Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2024/04/17 3:59 p.m.79 views

CVE-2023-52645

CVE-2023-52645 is a Linux kernel race condition affecting mediatek power domains managed by genpd. The issue arises if power domains are registered first with genpd and later powered on in the driver’s probe, creating a potential race with genpd’s on/off operations. The described fix involves seq...

4.7CVSS6.5AI score0.00173EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.79 views

CVE-2023-52901

The CVE-2023-52901 entry affects the Linux kernel USB xHCI host controller handling. The vulnerability arises when URBs are queued to all endpoints while the host is unresponsive, risking a NULL pointer dereference and kernel panic if an endpoint is dereferenced after becoming invalid. The fix ad...

5.5CVSS6.3AI score0.0024EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.79 views

CVE-2023-52910

CVE-2023-52910 (Linux kernel, iommu/iova overflow) : In __alloc_and_insert_iova_range, retry_pfn can overflow because iovad->anchor.pfn_hi is ~0UL. When iovad->cached_node == iovad->anchor, curr_iova->pfn_hi + 1 overflows, causing low_pfn to reset to 0 and making new_pfn

5.5CVSS6.6AI score0.00236EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.79 views

CVE-2023-53022

CVE-2023-53022 concerns a deadlock in the Linux kernel’s enetc driver. The vulnerability stems from a locking sequence in enetc_tx_onestep_tstamp() where a work item runs in process context with softirqs enabled and holds netif_tx_lock. If a transmission interrupt occurs, the NET_TX softirq can r...

5.5CVSS6.6AI score0.00136EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.79 views

CVE-2023-53030

CVE-2023-53030 affects the Linux kernel in octeontx2-pf where GFP_KERNEL was used in a context with preemption disabled, triggering a warning (CONFIG_DEBUG_ATOMIC_SLEEP) and potential sleeping in atomic context. The issue is resolved by avoiding GFP_KERNEL in atomic contexts and disabling preempt...

5.5CVSS6.6AI score0.00136EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.79 views

CVE-2023-53092

The CVE-2023-53092 entry concerns a Linux kernel interconnect driver (exynos) where a node leak could occur in the PM QoS error path during probe. The documented fix ensures that the newly allocated interconnect node is added to the provider before the PM QoS request is applied, so that the node ...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.79 views

CVE-2023-53135

The CVE-2023-53135 entry describes a Linux kernel vulnerability in riscv where, if CONFIG_FRAME_POINTER is unset, the stack unwinding function walk_stackframe may read the stack non-atomically in imprecise unwinding mode, enabling a KASAN-detected stack-out-of-bounds condition. The identified fix...

7.1CVSS6.3AI score0.00159EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.79 views

CVE-2023-53138

CVE-2023-53138 corresponds to a Linux kernel vulnerability in the net/caif stack (cfusbl_device_notify). When NETDEV_UNREGISTER is delivered multiple times during device teardown, a use-after-free can occur and there can be an imbalance in the module’s reference count, potentially freeing the par...

7.8CVSS6.6AI score0.00159EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.79 views

CVE-2023-53143

CVE-2023-53143 is a Linux kernel ext4 off-by-one fsmap bug for 1k-block filesystems. The crash stems from insufficient range validation in ext4_getfsmap_datadev when querying GETFSMAP, due to s_first_data_block being nonzero on 1k blocks, causing an underflow and invalid group calculation. A fix ...

5.5CVSS6AI score0.00158EPSS
CVE
CVE
added 2024/05/01 1:0 p.m.79 views

CVE-2024-27060

The CVE-2024-27060 issue affects the Linux kernel Thunderbolt driver, specifically a NULL pointer dereference in tb_port_update_credits() when handling Thunderbolt 1 devices with a single lane. The crash path traces to tb_port_do_update_credits and related hotplug/scan routines, leading to kernel...

5.5CVSS6.5AI score0.00225EPSS
CVE
CVE
added 2024/05/01 1:0 p.m.79 views

CVE-2024-27061

CVE-2024-27061 affects the Linux kernel crypto sun8i-ce path (sun8i_ce_cipher_do_one) due to a use-after-free in unprepare. The root cause is use-after-free of memory when client callbacks may free memory before sun8i_ce_cipher_unprepare is called, leading to a potential pointer dereference and a...

7.8CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/05/30 3:23 p.m.79 views

CVE-2024-36033

CVE-2024-36033 refers to a vulnerability in the Linux kernel where the Bluetooth: qca driver could leak slab data when fetching the board id. The issue was fixed by adding a missing sanity check during the board-id fetch, preventing leakage of slab data when firmware is subsequently requested. Th...

7.1CVSS6.7AI score0.00248EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.79 views

CVE-2024-38563

CVE-2024-38563 affects the Linux kernel wifi driver for the MT76 MT7996. When reading the chip temperature, a memory leak could occur prior to the fix. The issue is resolved by a kernel commit that patches the MT7996 temperature-reading path; details are in the vendor/kernel advisories and linked...

5.5CVSS7AI score0.00225EPSS
CVE
CVE
added 2024/07/29 3:52 p.m.79 views

CVE-2024-42071

CVE-2024-42071 is a Linux kernel issue related to the ionic driver where napi_consume_skb() is invoked outside a safe NAPI context. The root cause described in the sources is that a non-NAPI/softirq path should call napi_consume_skb with budget=0, as indicated by the code notes and stack traces (...

5.5CVSS6.5AI score0.0021EPSS
CVE
CVE
added 2024/07/29 3:52 p.m.79 views

CVE-2024-42072

Summary of CVE-2024-42072 (Linux kernel, bpf may_goto with negative offset) The issue, reported through the Linux kernel, stems from two bugs exposed by a syzbot-facilitated bpf program: (1) the patching of may_goto when the offset is negative, which requires a different handling; and (2) a verif...

7.8CVSS6.6AI score0.00226EPSS
CVE
CVE
added 2024/07/29 4:26 p.m.79 views

CVE-2024-42088

CVE-2024-42088 affects Linux kernel ASoC: Mediatek mt8195, where a platform entry for ETDM1_OUT_BE dai link was removed inadvertently, causing a KASAN OOB warning in mtk_soundcard_common_probe() due to an empty platforms array. The fix adds a COMP_EMPTY() entry to ensure dai_link->platforms ha...

7.8CVSS6.7AI score0.00217EPSS
CVE
CVE
added 2024/08/07 3:14 p.m.79 views

CVE-2024-42234

CVE-2024-42234 affects the Linux kernel in the area of memory management, specifically the deferred split and large folio migration path. The root cause is a race during deferred_split_scan() where folios are moved to a local list without proper synchronization, risking double frees and related B...

5.5CVSS6.5AI score0.00184EPSS
CVE
CVE
added 2024/08/17 9:21 a.m.79 views

CVE-2024-43844

CVE-2024-43844 affects the Linux kernel’s wifi rt w89 GTK offload path. The issue stems from rtw89_fw_h2c_wow_gtk_ofld handling, where a sk_buff could be oversized, causing skb_panic in net/core/skbuff.c and a kernel crash (BUG at skbuff.c:192). Affected data path: wow GTK offload H2C, leading to...

5.5CVSS6.6AI score0.0018EPSS
CVE
CVE
added 2025/01/11 12:35 p.m.79 views

CVE-2024-49573

CVE-2024-49573 affects the Linux kernel sched/fair NEXT_BUDDY logic. Enabling NEXT_BUDDY could trigger a WARN in pick_next_entity(); fix moves clear_buddies() earlier and ensures no new ->next buddy starts as delayed. Upstream/stable kernel patches implement this remediation (see referenced ke...

5.5CVSS6.6AI score0.00182EPSS
CVE
CVE
added 2024/12/28 9:46 a.m.79 views

CVE-2024-56682

Summary (CVE-2024-56682) : In the Linux kernel RISCV IRQ domain handling, probing the APLIC driver before IMSIC can leave the parent MSI domain missing, causing a NULL pointer dereference in msi_create_device_irq_domain(). The fix defers the APLIC probe until the parent MSI domain is available an...

5.5CVSS6.5AI score0.00224EPSS
CVE
CVE
added 2025/01/19 10:18 a.m.79 views

CVE-2025-21644

CVE-2025-21644: Linux kernel DRM/xe tlb_invalidation bug. Root cause: GuC load failure could leave initialization incomplete, leading to NULL pointer dereference during wedging. Fix: move xe_gt_tlb_invalidation_init() to xe_gt_init_early() so locks/seqno are initialized early (software-only init)...

5.5CVSS6.3AI score0.00212EPSS
CVE
CVE
added 2025/02/27 2:12 a.m.79 views

CVE-2025-21751

CVE-2025-21751 affects the Linux kernel net/mlx5 HWS: when a firmware error occurs during the matcher disconnect flow, the kernel previously attempted to reconnect the matcher and could free a matcher that was still on the list, causing use-after-free and a crash. The patch changes the error path...

7.8CVSS6.8AI score0.00212EPSS
CVE
CVE
added 2025/03/27 2:57 p.m.79 views

CVE-2025-21874

CVE-2025-21874 is a Linux kernel vulnerability in dm-integrity, where in Inline mode the journal is unused and journal_sectors can be zero. Calculating the journal watermark divides by journal_sectors, which can trigger an OOPS during a simple dmsetup table query. The issue was observed on some s...

5.5CVSS6.9AI score0.00187EPSS
CVE
CVE
added 2025/05/01 1:7 p.m.79 views

CVE-2025-37779

CVE-2025-37779 pertains to the Linux kernel. A folio refcount bug in lib/iov_iter caused a UAF when an EROFS file-backed mount over 9P (v9fs) on QEMU was exercised, due to pages in bvec being coalesced across a folio boundary. The root cause was inadequate refcount handling for non-slab folios, p...

5.5CVSS6.4AI score0.0013EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.79 views

CVE-2025-38015

CVE-2025-38015 – Linux kernel (dmaengine idxd): The issue is a memory leak in the error path of idxd_alloc where memory allocated for idxd could be left unreleased if idxd_alloc() fails. The fix frees the allocated memory in the reverse order of allocation before exiting the function on error. Th...

5.5CVSS6.6AI score0.00161EPSS
CVE
CVE
added 2025/07/02 2:43 p.m.79 views

CVE-2025-38091

CVE-2025-38091 affects the Linux kernel’s AMD display stack. It fixes a false positive warning in drm/amd/display when querying plane_id in DML21, which could trigger a warning during mode1 reset. The issue arises from insufficient checks in dml2_map_dc_pipes and is resolved by a patch cherry-pic...

7.8CVSS6.4AI score0.00142EPSS
CVE
CVE
added 2025/07/03 8:13 a.m.79 views

CVE-2025-38098

CVE-2025-38098 affects the Linux kernel’s DRM/AMD display path. The vulnerability stems from improper handling of a wb (writeback) connector and an amdgpu_dmConnector, where dereferencing aconnector->base could lead to unintended behavior. The issue is localized (requires local access) and the...

5.5CVSS6.9AI score0.00155EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38102

The CVE CVE-2025-38102 describes a race in VMCI within the Linux kernel between vmci_host_setup_notify and vmci_ctx_unset_notify. A warning can be triggered in try_grab_folio due to a still-in-progress get_user_pages_fast writing to context->notify_page, which may be observed and mismanaged du...

7CVSS6.9AI score0.00129EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38122

In CVE-2025-38122, the Linux kernel vulnerability is due to a missing NULL check in gve_alloc_pending_packet() used by gve_tx_add_skb_dqo(). The function can return NULL, but the caller did not guard against this, risking NULL pointer dereference in low‑memory scenarios. The fix adds the missing ...

5.5CVSS7.1AI score0.00156EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38126

CVE-2025-38126 affects the Linux kernel’s stmmac driver in timestamp configuration. The root cause is that clk_ptp_rate can become 0 (if clk_get_rate returns 0 and the driver does not override it), leading to a division by zero during PTP initialization. The issue is fixed by adding an explicit c...

5.5CVSS7AI score0.00159EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38132

CVE-2025-38132 : Linux kernel coresight race condition when removing cscfg from csdev. The issue occurs if a module load and config deactivate path races with iterating/removing config_csdev_list entries while holding csdev->cscfg_csdev_lock, allowing an entry delete to race with an active con...

5.5CVSS7.2AI score0.00138EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38138

CVE-2025-38138 concerns the Linux kernel TI DMA engine, specifically the ti udmaProbe path. The root cause is a NULL pointer dereference when devm_kasprintf() returns NULL due to memory allocation failure, because udma_probe() did not check this return value. The vulnerability is mitigated by a p...

5.5CVSS7.1AI score0.00167EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38153

CVE-2025-38153 (Linux kernel) is documented in connected sources as a vulnerability in the aqc111 USB network driver. The issue arises from incomplete sanitation of usbnet read results, where usbnet_read_cmd() may return fewer bytes than expected and aqc111_read_cmd() may not validate the result,...

7.1CVSS6.8AI score0.00163EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.79 views

CVE-2025-38157

Affected software: Linux kernel driver ath9k_htc (wifi). Issue: when an adversarial USB device emits WMI_SWBA_EVENTID before beaconing is enabled, ath9k_htc_swba() may trigger a device-by-zero error causing a crash or out-of-bounds read. Root cause: improper handling of software beacon processing...

7.8CVSS7.1AI score0.00158EPSS
CVE
CVE
added 2025/07/03 8:36 a.m.79 views

CVE-2025-38162

Summary: CVE-2025-38162 is a Linux kernel vulnerability in netfilter/nft_set_pipapo related to overflow in lookup table allocation. The description states the root cause as an overflow-prone calculation when determining the lookup table size. The fix involves guarding the multiplications with ove...

5.5CVSS7.5AI score0.00138EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.79 views

CVE-2025-38187

Root-cause: In Linux kernel DRM Nouveau, a use-after-free occurs when sending large RPC fragments because the RPC container is freed prematurely after being passed to r535_gsp_rpc_send(). Fix: allocate a temporary RPC container for the initial fragment and free the caller’s container only after a...

7.8CVSS6.5AI score0.00145EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.79 views

CVE-2025-38203

The CVE-2025-38203 entry concerns the Linux kernel JFS file-system driver. A concurrency-related null pointer dereference in jfs_ioc_trim can occur when JFS_SBI(ipbmap->i_sb)->bmap is NULL and is dereferenced, leading to a kernel crash. The issue is tied to a previously fixed patch, but und...

5.5CVSS6.3AI score0.00147EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.79 views

CVE-2025-38210

CVE-2025-38210 concerns the Linux kernel in the configfs-tsm-report path. The root cause is a NULL-dereference risk when tsm_ops have been unregistered but certain code paths (tsm_report_privlevel_store(), tsm_report_provider_show()) did not verify the removal, leading to potential config-item ac...

5.5CVSS6.5AI score0.00146EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.79 views

CVE-2025-38312

CVE-2025-38312 concerns the Linux kernel fbdev path: fbcvt. In fb_find_mode_cvt(), if mode->refresh equals 0x80000000, cvt.f_refresh overflows when doubled, and is subsequently used as a divider in fb_cvt_hperiod(), causing a division by zero and potential kernel oops. The vulnerability is res...

5.5CVSS6.4AI score0.0015EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.79 views

CVE-2025-38317

CVE-2025-38317 involves a buffer overflow in the Linux kernel wifi driver ath12k when writing to debugfs, causing memory corruption if more than 32 bytes are written. The issue is limited to debugfs and, per sources, is restricted to root users. Connected documents corroborate that this vulnerabi...

7.8CVSS7.1AI score0.00167EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.79 views

CVE-2025-38344

CVE-2025-38344 relates to ACPICA in the Linux kernel where ACPI cache leaks were fixed. Technical details in connected docs show memory leaks in Acpi-State, Acpi-Parse, and Acpi-parse_ext caches due to merging of slabs and use of KMEM cache flags (SLAB_NEVER_MERGE). The root cause was leaks in ea...

5.5CVSS6.6AI score0.0016EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.79 views

CVE-2025-38371

CVE-2025-38371 affects the Linux kernel DRM v3D component on Raspberry Pi; the issue occurs when an interrupt is triggered during GPU reset, potentially causing GPU hangs and a kernel NULL pointer dereference. The fix is to disable interrupts before resetting the GPU. The openSUSE/SUSE references...

5.5CVSS6.1AI score0.00161EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.79 views

CVE-2025-38377

CVE-2025-38377 : Linux kernel vulnerability in rose_rt_device_down() can cause use-after-free by corrupting the neighbour loop (loop bound altered and index increment after removal). A reverse-iteration fix with a fixed loop bound was applied to ensure all entries are examined and removals do not...

7.8CVSS6.5AI score0.00164EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.79 views

CVE-2025-38391

CVE-2025-38391 in the Linux kernel addresses a vulnerability in USB Type-C Alt Mode handling for DisplayPort. A misbehaving port partner could claim pin assignment capabilities beyond the valid range, causing an out-of-bounds access in pin_assignment_show. The fix adds a DP_PIN_ASSIGN_MAX constan...

5.5CVSS6.3AI score0.0017EPSS
CVE
CVE
added 2025/07/25 2:16 p.m.79 views

CVE-2025-38426

Technical details about CVE-2025-38426 are not provided in the supplied documents. Open items reference the issue at a high level; monitor for updates from the OSV/OpenVAS/Tenable sources for concrete affected components, root cause, and fixes.

5.5CVSS6.3AI score0.00157EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.79 views

CVE-2025-38439

Summary of CVE-2025-38439 : In the Linux kernel, the bnxt_en driver had a flaw where the DMA unmap length was incorrectly set to 0 when sending an XDP_REDIRECT packet. The underlying issue is in the IOMMU path, where the mismatch could trigger a kernel warning on systems with IOMMU enabled. The p...

5.5CVSS6.4AI score0.0017EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.79 views

CVE-2025-38462

CVE-2025-38462 affects the Linux kernel vsock subsystem. Root cause is a TOCTOU race in vsock_find_cid() and vsock_dev_do_ioctl() with module unload, where transport_g2h/h2g can become NULL after a NULL check, causing null-pointer derefs. The patch adds vsock_transport_local_cid() to guard agains...

4.7CVSS6.3AI score0.00112EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.79 views

CVE-2025-38470

Summary: CVE-2025-38470 affects the Linux kernel’s VLAN handling (net: vlan) where VLAN 0 is auto-managed when rx-vlan-filter is enabled. The root cause is a refcount imbalance during runtime toggling of VLAN filtering, which can cause a memory leak for VLAN 0 if the feature is disabled while a d...

5.5CVSS6.2AI score0.00161EPSS
CVE
CVE
added 2026/06/09 12:11 p.m.79 views

CVE-2026-46319

The CVE-2026-46319 entry describes a race in the Linux kernel net/sched act_ct where rcu_read_lock is exited before refcount_inc_not_zero on ct_ft, allowing a UAF when ct_ft is freed during cleanup. This creates a local privilege-escalation risk as an attacker could observe or trigger the race wi...

7.8CVSS5.4AI score0.00125EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.78 views

CVE-2003-0018

CVE-2003-0018 concerns Linux kernel 2.4.10–2.4.21-pre4 where O_DIRECT is mishandled, allowing local attackers with write privileges to read portions of previously deleted files or cause filesystem corruption. Related advisories (SUSE CVE-2003-0956; Debian DSA-358/423) note multiple O_DIRECT-relat...

3.6CVSS5.8AI score0.00369EPSS
Total number of security vulnerabilities14330