Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/05/02 3:55 p.m.79 views

CVE-2023-53092

The CVE-2023-53092 entry concerns a Linux kernel interconnect driver (exynos) where a node leak could occur in the PM QoS error path during probe. The documented fix ensures that the newly allocated interconnect node is added to the provider before the PM QoS request is applied, so that the node ...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/05/01 2:11 p.m.78 views

CVE-2022-49929

CVE-2022-49929 relates to the Linux kernel RDMA/rxe path. The issue is a use-after-free-like leak in MR handling: rxe_recheck_mr() increments mr ref_cnt and, during RESPST_ERR_RNR, the code must call rxe_put(mr) to drop the extra reference to avoid a warning in __rxe_cleanup. The vulnerability is...

5.5CVSS6.4AI score0.0013EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.78 views

CVE-2022-49956

CVE-2022-49956 in the Linux kernel refers to a use-after-free bug in the rtl8712 staging driver. The issue arises because _Read/Write_MACREG callbacks are NULL, causing read/write_macreg_hdl() to only free the pcmd pointer. The fix removes these callbacks to prevent the use-after-free. The vulner...

7.8CVSS6.6AI score0.00214EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.78 views

CVE-2022-50002

CVE-2022-50002 concerns the Linux kernel where the LAG logic for MLX5 was fixed so that MLX5_LAG_FLAG_NDEVS_READY is set only when both netdevices are registered. The root cause was an asymmetry in how the flag is set vs cleared, which could leave the ready state set after one PF is unloaded, lea...

5.5CVSS6AI score0.00198EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.78 views

CVE-2022-50016

CVE-2022-50016 concerns the Linux kernel ASoC SOF Intel cnl driver. The issue arises when an IPC reply is processed before the FW_READY message, risking a NULL pointer dereference because reply_data is allocated only after FW_READY. The description notes this condition was observed with IPC4 firm...

5.5CVSS6.5AI score0.00184EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.78 views

CVE-2022-50030

CVE-2022-50030 is a vulnerability in the Linux kernel’s lpfc driver affecting debugfs input handling. According to the provided documents, malformed user input to debugfs can cause buffer overflow crashes due to input strings not fitting internal buffers (space for NULL terminators added). The CV...

7.8CVSS7AI score0.00185EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.78 views

CVE-2022-50040

CVE-2022-50040 affects the Linux kernel internal DSA path for sja1105 (net: dsa: sja1105). The vulnerability is a buffer overflow caused when an error occurs in dsa_devlink_region_create(), leading to a negative index (-1) access of priv->regions. The issue has been fixed in the cited commits,...

7.8CVSS7AI score0.0023EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.78 views

CVE-2022-50065

CVE-2022-50065 entry is rejected and does not represent an active vulnerability.

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.78 views

CVE-2022-50159

CVE-2022-50159 concerns the Linux kernel: the function that restores ima-kexec-buffer may read outside the addressable RAM if the previous kernel’s buffer lies beyond the new kernel’s memory map, risking kernel panic when booting with mem=X. A fix was implemented to validate the returned PFN rang...

5.5CVSS6.3AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.78 views

CVE-2022-50166

CVE-2022-50166 affects the Linux kernel Bluetooth HCI subsystem. When the HCI work queue is drained, a delayed command could still be queued to the drained workqueue, triggering a timeout in hci_cmd_timeout and a kernel warning. The root cause is the draining of the command/event/data processing ...

5.5CVSS6.5AI score0.00151EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.78 views

CVE-2022-50187

CVE-2022-50187 involves the ath11k driver netdev open race in the Linux kernel. The issue occurs when ath11k_mac_op_start() runs before mon_reap_timer is set up, leading to a racing open() that can trigger a BUG_ON() in mod_timer(). The fixed advisory notes allocate necessary resources before dev...

4.7CVSS6.3AI score0.00135EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.78 views

CVE-2022-50221

CVE-2022-50221 : In the Linux kernel, the drm/fb-helper deferred I/O damage handling could compute an clipping range that allowed an out-of-bounds access when the fbdev screen buffer ended near the start of a page. The patch clamps the maximum memory range to the screen buffer size and also renam...

7.1CVSS6.7AI score0.00182EPSS
CVE
CVE
added 2023/08/07 3:22 a.m.78 views

CVE-2023-20811

CVE-2023-20811 involves a boundary-check failure in the MediaTek IOMMU, causing an out-of-bounds write that could enable local privilege escalation with system privileges. Affected component: IOMMU sub-system (MediaTek). Root cause: missing bounds check leading to out-of-bounds write. Impact: loc...

6.7CVSS6.7AI score0.00087EPSS
CVE
CVE
added 2023/09/04 2:27 a.m.78 views

CVE-2023-20838

CVE-2023-20838 concerns the imgsys component. Multiple connected sources confirm a race-condition–driven out-of-bounds read that can leak local information and, in some scenarios, enable system-level execution with user interaction required for exploitation. Affected references consistently descr...

4CVSS3.9AI score0.00084EPSS
CVE
CVE
added 2024/05/21 3:23 p.m.78 views

CVE-2023-52744

CVE-2023-52744 concerns the Linux kernel RDMA/irdma path. The in_dev_get() function can return NULL, and the code may dereference idev in in_dev_for_each_ifa_rtnl(), causing a crash. A patch was added to check for NULL before dereferencing idev, mitigating the NULL pointer dereference. The issue ...

5.5CVSS6.7AI score0.00235EPSS
CVE
CVE
added 2024/05/21 3:23 p.m.78 views

CVE-2023-52747

The CVE-2023-52747 issue affects the Linux kernel IB/hfi1 path and is caused by a resource leak that occurs when a copyout fails. The vulnerability is resolved by the kernel fix that restores allocated resources on failed copyout, preventing the leak. According to the provided description and met...

5.5CVSS6.7AI score0.0024EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.78 views

CVE-2023-52807

CVE-2023-52807 affects the Linux kernel net/hns3 driver. The vulnerability arises from an array of strings used to display coalesce info, which may allow out-of-bounds reads when the kernel adds a new mode or state and coalesce info is read via debugfs. A patch fixes the bound-checking/array sizi...

7.8CVSS6.5AI score0.00248EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.78 views

CVE-2023-52893

Summary: CVE-2023-52893 is a Linux kernel vulnerability where a call path using get_variable with a NULL attr triggers a null-deref/panic in the gsmi subsystem. Root cause: The patch accompanying the EFI varstore change (efi: pstore: Omit efivars caching EFI varstore access layer) added a new get...

5.5CVSS6.5AI score0.0024EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.78 views

CVE-2023-52907

The CVE-2023-52907 issue affects the Linux kernel NFC PN533 USB flow. A use-after-free occurs when in_urb completes before out_urb, freeing the transfer buffer skb in pn533_send_async_complete() earlier than the out_urb callback. The fix delays in_urb submission until the out_urb callback runs an...

5.5CVSS6.8AI score0.00233EPSS
CVE
CVE
added 2024/05/17 11:50 a.m.78 views

CVE-2024-27409

The CVE-2024-27409 entry concerns the Linux kernel HDMA path of the dmaengine (dw-edma). The vulnerability stems from a race: the Linked list element/pointer may be written to memory and the doorbell register toggled before the full write completes, because the linked list and controller register...

5.5CVSS6.5AI score0.00236EPSS
CVE
CVE
added 2024/06/21 10:18 a.m.78 views

CVE-2024-38636

CVE-2024-38636 (Linux kernel, f2fs multi-device support) : The issue occurs when using multiple block devices with F2FS where reads on the non-primary device are mapped to the first block (address 0). This causes f2fs_map_blocks() to return a valid zero block address, but f2fs_iomap_begin() treat...

5.5CVSS6.4AI score0.0021EPSS
CVE
CVE
added 2024/08/17 9:21 a.m.78 views

CVE-2024-43838

CVE-2024-43838 affects the Linux kernel BPF path. The root cause is an incorrect overflow check in adjust_jmp_off(), where insn->imm was used for all overflow checks instead of insn->off for the general jump case. The issue is resolved by using insn->off for the overflow check in the gen...

5.5CVSS6.9AI score0.0018EPSS
CVE
CVE
added 2024/12/27 1:49 p.m.78 views

CVE-2024-53204

CVE-2024-53204 affects the Linux kernel Realtek USB PHY driver (rtk_usb3phy_probe). The root cause is a NULL dereference: devm_kzalloc() may return NULL in rtk_usb3phy_probe() and the value is not checked. The CVSS data indicates a Local attack vector, Low complexity, and High impact on availabil...

5.5CVSS7AI score0.00212EPSS
CVE
CVE
added 2024/12/29 11:30 a.m.78 views

CVE-2024-56730

CVE-2024-56730: In the Linux kernel, a memory allocation failure in net/9p/usbg (trans_usbg.c) was fixed by correcting kzalloc() failure handling to return NULL instead of ERR_PTR. The issue was detected in linux-next (next-20241108, vanilla kernel) and could affect memory exhaustion scenarios. T...

5.5CVSS6.4AI score0.00173EPSS
CVE
CVE
added 2025/03/12 9:42 a.m.78 views

CVE-2025-21851

CVE-2025-21851 — Linux kernel (ARM64 64KB pages) The issue caused segmentation faults and soft lockups on aarch64 kernels with 64KB page size when arena_htab tests ran. Root cause: arena_map_free() can pass an unaligned address to apply_to_pte_range() via bpf_arena_get_kern_vm_start() if the addr...

3.3CVSS6.5AI score0.00146EPSS
CVE
CVE
added 2025/03/12 9:42 a.m.78 views

CVE-2025-21860

The CVE-2025-21860 entry relates to a Linux kernel zswap bug in which inconsistent accounting occurs when zswap_store_page() fails to swap an entire folio after some base pages were swapped. The root cause was skipping charging zswap entries on failed swaps, which could lead to uncharged entries ...

3.3CVSS3.6AI score0.00206EPSS
CVE
CVE
added 2025/05/09 6:43 a.m.78 views

CVE-2025-37868

Technical details beyond the initial Linux kernel description are not provided in the connected documents. Monitor for updates; this entry notes a fix for notifier vs folio deadlock in drm/xe/userptr in the Linux kernel, cherry-picked from a commit.

5.5CVSS6.3AI score0.00172EPSS
CVE
CVE
added 2025/05/20 4:58 p.m.78 views

CVE-2025-37977

The CVE-2025-37977 issue affects the Linux kernel SCSI UFS Exynos path. Root cause: when the dma-coherent property is not set, descriptors become non-cacheable and iocc shareability bits must be disabled; otherwise UFS may configure incompatibly and experience random cache-related stability issue...

5.5CVSS6.5AI score0.00146EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.78 views

CVE-2025-38034

CVE-2025-38034 : The connected Azure Linux 3.0 Nessus entry confirms a Linux kernel issue affecting btrfs paths where btrfs__prelim_ref calls wrong order of oldref/newref, causing a NULL pointer dereference in trace_btrfs_prelim_ref_insert(). The backtrace shows the call path ending in prelim_ref...

5.5CVSS6AI score0.00174EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.78 views

CVE-2025-38075

CVE-2025-38075 affects the Linux kernel’s SCSI target (iscsi). The issue stems from the nopin response timer potentially restarting after expiration on a deleted connection, leading to a NULL pointer dereference when handling NOPIN timeouts. The documented fix is to stop the nopin timer before st...

5.5CVSS6.4AI score0.00162EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.78 views

CVE-2025-38108

CVE-2025-38108 affects the Linux kernel’s network scheduler, specifically the RED qdisc. The issue is a race in __red_change() where the SFQ perturb timer can fire at an inopportune time, allowing an underflow of a parent qlen during a concurrent qdisc_tree_flush/backlog sequence. The race scenar...

7CVSS7AI score0.00129EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.78 views

CVE-2025-38112

CVE-2025-38112 (Linux kernel) : A TOCTOU race in sk_is_readable() can occur when a socket resides in a sockmap. If sk->sk_prot is reloaded after the initial check, sk->sk_prot->sock_is_readable may have become NULL, causing a potential null pointer dereference. The issue stems from the f...

4.7CVSS7.1AI score0.0012EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.78 views

CVE-2025-38131

CVE-2025-38131 affects the Linux kernel coresight subsystem. The issue arises when enabling an active config via cscfg_csdev_enable_active_config() but the config could be deactivated via configfs/sysfs during unloading, potentially leading to use-after-free of config_desc after the module unload...

7.8CVSS7AI score0.00166EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.78 views

CVE-2025-38198

CVE-2025-38198 – Linux kernel fbcon : A fix resolves an out-of-bounds access when writing to store_modes if con2fb_map contains -1 for an unregistered console. The issue stems from fbcon_info_from_console accessing fbcon_registered_fb[con2fb_map[console]]; the patch changes this to handle invalid...

7.8CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.78 views

CVE-2025-38204

CVE-2025-38204 affects the Linux kernel’s JFS filesystem. The issue is an array-index-out-of-bounds read in add_missing_indices, where stbl (s8) must map to offsets 0–127. A bound check was added and -EIO is returned if the check fails; jfs_readdir is also updated to propagate errors from add_mis...

7.1CVSS6.4AI score0.00151EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.78 views

CVE-2025-38288

CVE-2025-38288 concerns the Linux kernel, fixed in the SUSE/OpenSUSE advisory as part of a kernel update. The vulnerability arises from calling smp_processor_id() in preemptible contexts within the smartpqi SCSI driver, which could lead to an invalid call trace and potential instability. The patc...

7.8CVSS6.5AI score0.00162EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.78 views

CVE-2025-38313

CVE-2025-38313 affects the Linux kernel in the bus: fsl-mc path. The issue is a double-free of mc_dev on error paths when the MC device is a DPRC, where mc_bus is allocated and mc_dev points to one field; only the mc_bus should be freed in that path. The description notes a fix/workaround impleme...

7.8CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.78 views

CVE-2025-38387

CVE-2025-38387 affects the Linux kernel’s RDMA/mlx5 subsystem. The issue arises when an obj_event is inserted into a list before its obj_sub_list is initialized, risking a poisonous pointer if the event is loaded immediately after insertion. The referenced fix initializes obj_event->obj_sub_li...

5.5CVSS6.3AI score0.0017EPSS
CVE
CVE
added 2025/07/25 1:20 p.m.78 views

CVE-2025-38409

CVE-2025-38409 affects the Linux kernel, specifically the drm/msm path. The issue is a leak in the submit error path where put_unused_fd() fails to free the installed file if fd_install() has already occurred, leading to a leaked resource (sync_file). The patch fixes the leak by freeing the sync_...

5.5CVSS6.3AI score0.00156EPSS
CVE
CVE
added 2025/07/25 2:0 p.m.78 views

CVE-2025-38416

Mode C: CVE-2025-38416 affects the Linux kernel NFC: nci: uart path. The vulnerability arises from setting tty->disc_data before the NCI device open/driver request succeeds, creating a small window where the device may start sending data and leaving state inconsistent on error paths. The fix e...

7.8CVSS6.5AI score0.00183EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.78 views

CVE-2025-38453

CVE-2025-38453 affects the Linux kernel: the io_uring/msg_ring path can free an io_kiocb at an unsafe time, leading to use-after-free scenarios. The documented fix defers freeing via RC/RCU mechanics by adding an rcU head and switching to kfree_rcu() in both the freeing paths (io_msg_tw_complete(...

5.5CVSS6.3AI score0.00145EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.78 views

CVE-2026-46113

CVE-2026-46113 (Linux kernel KVM x86 shadow paging use-after-free) is a resolved vulnerability in the KVM shadow paging path. The issue arises when the shadow MMU computes GFNs for direct shadow pages using sp->gfn plus the SPTE index and guest page-table modifications between VM entries can c...

8.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2004/04/16 4:0 a.m.77 views

CVE-2004-0178

The vulnerability lies in the Linux 2.4.x sb16 Sound Blaster driver (OSS) in 16-bit mode; under odd-sized samples it can crash local users. Affects Linux 2.4.x before 2.4.26. Remediation: upgrade to Linux 2.4.26 or newer.

2.1CVSS5.9AI score0.00442EPSS
CVE
CVE
added 2004/12/15 5:0 a.m.77 views

CVE-2004-1016

CVE-2004-1016 affects the Linux kernel (2.4.x up to 2.4.28 and 2.6.x up to 2.6.9) where the scm_send function in the kernel SCM layer can be triggered by local users. By crafting auxiliary messages passed to sendmsg, this can lead to a deadlock and a system hang (denial of service). Public record...

2.1CVSS7AI score0.01001EPSS
CVE
CVE
added 2005/04/24 4:0 a.m.77 views

CVE-2005-0135

Technical details for CVE-2005-0135 are not publicly provided in the connected documents. The sources reference kernel updates and include CVE lists, but do not specify affected products/versions, root cause, impact, or remediation. Monitor for updates.

2.1CVSS5.6AI score0.00437EPSS
CVE
CVE
added 2005/10/18 4:0 a.m.77 views

CVE-2005-3257

Summary: CVE-2005-3257 affects the Linux kernel (examples: 2.6.12 and possibly 2.6.14.4) where a local user can exploit the KDSKBSENT ioctl on terminals of other users to escalate privileges, demonstrated by modifying key bindings via loadkeys. Affected components: vt_ioctl.c in the VT subsystem ...

4.6CVSS5.1AI score0.01058EPSS
CVE
CVE
added 2006/04/19 6:0 p.m.77 views

CVE-2006-1525

CVE-2006-1525 affects the Linux kernel 2.6 series (before 2.6.16.8). The vulnerability arises in ip_route_input, where a local user can trigger a NULL pointer dereference by requesting a route for a multicast IP address, leading to a denial of service (panic). Public references in Debian/DSA advi...

4.9CVSS5.7AI score0.00438EPSS
CVE
CVE
added 2006/05/22 4:0 p.m.77 views

CVE-2006-1857

The CVE-2006-1857 entry describes a buffer overflow in the SCTP implementation of the Linux kernel up to version 2.6.16.17. A remote attacker could trigger this via a malformed HB-ACK chunk, potentially causing a crash (DoS) and possibly executing arbitrary code. A fix is available in kernel 2.6....

9CVSS7.8AI score0.06797EPSS
CVE
CVE
added 2006/09/11 5:0 p.m.77 views

CVE-2006-4623

The vulnerability CVE-2006-4623 affects the Linux kernel DVB ULE decapsulation path: Unidirectional Lightweight Encapsulation (ULE) in dvb-core/dvb_net.c of the kernel 2.6.17.8. A remote attacker can cause a denial of service (crash) by sending a ULE packet with an SNDU length of 0. Public adviso...

7.8CVSS7AI score0.04012EPSS
CVE
CVE
added 2006/10/05 9:0 p.m.77 views

CVE-2006-5174

CVE-2006-5174 concerns the Linux kernel 2.6 copy_from_user() implementation on s390/s390x where a local user could read kernel memory due to improper clearing of a kernel buffer. Affected platform: Linux kernel 2.6 before 2.6.19-rc1 on s390. The issue is an information leak (partial confidentiali...

2.1CVSS7AI score0.00417EPSS
Total number of security vulnerabilities14330