Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2024/06/20 11:13 a.m.80 views

CVE-2022-48769

In CVE-2022-48769, the Linux kernel vulnerability concerns Apple x86 EFI runtime services. The issue stems from a call to QueryVariableInfo() (added with EFI 2.00) used at runtime, which could crash firmware on certain Apple machines when managing NVRAM variables. The mitigation described is to a...

5.5CVSS6.4AI score0.00219EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.80 views

CVE-2022-48770

CVE-2022-48770 affects the Linux kernel vulnerability in the BPF stack trace code: bpf_get_task_stack() could dereference NULL pt_regs because task_pt_regs() may return NULL for kernel threads on powerpc. The patch adds a NULL check on the return value of task_pt_regs() before inspecting the call...

5.5CVSS6.3AI score0.00216EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.80 views

CVE-2022-48812

CVE-2022-48812 concerns the Linux kernel: the net: dsa: lantiq_gswip code should not use devres for mdiobus allocation/registration. The root cause is that mdiobus_free() can panic when invoked via devm_mdiobus_free() because devres_release_all() may free a bus that is still registered, especiall...

5.5CVSS6.7AI score0.00268EPSS
CVE
CVE
added 2024/07/16 12:25 p.m.80 views

CVE-2022-48861

CVE-2022-48861 is a Linux kernel use-after-free vulnerability in the vdpa/vp_vdpa path. When the vp_vdpa driver is unbound, vp_vdpa is freed in vdpa_unregister_device, after which vp_vdpa->mdev.pci_dev is dereferenced in vp_modern_remove, causing a use-after-free. The provided call traces show...

5.5CVSS7AI score0.00201EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.80 views

CVE-2022-48926

CVE-2022-48926 affects the Linux kernel USB gadget rndis path. The vulnerability arises from a missing spinlock protecting the rndis response list, enabling potential list corruption when two list_add operations occur concurrently. The provided traces show corruption of next->prev and a corres...

7.8CVSS6.8AI score0.00219EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.80 views

CVE-2022-48930

CVE-2022-48930 corresponds to a deadlock in the Linux kernel RDMA/ib_srp path. The fix removes the flush_workqueue(system_long_wq) call, which was deadlock‑prone and redundant with a preceding cancel_work_sync(). The associated Nessus entries reproduce the advisory text and reference kernel-stabl...

5.5CVSS7AI score0.00165EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.80 views

CVE-2022-49169

CVE-2022-49169 concerns the Linux kernel’s f2fs module and a race/lock issue that could cause a hang. The connected advisories document that the fix is to replace a mutex-based path with a spin_lock, specifically to avoid hang scenarios in f2fs when handling certain task reads and statistics oper...

5.5CVSS6.5AI score0.00245EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.80 views

CVE-2022-49202

CVE-2022-49202 concerns a missing NULL check in Linux kernel Bluetooth hci_uart path (h5_enqueue), where a Syzbot general protection fault occurred in __pm_runtime_resume() due to blindly passing a possibly NULL serdev pointer (hu->serdev). The issue could lead to GPF if hu->serdev is NULL....

5.5CVSS6.5AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.80 views

CVE-2022-49363

CVE-2022-49363 – Linux kernel (F2FS): A bug in the F2FS file system allowed a panic due to inconsistent inode SIT/block mapping after fuzzing, fixed by adding a sanity check on block addresses before updating the SIT table in f2fs_fallocate/f2fs_do_zero_range. Affected component is the F2FS imple...

5.5CVSS6.4AI score0.00247EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.80 views

CVE-2022-49496

The CVE-2022-49496 entry concerns the Linux kernel Mediatek vcodec driver (mtk_vcodec_dec). If the driver runs in subdev mode, dev->pm.dev can be NULL during mtk_vcodec_dec_remove, causing a kernel crash on rmmod mtk-vcodec-dec.ko. All connected documents describe the crash scenario and indica...

5.5CVSS5.2AI score0.0016EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.80 views

CVE-2022-49499

CVE-2022-49499 relates to the Linux kernel, in the drm/msm path. The issue is a null pointer dereference that occurs when the code accesses the per- process address space (aspace) without verifying it is set, which can be null on systems without an IOMMU (e.g., msm8974). The fix adds a check for ...

5.5CVSS5.4AI score0.00209EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.80 views

CVE-2022-49696

CVE-2022-49696 is a Linux kernel use-after-free in tipc_named_reinit, triggered by a race with workqueue finalization. The issue arises because cancel_work_sync() ordering could allow a destroyed TipC namespace to be accessed by a work item enqueuing later, leading to a read of freed memory (KASA...

7.8CVSS5.4AI score0.0028EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.80 views

CVE-2022-49812

CVE-2022-49812 describes a Linux kernel vulnerability in the bridge driver’s VLAN offload path. When VLANs are offloaded via switchdev, the bridge marks them with BR_VLFLAG_ADDED_BY_SWITCHDEV. Changing the VLAN protocol triggers notifications to switchdev drivers and also to the 8021q driver, whi...

5.5CVSS6.6AI score0.00183EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.80 views

CVE-2022-49841

CVE-2022-49841 affects the Linux kernel serial/imx driver. The root cause is a missing .thaw_noirq hook during hibernation, causing an unbalanced clock disable sequence and a warning like “uart3_root_clk already disabled” during resume. The documented fix is to add the missing .thaw_noirq hook im...

5.5CVSS6.6AI score0.00166EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.80 views

CVE-2022-49863

CVE-2022-49863 affects the Linux kernel CAN stack (af_can) where can_rx_register() dereferences ml_priv when dev_rcv_lists is NULL, leading to a NULL pointer dereference during CAN socket binding. The issue occurs during a sequence that binds a vxcan/bond setup to a CAN socket via netlink/socket ...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.80 views

CVE-2022-49891

CVE-2022-49891 concerns a Linux kernel memory-leak in tracing/kprobe handling. The root cause is that test_gen_kprobe_cmd() frees buf only on the fail path, causing a leak when no failure occurs; the patch moves kfree(buf) from the fail path to the common path, and applies the same fix to test_ge...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.80 views

CVE-2022-49918

CVE-2022-49918 concerns the Linux kernel IPVS subsystem. The vulnerability arises from the initialization path in ip_vs_conn_net_init() where failure to create ip_vs_conn or ip_vs_conn_sync files still leaves initialization “successful by default.” As a result, during removal, the proc entries ma...

5.5CVSS6.5AI score0.00173EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.80 views

CVE-2022-50037

CVE-2022-50037 concerns the Linux kernel: the drm/i915/ttm path could leak CCS state between users. The issue is resolved by applying the patch that prevents leaking CCS state (cherry-picked from commit 353819d85f87be46aeb9c1dd929d445a006fc6ec). Affected product is the Linux kernel (ttm subsystem...

5.5CVSS6.3AI score0.00184EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.80 views

CVE-2022-50112

The CVE-2022-50112 issue concerns the Linux kernel: a refcount leak in rpmsg qcom_smd parsing logic. Specifically, of_parse_phandle() returns a node pointer with an incremented refcount, which must be balanced with of_node_put() when the node is no longer needed. The vulnerability affects the ker...

5.5CVSS6.5AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.80 views

CVE-2022-50137

CVE-2022-50137 (Linux kernel) affects RDMA/irdma by a window for use-after-free during CQ destruction. An interrupt could cause CQE processing after CQ resources are freed by irdma_cq_free_rsrc(). The fix moves irdma_cq_free_rsrc() to run after irdma_sc_cleanup_ceqes() (which executes under cq_lo...

7.8CVSS6.6AI score0.00213EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.80 views

CVE-2022-50158

CVE-2022-50158 relates to the Linux kernel vulnerability in mtd: partitions where of_get_child_by_name() returns a node pointer with an incremented refcount and is not put back, leading to a refcount leak. The issue is fixed by adding a missing of_node_put() when the pointer is no longer needed. ...

5.5CVSS6.4AI score0.0016EPSS
CVE
CVE
added 2023/06/28 12:0 a.m.80 views

CVE-2023-3359

CVE-2023-3359 concerns the Linux kernel’s brcm_nvram_parse in drivers/nvmem/brcm_nvram.c, where the return value of kzalloc() is not checked, potentially causing a NULL pointer dereference. The issue is listed with a local attack vector and a high availability impact (CVSS v3.1: AV:L/AC:L/PR:L/UI...

5.5CVSS5.1AI score0.00205EPSS
CVE
CVE
added 2024/05/21 3:23 p.m.80 views

CVE-2023-52743

CVE-2023-52743 involves the Linux kernel. The issue arises when both the ice and irdma drivers are loaded: ice’s workqueue is created with the WQ_MEM_RECLAIM flag while irdma’s is not, triggering a warning in check_flush_dependency during memory reclamation. The root cause, per the advisory, is t...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/05/21 3:30 p.m.80 views

CVE-2023-52748

CVE-2023-52748 is a Linux kernel vulnerability related to f2fs. The issue stems from a format-overflow during a call to sprintf in fs/f2fs/compress.c within f2fs_init_page_array_cache, triggered when formatting the string "f2fs_page_array_entry-%u:%u" with MAJOR(dev) and MINOR(dev). The computed ...

7.8CVSS6.7AI score0.00249EPSS
CVE
CVE
added 2024/05/21 3:30 p.m.80 views

CVE-2023-52776

The CVE-2023-52776 issue affects the Linux kernel’s wifi/ath12k path. The DFS-radar and temperature event handling code calling ath12k_mac_get_ar_by_pdev_id() was not marked as an RCU read-side critical section, risking use-after-free in active pdev contexts. The fix marks the implicated code as ...

5.9CVSS7.3AI score0.00707EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.80 views

CVE-2023-52900

CVE-2023-52900: Linux kernel nilfs2 vulnerability in nilfs_btree_insert() can cause a general protection fault when a corrupted disk image leads __nilfs_btree_get_block() to return -ENOENT. The patch changes this to -EINVAL, causing subsequent b-tree operations to report corruption and return -EI...

5.5CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.80 views

CVE-2023-52901

The CVE-2023-52901 entry affects the Linux kernel USB xHCI host controller handling. The vulnerability arises when URBs are queued to all endpoints while the host is unresponsive, risking a NULL pointer dereference and kernel panic if an endpoint is dereferenced after becoming invalid. The fix ad...

5.5CVSS6.3AI score0.0024EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.80 views

CVE-2023-52983

The CVE-2023-52983 issue affects the Linux kernel’s bfq (multiqueue block I/O) subsystem. It describes a use-after-free (UAF) where bic_set_bfqq() could access a bfqq after it had been freed in certain contexts. The root cause was that bfqq was freed in the wrong place relative to bic_set_bfqq(),...

7.8CVSS6.7AI score0.0026EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.80 views

CVE-2023-53049

CVE-2023-53049 – Linux kernel USB-C/UCSI pointer dereference . A NULL pointer dereference in ucsi_connector_change() could occur if ucsi_init() failed and an event arrives via ucsi_acpi, dereferencing unable ucsi->connector. The fix prevents ntfy from being set until ucsi_init() succeeds, so e...

5.5CVSS6.6AI score0.00165EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.80 views

CVE-2023-53099

CVE-2023-53099 concerns a Linux kernel issue where a sleepable memory allocation was performed from an atomic context in the Xilinx firmware driver, triggering a lockdep-detected “sleeping function called from invalid context” condition. The advisory notes the root cause is in firmware: xilinx an...

5.5CVSS6.6AI score0.00125EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.80 views

CVE-2023-53133

CVE-2023-53133 affects the Linux kernel’s BPF sockmap path (tcp_bpf_recvmsg_parser) where a 0-length recvmsg can loop indefinitely. The description and connected advisories confirm the root cause is an infinite loop when len is 0 and that the fix is to return 0 for length 0 in tcp_bpf_recvmsg_par...

5.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.80 views

CVE-2023-53138

CVE-2023-53138 corresponds to a Linux kernel vulnerability in the net/caif stack (cfusbl_device_notify). When NETDEV_UNREGISTER is delivered multiple times during device teardown, a use-after-free can occur and there can be an imbalance in the module’s reference count, potentially freeing the par...

7.8CVSS6.6AI score0.00159EPSS
CVE
CVE
added 2024/04/03 5:0 p.m.80 views

CVE-2024-26732

CVE-2024-26732 affects the Linux kernel where SO_PEEK_OFF for sockets could cause a lockdep violation in af_unix, due to per-socket uio lock usage. The vulnerability arises because SO_PEEK_OFF was previously protected by kernel locks; a patch implemented lockless behavior for setsockopt(SO_PEEK_O...

5.5CVSS6.6AI score0.00158EPSS
CVE
CVE
added 2024/05/01 1:0 p.m.80 views

CVE-2024-27060

The CVE-2024-27060 issue affects the Linux kernel Thunderbolt driver, specifically a NULL pointer dereference in tb_port_update_credits() when handling Thunderbolt 1 devices with a single lane. The crash path traces to tb_port_do_update_credits and related hotplug/scan routines, leading to kernel...

5.5CVSS6.5AI score0.00225EPSS
CVE
CVE
added 2024/05/17 12:24 p.m.80 views

CVE-2024-35786

The CVE-2024-35786 issue affects the Linux kernel’s DRM Nouveau driver, specifically a stale locked mutex in nouveau_gem_ioctl_pushbuf that can cause a deadlock if VM_BIND is enabled and a legacy submission ioctl is attempted. The vulnerability is resolved by a kernel fix; the provided connected ...

5.5CVSS6.6AI score0.00173EPSS
CVE
CVE
added 2024/05/17 12:24 p.m.80 views

CVE-2024-35793

CVE-2024-35793 affects the Linux kernel debugfs remove path. The issue was a logic error in the removal cancelation flow: if a refcount is non-zero, cancellations must be triggered; otherwise, removal can finish without cancellations, but the existing loop could never run. The fix adjusts wait/ca...

5.5CVSS7AI score0.00172EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.80 views

CVE-2024-38551

CVE-2024-38551 : In the Linux kernel, the ASoC Mediatek path assigns a dummy codec to a DAI link if no real codec is present, to avoid NULL pointer errors during string comparisons. This vulnerability was resolved by the kernel fix described in the initial document, with MediaTek sound card drive...

5.5CVSS7AI score0.00236EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.80 views

CVE-2024-38561

CVE-2024-38561 is a Linux kernel vulnerability in kunit: Fix kthread reference. A race exists where a kthread finishes after the deadline but before kthread_stop(), which may lead to a use-after-free. The connected Nessus/NASL entry confirms a patch addressing the kunit kthread reference issue (C...

7CVSS7.8AI score0.00227EPSS
CVE
CVE
added 2024/06/19 1:45 p.m.80 views

CVE-2024-38592

CVE-2024-38592 relates to the Linux kernel’s drm/mediatek code: when conn_routes is true an extra slot is allocated for ddp_comp but mtk_drm_crtc_create() didn’t initialize it in a test path, causing a crash while traversing the ddp_comp array in mtk_drm_crtc_mode_valid(). The issue appears mitig...

5.5CVSS6.7AI score0.00225EPSS
CVE
CVE
added 2024/06/21 10:18 a.m.80 views

CVE-2024-38624

CVE-2024-38624 affects the Linux kernel NTFS3 file system code. The issue arises from using 32-bit arithmetic in a computing expression (for example, vbo = 2 * vbo + skip), risking overflow; the fix is to switch to a 64-bit variable to prevent 32-bit overflow. Multiple advisories (e.g., Ubuntu US...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/06/25 2:25 p.m.80 views

CVE-2024-39461

In Linux kernel CVE-2024-39461, the Raspberry Pi clock code (clk/bcm/clk-raspberrypi.c) accessed the hws array before initializing hws->num, triggering UBSAN array-index-out-of-bounds warnings. The fix moves the initialization of ->num ahead of the first access to ->hws, removing the out...

5.5CVSS7AI score0.00211EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.80 views

CVE-2024-40926

CVE-2024-40926 affects the Linux kernel DRM Nouveau driver. The issue occurs when runtime PM resumes on headless cards that lack display hardware, where hpd_work and hpd_lock are left uninitialized and scheduling hpd_work triggers a BUG. The patch adds a headless flag to DRM and instructs the sys...

5.5CVSS6.5AI score0.00238EPSS
CVE
CVE
added 2024/07/29 2:31 p.m.80 views

CVE-2024-41037

CVE-2024-41037 affects the Linux kernel ASoC: SOF Intel ASoC HDA path. The vulnerability arises during system suspend entry when a stream is active: the core calls hw_params_upon_resume(), and on Intel platforms using HDA DMA this leads to a call chain that hits a null dereference. Specifically, ...

5.5CVSS6.5AI score0.00274EPSS
CVE
CVE
added 2024/07/29 3:52 p.m.80 views

CVE-2024-42071

CVE-2024-42071 is a Linux kernel issue related to the ionic driver where napi_consume_skb() is invoked outside a safe NAPI context. The root cause described in the sources is that a non-NAPI/softirq path should call napi_consume_skb with budget=0, as indicated by the code notes and stack traces (...

5.5CVSS6.5AI score0.0021EPSS
CVE
CVE
added 2024/07/29 4:26 p.m.80 views

CVE-2024-42088

CVE-2024-42088 affects Linux kernel ASoC: Mediatek mt8195, where a platform entry for ETDM1_OUT_BE dai link was removed inadvertently, causing a KASAN OOB warning in mtk_soundcard_common_probe() due to an empty platforms array. The fix adds a COMP_EMPTY() entry to ensure dai_link->platforms ha...

7.8CVSS6.7AI score0.00217EPSS
CVE
CVE
added 2024/08/07 3:14 p.m.80 views

CVE-2024-42234

CVE-2024-42234 affects the Linux kernel in the area of memory management, specifically the deferred split and large folio migration path. The root cause is a race during deferred_split_scan() where folios are moved to a local list without proper synchronization, risking double frees and related B...

5.5CVSS6.5AI score0.00184EPSS
CVE
CVE
added 2024/08/07 3:14 p.m.80 views

CVE-2024-42242

In CVE-2024-42242, the Linux kernel mmc: sdhci driver had a mismatch between two checks for max_segment_size. max_size was forced to PAGE_SIZE by blk_queue_max_segment_size() when it was below PAGE_SIZE, while blk_validate_limits() treated a max_segment_size below PAGE_SIZE as an error (returning...

5.5CVSS6.4AI score0.00182EPSS
CVE
CVE
added 2024/08/17 9:21 a.m.80 views

CVE-2024-43844

CVE-2024-43844 affects the Linux kernel’s wifi rt w89 GTK offload path. The issue stems from rtw89_fw_h2c_wow_gtk_ofld handling, where a sk_buff could be oversized, causing skb_panic in net/core/skbuff.c and a kernel crash (BUG at skbuff.c:192). Affected data path: wow GTK offload H2C, leading to...

5.5CVSS6.6AI score0.0018EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.80 views

CVE-2024-44997

CVE-2024-44997 affects the Linux kernel’s net: ethernet: mtk_wed component. The issue is a use-after-free/panic in MT798X when turning down an interface on a band with multiple AP interfaces and WED enabled. The root cause: cb_priv was freed in mtk_wed_setup_tc_block() without nulling the pointer...

7.8CVSS7.3AI score0.00214EPSS
CVE
CVE
added 2024/09/18 7:12 a.m.80 views

CVE-2024-46764

CVE-2024-46764 affects Linux kernel’s BPF/BTF handling: btf_name_valid_section() can pass an invalid 1-byte name if name[0] is a NULL byte, enabling an out-of-bounds condition. The fix adds a check for a NULL first byte and that the first character is printable. The initial entry indicates the vu...

7.1CVSS6.5AI score0.00223EPSS
Total number of security vulnerabilities14330