18-53 running on PowerPC. Connected advisories (RHSA/ELSA) indic...

7.8CVSS5.6AI score0.02589EPSS
CVE
CVE
added 2009/03/09 9:0 p.m.80 views

CVE-2009-0859

CVE-2009-0859 affects the Linux kernel shm subsystem (ipc/shm.c). When CONFIG_SHMEM is disabled, shm_get_stat misinterprets the inode data type, enabling local users to trigger a denial of service (system hang) via an SHM_INFO shmctl call (as demonstrated by the ipcs program). The advisory notes ...

4.7CVSS4.1AI score0.00367EPSS
CVE
CVE
added 2010/06/01 8:0 p.m.80 views

CVE-2010-1641

CVE-2010-1641 affects the Linux kernel’s gfs2 file operations. MiracleLinux AXSA-2010-377:12 notes the affected kernel (2.6.18-194.3.AXS3) and flags that do_gfs2_set_flags does not verify file ownership, allowing local bypass via a SETFLAGS ioctl. The vulnerability corresponds to Linux kernels be...

4.6CVSS5.3AI score0.00384EPSS
CVE
CVE
added 2012/06/21 11:0 p.m.80 views

CVE-2011-1023

CVE-2011-1023 affects the Linux kernel RDS (Reliable Datagram Sockets) subsystem prior to 2.6.38. The issue arises in congestion map updates, allowing a local, unprivileged user to trigger a denial of service (BUG_ON and system crash) via loopback (loop) or InfiniBand (ib) transmit vectors. The v...

4.9CVSS6.8AI score0.00485EPSS
CVE
CVE
added 2011/07/28 10:0 p.m.80 views

CVE-2011-2695

CVE-2011-2695 involves multiple off-by-one errors in the Linux kernel ext4 subsystem (before 3.0-rc5). Local users can cause a denial of service (BUG_ON and system crash) by performing a write operation to a sparse file in extent format where the block number equals the maximum 32-bit unsigned va...

4.9CVSS6.7AI score0.00451EPSS
CVE
CVE
added 2022/04/18 4:20 p.m.80 views

CVE-2011-4917

CVE-2011-4917 : Information disclosure in the Linux kernel up to 3.1 via /proc/stat. Local access required; low attack complexity with LOW privileges and partial confidentiality impact (CVSS v3.1 base score 5.5). Root cause: kernel information leakage through /proc/stat. Affected product: Linux k...

5.5CVSS5.2AI score0.00475EPSS
CVE
CVE
added 2012/10/03 10:0 a.m.80 views

CVE-2012-3520

CVE-2012-3520 concerns the Netlink implementation in the Linux kernel prior to 3.2.30, where Netlink messages missing SCM_CREDENTIALS data could be spoofed by a local attacker via crafted messages (notably affecting services such as Avahi or NetworkManager). The vulnerability enables a local user...

1.9CVSS6.8AI score0.00429EPSS
CVE
CVE
added 2013/03/14 8:0 p.m.80 views

CVE-2012-6539

CVE-2012-6539: In Linux kernel prior to 3.6, dev_ifconf in net/socket.c fails to initialize a structure, allowing local attackers to read kernel stack memory. SUSE advisories (SUSE-SU-2014:0536-1) roll up fixes and list this CVE among many kernel mitigations; patching/upgrading to kernel 3.6+ is ...

1.9CVSS5.4AI score0.00359EPSS
CVE
CVE
added 2013/03/22 10:0 a.m.80 views

CVE-2013-1826

The CVE-2013-1826 issue affects the Linux kernel’s xfrm_state_netlink() in net/xfrm/xfrm_user.c prior to 3.5.7. The vulnerability stems from not properly handling error conditions in dump_one_state() calls, which can allow a local user with CAP_NET_ADMIN to gain privileges or trigger a denial of ...

6.2CVSS5.4AI score0.00514EPSS
CVE
CVE
added 2013/03/22 10:0 a.m.80 views

CVE-2013-1848

Affected software: Linux kernel (fs/ext3/super.c) before 3.8.4. Root cause: incorrect arguments to functions related to printk input, enabling local users to perform format-string attacks and potentially gain privileges via a crafted application. Impact: local privilege escalation. Remediation: p...

6.2CVSS5AI score0.00577EPSS
CVE
CVE
added 2014/11/10 11:0 a.m.80 views

CVE-2014-8481

CVE-2014-8481 affects the Linux kernel KVM arch/x86/kvm/emulate.c; the instruction decoder mishandles invalid instructions, allowing guest OS users to trigger a NULL pointer dereference and host crash via a crafted application that either fetches an invalid instruction or uses too many bytes. Roo...

4.9CVSS6.9AI score0.00578EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.80 views

CVE-2014-9717

Vulnerability CVE-2014-9717 affects the Linux kernel prior to 4.0.2. The flaw is in fs/namespace.c where unmounting (MNT_DETACH) is processed by umount2 without ensuring MNT_LOCKED is unset, allowing local users to bypass access restrictions and access beneath a mount when running in a user names...

6.1CVSS6.1AI score0.00331EPSS
CVE
CVE
added 2016/06/27 10:0 a.m.80 views

CVE-2016-4440

The CVE-2016-4440 issue affects the Linux kernel (up to 4.6.3) in arch/x86/kvm/vmx.c where APICv on/off state is mishandled. This allows guest OS users to access direct host APIC MSRs via x2APIC, enabling potential host denial of service (crash) or arbitrary code execution. A fix exists in the up...

7.8CVSS7.8AI score0.00365EPSS
CVE
CVE
added 2019/11/07 3:29 p.m.80 views

CVE-2019-18810

CVE-2019-18810 affects the Linux kernel before 5.3.8, specifically a memory leak in komeda_wb_connector_add() within drivers/gpu/drm/arm/display/komeda/komeda_wb_connector.c. An attacker can trigger memory growth by causing drm_writeback_connector_init() failures, leading to denial of service via...

7.8CVSS7.7AI score0.03286EPSS
CVE
CVE
added 2024/03/04 6:10 p.m.80 views

CVE-2021-47093

CVE-2021-47093: SUSE advisories SIG- Linux kernel (SUSE SLES/openSUSE) notes a memleak in intel_pmc_core during module init when platform device registration fails. The fix frees the platform device with platform_device_put() to release resources (e.g., device name). Connected documents confirm t...

5.5CVSS6.3AI score0.00259EPSS
CVE
CVE
added 2024/04/10 6:56 p.m.80 views

CVE-2021-47196

CVE-2021-47196 concerns a use-after-free in the Linux kernel mlx5_ib path during QP creation. The issue arises when RDMA/core code presets both receive and send completion queue pointers before forwarding to the driver, then overwrites ibqp properties and continues into the driver path. If mlx5_q...

7.8CVSS6.3AI score0.00219EPSS
CVE
CVE
added 2024/04/10 6:56 p.m.80 views

CVE-2021-47198

CVE-2021-47198 affects the Linux kernel lpfc SCSI lpfc driver. The vulnerability arises when unloading the driver: NLP_REG_LOGIN_SEND is set in lpfc_reg_fab_ctrl_node() but not cleared on login completion, allowing a second call to lpfc_unreg_rpi() to operate with nlp_rpi = LPFC_RPI_ALLOW_ERROR a...

7.8CVSS6.4AI score0.00219EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.80 views

CVE-2021-47239

CVE-2021-47239 : In Linux kernel net/usb, theSmsc75xx driver has a use-after-free in smsc75xx_bind caused by not cleaning up a scheduled work in smsc75xx_reset→smsc75xx_set_multicast. The patch 46a8b29c6306 adds cancel_work_sync and NULLs the dangling pointer (dev->data[0]) to prevent use-afte...

7.8CVSS6.7AI score0.00228EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.80 views

CVE-2021-47294

The CVE-2021-47294 issue affects the Linux kernel NETROM implementation where sock timer handling changed to sock timer API. sk_reset_timer() may increase the sock refcount when called on an inactive timer, so if the timer expires the handler must decrease the refcount to avoid a leak. A patch (c...

5.5CVSS6.7AI score0.00276EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.80 views

CVE-2021-47302

In CVE-2021-47302, the Linux kernel igc driver is affected by a use-after-free during TX ring reset. The fix cleans the next_to_watch descriptor when cleaning the TX ring, preventing a possible free of an skb that was already freed if igc_poll() runs during a reset. The described impact is memory...

7.8CVSS6.7AI score0.00227EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.80 views

CVE-2021-47305

In CVE-2021-47305, the Linux kernel’s dma-buf/sync_file implementation leaks fences on error paths due to missing dma_fence_put() calls when merging fences and in krealloc_array failure. The fix ensures i and the fences array are zero-initialized and that all fences are dma_fence_put() and the fe...

5.5CVSS6.7AI score0.00238EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.80 views

CVE-2021-47340

CVE-2021-47340 is a Linux kernel vulnerability in the JFS subsystem. The issue arises when diFree() processes an inode without a valid ipimap, causing a NULL dereference via JFS_IP(ipimap) and leading to a GFP-related fault. The fix prevents passing an inode with IPIMAP == NULL to diFree, avoidin...

5.5CVSS6.7AI score0.00259EPSS
CVE
CVE
added 2024/05/22 6:19 a.m.80 views

CVE-2021-47447

CVE-2021-47447 : Linux kernel MSM DRM driver (drm/msm/a3xx) fix implemented for incorrect error handling in a3xx_gpu_init. Error paths returned 1 (not a negative errno), risking an Oops; also the ret check for -ENODATA failed since ret could be 1. The connected advisories confirm this as a kernel...

5.5CVSS6.6AI score0.00196EPSS
CVE
CVE
added 2024/05/24 3:1 p.m.80 views

CVE-2021-47503

In CVE-2021-47503, the Linux kernel SCSI pm80xx driver has a fix: do not call scsi_remove_host() inside pm8001_alloc() because scsi_add_host() has not yet been called, which previously could crash with a NULL pointer dereference during device_del. The issue occurs in the pm8001_pci_probe flow lea...

6.2CVSS7.2AI score0.00248EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.80 views

CVE-2021-47512

CVE-2021-47512 is a Linux kernel vulnerability in the net/sched fq_pie implementation. The root cause is that fq_pie_destroy() did not copy the timer handling logic from pie_destroy() and other qdiscs, potentially allowing a timer to rearm after del_timer_sync(&q->adapt_timer). The issue has b...

5.5CVSS6.9AI score0.00236EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.80 views

CVE-2021-47530

CVE-2021-47530: Linux kernel vulnerability in drm/msm where the submitqueue reference leak was not dropped across all paths, notably when the fence had already signaled. The fix (described as extracting a helper to normalize handling across different returns) resolves the leak. Public advisories ...

5.5CVSS6.6AI score0.00205EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.80 views

CVE-2021-47536

CVE-2021-47536 – Linux kernel (net/smc) . A bug in smc_lgr_cleanup_early wrongly deletes the list head instead of the link group from the link group list, causing memory corruption and a list corruption panic. Affected: Linux kernel with SMC subsystem (as described in the provided advisories). Im...

7.8CVSS6.7AI score0.00232EPSS
CVE
CVE
added 2024/06/19 2:54 p.m.80 views

CVE-2021-47604

CVE-2021-47604 concerns a Linux kernel vulnerability in vduse where get_config() failed to bound-check the offset, causing a potential out-of-bounds read when offset > dev->config_size due to unsigned subtraction. The issue is resolved in the Linux kernel (as per the description), with advi...

7.1CVSS8AI score0.00211EPSS
CVE
CVE
added 2022/09/23 11:10 a.m.80 views

CVE-2022-2785

CVE-2022-2785 affects the Linux kernel BPF subsystem. The vulnerability arises because constants used to fill pointers in structs passed to bpf_sys_bpf are not verified, allowing an attacker with CAP_BPF to read memory anywhere on the system. Affected systems can face arbitrary memory reads, with...

6.7CVSS5.4AI score0.00255EPSS
Total number of security vulnerabilities14330