Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2024/08/21 6:10 a.m.72 views

CVE-2022-48877

In CVE-2022-48877, the Linux kernel f2fs subsystem introduces a fix to avoid a panic when extent_tree is not created. The described crash trace (__lookup_extent_tree+0xd8/0x760; f2fs_do_write_data_page; f2fs_write_cache_pages) occurs during writeback of data pages, potentially leading to kernel p...

5.5CVSS6.6AI score0.0024EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.72 views

CVE-2022-48890

No connected documents with concrete technical details for CVE-2022-48890 beyond the initial description. Technical specifics (affected components/versions/exploit specifics) are not provided here; monitor for updates.

5.5CVSS6.5AI score0.00208EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.72 views

CVE-2022-48892

CVE-2022-48892 : Linux kernel sched/core fix for a use-after-free in dup_user_cpus_ptr(). The vulnerability existed due to dup_user_cpus_ptr() accessing user_cpus_ptr without proper locking, racing with fork() and the clearing of user_cpus_ptr during set_cpus_allowed_ptr_locked(), primarily affec...

7.8CVSS6.5AI score0.00249EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.72 views

CVE-2022-48898

CVE-2022-48898 concerns the Linux kernel drm/msm/dp path where the DP controller’s aux ISR could prematurely complete dp_aux_cmd_fifo_tx() even when the interrupt was not for an aux transfer, causing potential data corruption in EDID transfers during boot and in the host buffer. Multiple connecte...

4.7CVSS6.7AI score0.00181EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.72 views

CVE-2022-48998

CVE-2022-48998 concerns a PowerPC-specific issue in the Linux kernel’s BPF tail-call handling (powerpc/bpf/32). The available connected documents describe a bug where tail calls to BPF programs with differing stack depths could corrupt stack state, leading to an Oops and kernel data access on wri...

7.8CVSS7.3AI score0.00227EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.72 views

CVE-2022-49211

CVE-2022-49211 concerns a Linux kernel issue in the MIPS CDMM code path where of_find_compatible_node() returns a node pointer with an incremented refcount and the code omits of_node_put() to release it. The fixed description states: add the missing of_node_put() to release the refcount. Affected...

5.5CVSS6.4AI score0.00245EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.72 views

CVE-2022-49231

The CVE-2022-49231 entry concerns a Linux kernel issue in the rtw88 driver where memory overrun and memory leaks occurred during hw_scan due to under-allocated buffers. The mitigation is explicit: allocate the correct size and implement a proper deinitialization flow. Connected sources (SUSE Astr...

5.5CVSS5.5AI score0.00209EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.72 views

CVE-2022-49360

CVE-2022-49360 (Linux kernel, f2fs): The issue arises from a root-cause mismatch where ckpt.valid_block_count is inconsistent with the SIT table, causing a panic during garbage collection when the LFS allocator cannot find a free segment despite the filesystem reporting free blocks. The reference...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.72 views

CVE-2022-49364

CVE-2022-49364 : In the Linux kernel, a f2fs inode eviction bug was fixed. The root cause is that the inode node and the dnode share the same nid, causing dnode truncation to invalidate the NAT entry during f2fs_evict_inode() and leaving the inode marked dirty. The fix clears the dirty flag on th...

5.5CVSS5.3AI score0.00247EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.72 views

CVE-2022-49387

CVE-2022-49387 concerns the Linux kernel watchdog driver rzg2l_wdt. The root cause is a 32-bit overflow in timer_cycle_us that can yield 0, e.g., when a counter like 0xfff is used to compute maxval. The provided connected documents confirm a patch that promotes values to 64-bit by appending ULL t...

5.5CVSS5.6AI score0.00243EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.72 views

CVE-2022-49393

The CVE-2022-49393 issue affects the Linux kernel in the misc: fastrpc: fix list iterator in fastrpc_req_mem_unmap_impl area. The root cause is an incorrect use of the list iterator with list_for_each_entry(), where the iterator value map is not NULL when the list is empty, causing logic that che...

5.5CVSS5.2AI score0.00209EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.72 views

CVE-2022-49582

This CVE-ID (CVE-2022-49582) is associated with the Linux kernel: net: dsa: fix NULL pointer dereference in dsa_port_reset_vlan_filtering. The root cause described in the sources is that the ds iterator variable used in dsa_port_reset_vlan_filtering() -> dsa_switch_for_each_port() overwrites t...

5.5CVSS5.4AI score0.00209EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.72 views

CVE-2022-49706

CVE-2022-49706—zonefs contains a read handling bug in zonefs_iomap_begin() where a readahead to a zone file with an offset equal to the current file size can set iomap type to IOMAP_UNWRITTEN with length 0, triggering a WARN_ON in iomap_iter and causing iomap_readahead() to loop. The patch fixes ...

7.1CVSS6.6AI score0.00252EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.72 views

CVE-2022-49781

CVE-2022-49781 corresponds to a Linux kernel vulnerability in perf/x86/amd where a race between amd_pmu_enable_all and perf NMI/throttling could lead to a NULL event dereference and kernel crash. The issue arises when perf NMI disables/enables all events while amd_pmu_enable_all is in progress, p...

4.7CVSS6.2AI score0.00098EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.72 views

CVE-2022-49919

CVE-2022-49919 : In the Linux kernel, the nf_tables flow rule object release path was fixed. The underlying issue was a use-after-free (UAF) triggered by races with the netlink notifier, observed when the flow rule object is accessed only from the control plane (no data packets traverse it). The ...

7CVSS6.5AI score0.00134EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.72 views

CVE-2022-49952

CVE-2022-49952 concerns the Linux kernel. The issue is in the misc: fastrpc path where memory could be corrupted during probe due to a missing sanity check on the probed-session count. When there are more than FASTRPC_MAX_SESSIONS sessions defined in the devicetree, memory could be corrupted beyo...

7.8CVSS6.7AI score0.00206EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.72 views

CVE-2022-49959

The CVE-2022-49959 entry concerns a memory-leak in the Linux kernel related to openvswitch datapath creation. The root cause was that ovs_dp_cmd_new()->ovs_dp_change()->ovs_dp_set_upcall_portids() allocated an array with kmalloc but did not always free dp->upcall_portids when new_vport()...

5.5CVSS6.6AI score0.00157EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.72 views

CVE-2022-49972

In CVE-2022-49972, the Linux kernel vulnerability concerns XDP_SHARED_UMEM mode (with aligned mode) where packets become corrupted for the second and subsequent sockets bound to the same umem; the first socket is unaffected. The root cause was that DMA addresses for the pre-populated xsk buffer p...

5.5CVSS6.7AI score0.00184EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.72 views

CVE-2022-49987

CVE-2022-49987 concerns the Linux kernel md subsystem. The provided documents show the vulnerability arises from md_stop path handling where __md_stop_writes should be stopped earlier to align with normal md-raid and fix a KASAN issue. Multiple advisories (Unity Linux UTSA-2026-004867/992895 and ...

5.5CVSS6.5AI score0.0021EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.72 views

CVE-2022-50142

CVE-2022-50142 : In the Linux kernel, the intel_th: msu component was fixed to account for DMA buffers that may be allocated via vmalloc() after the patch set removing CONFIG_DMA_REMAP, which could disrupt the mmapping code during faults (msc_mmap_fault). The described issue arises from a possibl...

7.8CVSS6.8AI score0.00168EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.72 views

CVE-2022-50171

CVE-2022-50171 is a Linux kernel issue in crypto: hisilicon/sec where a mutex lock is used during softirq, causing scheduling while atomic when kunpeng920 encryption driver processes packets in softirq. Affected component: Linux kernel crypto path for Hisilicon/sec; root cause: sleeping in softir...

5.5CVSS6.5AI score0.00131EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.72 views

CVE-2022-50199

Mode C: The CVE-2022-50199 issue affects the Linux kernel on ARM (OMAP2+). The root cause is a refcount leak in omapdss_init_of: omapdss_find_dss_of_node() calls of_find_compatible_node() which returns a node with a refcount incremented, but of_node_put() is not always called. The fix adds missin...

5.5CVSS6.4AI score0.00203EPSS
CVE
CVE
added 2023/06/23 12:0 a.m.72 views

CVE-2023-3317

CVE-2023-3317 is a use-after-free flaw in the Linux kernel’s MediaTek MT7921E WiFi driver (mt7921_check_offload_capability in drivers/net/wireless/mediatek/mt76/mt7921/init.c). The defect can crash the system after releasing the internal memory for device features and may enable a kernel informat...

7.1CVSS6.4AI score0.00238EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.72 views

CVE-2023-52785

CVE-2023-52785 affects the Linux kernel, specifically the SCSI UFS core. The issue is a race between ufshcd_mcq_abort() and the ISR: when a command timeout occurs and a CQ complete IRQ arrives concurrently, ufshcd_mcq_abort clears lprb->cmd, leading to a NULL pointer dereference in the ISR. Th...

4.7CVSS6.7AI score0.00179EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.72 views

CVE-2023-52839

CVE-2023-52839 describes a Linux kernel vulnerability in perf where broadcasting to other CPUs when starting a counter was removed as part of a fix (commit 3fec323339a4). Root cause: unnecessary broadcast in perf code could lead to a warning and potential instability; fix eliminates the broadcast...

3.3CVSS6.5AI score0.00209EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.72 views

CVE-2023-52848

Summary (CVE-2023-52848) : The issue, reported for the Linux kernel’s f2fs file system, centers on a bug during f2fs_put_super() where the meta_inode page cache is not dropped after an IO error in f2fs_wait_on_all_pages. This can lead to a reference-count leak and a kernel panic during unmount. T...

5.5CVSS6.5AI score0.00236EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.72 views

CVE-2023-52897

CVE-2023-52897 affects the Linux kernel Btrfs quota management (qgroup) accounting. Root cause: after introducing NO_ACCOUNTING, some qgroup records could have old_roots unset (NULL). During a qgroup rescan, NO_ACCOUNTING is cleared and current transaction is committed, which may trigger a WARN_O...

4.7CVSS6.4AI score0.00198EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.72 views

CVE-2023-52981

The CVE-2023-52981 entry concerns the Linux kernel's DRM/i915 path, where GuC-enabled error capture and debugfs dump handling introduced incorrect reference counting for the request object. The issue affects the context-based search and execlist-based search paths, requiring proper get/put refere...

5.5CVSS6.7AI score0.0021EPSS
CVE
CVE
added 2024/04/17 10:14 a.m.72 views

CVE-2024-26850

CVE-2024-26850 concerns the Linux kernel bug in mm/debug_vm_pgtable related to pud_advanced_tests for PUD entries on architectures such as powerpc. Affected code could trigger a kernel panic (BUG_ON) when debug checks are active (CONFIG_DEBUG_VM), with traces pointing to radix_pgtable.c and pgtab...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/06/25 2:25 p.m.72 views

CVE-2024-39465

CVE-2024-39465 affects the Linux kernel's media: mgb4 path. A double removal of debugfs entries (debugfs_remove_recursive)—removing a parent directory and then its child—could trigger a kernel panic. The connected documents confirm a fix was applied in the Linux kernel to prevent this double-remo...

5.5CVSS6.9AI score0.00184EPSS
CVE
CVE
added 2024/07/12 12:44 p.m.72 views

CVE-2024-41003

The CVE-2024-41003 entry concerns a Linux kernel BPF verifier bug: after a prior OR, line 19 triggers a REG INVARIANTS VIOLATION due to a corrupted fake_reg when reg_set_min_max is applied to a known-constant branch. The issue arises in the BPF subsystem’s handling of register invariants during a...

7.8CVSS6.6AI score0.00281EPSS
CVE
CVE
added 2024/07/29 2:31 p.m.72 views

CVE-2024-41029

CVE-2024-41029 — Linux kernel (nvmem/core) Affected: Linux kernel components handling non-volatile memory (nvmem). Issue: the cell sysfs attribute could expose more access to nvmem data than the main attribute, e.g., when nvme_config::root_only was set, the cell attribute still allowed reads for ...

5.5CVSS6.4AI score0.00268EPSS
CVE
CVE
added 2024/07/29 2:32 p.m.72 views

CVE-2024-41043

The CVE-2024-41043 entry concerns a Linux kernel netfilter nfnetlink_queue issue where a WARN_ON can be triggered when rules are flushed/deleted while a packet is in flight. The root cause is a bogus WARN_ON that existed since v4.14; the fix removes this WARN_ON and uses a more recent fixes tag i...

5.5CVSS6.5AI score0.00232EPSS
CVE
CVE
added 2024/07/30 7:45 a.m.72 views

CVE-2024-42099

The CVE-2024-42099 issue affects the Linux kernel s390/dasd subsystem. It concerns indirect addressing for DASD CCWs (IDAW) where the CCW CDA pointer points to IDAL and must be translated from physical to virtual before use. Dereferencing this pointer can cause a kernel panic in error paths, incl...

5.5CVSS6.4AI score0.00205EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.72 views

CVE-2024-42111

CVE-2024-42111 affects the Linux kernel BTRFS qgroup handling. The root cause was a patch (b5357cb268c4) that skipped the qgroup inherit checks when qgroup is disabled, allowing a malformed btrfs_qgroup_inherit structure to pass. This could lead to a slab-out-of-bounds read (KASAN) during transac...

6.3CVSS6.7AI score0.00206EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.72 views

CVE-2024-44976

MODE C: CVE-2024-44976 involves the Linux kernel pata_macio driver (ata/pata_macio) where a change to max_segment_size to 64KB caused DMA table overflow on large SG lists, leading to kernel BUGs on 32-bit PowerMacs. The issue arises when oversized requests trigger the split logic, overflowing the...

5.5CVSS5.3AI score0.00196EPSS
CVE
CVE
added 2024/12/27 1:50 p.m.72 views

CVE-2024-53235

The CVE-2024-53235 entry documents a Linux kernel issue where erofs file-backed mounts over FUSE caused a null pointer dereference in fuse_read_args_fill during reads (fuse_read_folio path), potentially affecting read I/O that requires valid file pointers on certain network/FUSE filesystems. The ...

5.5CVSS6.4AI score0.0017EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.72 views

CVE-2025-21730

CVE-2025-21730 affects the Linux kernel WiFi driver rtw89. The issue occurs during WoWLAN resume when an interface is re-added without removing the previous entry, causing mgnt_entry list to be initialized twice and leading to list corruption (list_add_tail on an already linked entry). The fix ad...

5.5CVSS6.5AI score0.00168EPSS
CVE
CVE
added 2025/04/01 3:47 p.m.72 views

CVE-2025-21983

CVE-2025-21983 describes a Linux kernel vulnerability where kvfree_rcu used the system_unbound_wq workqueue, potentially triggering a warning in nvme/scsi workflows due to flush_dependency checks. The mitigation documented in the sources is to switch kvfree_rcu to an independent WQ_MEM_RECLAIM wo...

7.8CVSS7AI score0.00183EPSS
CVE
CVE
added 2025/04/03 7:19 a.m.72 views

CVE-2025-22006

CVE-2025-22006 affects the Linux kernel net/ethernet ti am65 cpsw driver: registering TX/RX DMA interrupts before their NAPI callbacks can cause a NULL pointer dereference. The issue has been fixed in kernel commits (see kernel.org references) and Astra/Oracle advisories indicate the vulnerabilit...

5.5CVSS7.1AI score0.00174EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.72 views

CVE-2025-38025

The CVE-2025-38025 issue affects the Linux kernel IIO ADC driver for the ad7606 bus. The root cause is a NULL dereference when calling sw_mode_config() because the callback may not be defined on all buses. The vulnerability can lead to a crash via NULL-pointer dereference in vulnerable configurat...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.72 views

CVE-2025-38047

CVE-2025-38047 : Linux kernel x86/FRED: The system can hang on S4 resume when FRED is enabled. The issue arises because, after loading a hibernation image, the image kernel reuses original page frames while the FRED MSRs may still hold values set by the restore kernel. The image kernel must ensur...

5.5CVSS6.3AI score0.00157EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.72 views

CVE-2025-38114

CVE-2025-38114 : In the Linux kernel, a deadlock could occur in the e1000 path due to e1000_down calling cancel_work_sync for the e1000_reset_task while RTNL is held. The fix moves cancel_work_sync to happen when the device is being removed (not during normal down), and makes e1000_reset_task a n...

5.5CVSS7.1AI score0.00105EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.72 views

CVE-2026-22990

CVE-2026-22990 affects the Linux kernel libceph component, where an overzealous BUG_ON in osdmap_apply_incremental() could misreact to a maliciously corrupted incremental osdmap epoch. The mitigation is to treat such an incongruent incremental osdmap as invalid rather than triggering a BUG. Conne...

7.5CVSS5.2AI score0.00341EPSS
CVE
CVE
added 2001/09/18 4:0 a.m.71 views

CVE-2001-0405

Concrete details: CVE-2001-0405 affects ip_conntrack_ftp inside the Linux 2.4 iptables RELATED connection tracking. A crafted FTP PORT command could cause the firewall to allow an arbitrary IP/port through the RELATED table, bypassing access restrictions. Implication: arbitrary firewall holes for...

7.5CVSS6.9AI score0.10253EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.71 views

CVE-2002-0060

CVE-2002-0060 affects the Linux kernel netfilter IRC DCC connection-tracking helper in 2.4.x (notably 2.4.14–2.4.18-pre8/9). The bug sets an overly broad conntrack mask, causing firewall rules to be more permissive than intended and potentially allowing inbound connections that bypass restriction...

7.5CVSS6.7AI score0.04894EPSS
CVE
CVE
added 2005/02/24 5:0 a.m.71 views

CVE-2005-0530

CVE-2005-0530 is a signedness error in the copy_from_read_buf function in n_tty.c of the Linux kernel (affected: 2.6.10 and 2.6.11rc1) that allows local users to read kernel memory via a negative argument. The vulnerability is documented across multiple advisories, including Red Hat (RHSA-2005:36...

2.1CVSS5AI score0.00474EPSS
CVE
CVE
added 2005/03/23 5:0 a.m.71 views

CVE-2005-0839

CVE-2005-0839 affects the Linux kernel 2.6 family, where access to the N_MOUSE line discipline for TTYs was not restricted. This allowed a local attacker to inject mouse movements or keystrokes into other user sessions, potentially enabling privilege escalation. The issue is fixed in later kernel...

7.2CVSS5.4AI score0.00383EPSS
CVE
CVE
added 2006/01/06 11:0 a.m.71 views

CVE-2006-0095

CVE-2006-0095 affects dm-crypt in Linux kernel 2.6.15 and earlier, where an internal structure isn’t cleared before freeing, potentially leaking cryptographic key material to local users. Connected advisories (e.g., RHSA-2006:0132 and Debian DSA-1017-1) confirm the issue and describe the fix as a...

2.1CVSS4.8AI score0.00434EPSS
CVE
CVE
added 2006/03/07 2:0 a.m.71 views

CVE-2006-0741

CVE-2006-0741 affects the Linux kernel before 2.6.15.5 on Intel EM64T/Intel processors. The issue enables a local denial of service via an endlessly recursive fault caused by a bad ELF entry address. The vulnerability is exploited locally (no authentication required). The documented fixes indicat...

1.2CVSS5.6AI score0.00367EPSS
Total number of security vulnerabilities14330