Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2006/06/23 10:0 a.m.71 views

CVE-2006-2445

CVE-2006-2445 is a race-condition bug in Linux kernels prior to 2.6.16.21 affecting run_posix_cpu_timers. A local attacker can trigger a denial-of-service (BUG_ON crash) by attaching a timer to a process that is exiting on a single CPU. The connected SUSE/Ubuntu/Mandriva advisories describe the s...

4CVSS5.8AI score0.00376EPSS
CVE
CVE
added 2007/05/03 5:0 p.m.71 views

CVE-2007-2480

CVE-2007-2480 affects Linux kernel 2.6.21 and earlier, in net/ipv4/udp.c. The _udp_lib_get_port function allows binding a port with a specific local address even when the port is already bound by a wildcard local address, potentially letting local users intercept local traffic for daemons or othe...

4.6CVSS6.3AI score0.00351EPSS
CVE
CVE
added 2007/12/18 12:0 a.m.71 views

CVE-2007-6417

The connected Nessus entry links CVE-2007-6417 to the Linux kernel, affecting 2.6.11–2.6.23. The root cause is in shmem_getpage (mm/shmem.c) where allocated memory is not properly cleared in rare tmpfs-related paths, potentially allowing local users to read sensitive kernel data or crash the syst...

7.2CVSS7.1AI score0.00391EPSS
CVE
CVE
added 2013/09/13 6:0 p.m.71 views

CVE-2013-2891

The CVE-2013-2891 vulnerability affects the Linux kernel HID subsystem, specifically the file drivers/hid/hid-steelseries.c. When CONFIG_HID_STEELSERIES is enabled, a crafted device can trigger a heap-based out-of-bounds write, allowing a physically proximate attacker to cause aDenial of Service....

4.7CVSS5.7AI score0.00333EPSS
CVE
CVE
added 2013/04/22 10:0 a.m.71 views

CVE-2013-3228

The CVE-2013-3228 issue affects the Linux kernel’s irda_recvmsg_dgram (net/irda/af_irda.c), where a length variable is not initialized. This allows local attackers to read sensitive data from kernel stack via crafted recvmsg/recvfrom calls. Affected: Linux kernel versions before 3.9-rc7. Impact: ...

4.9CVSS5.7AI score0.00389EPSS
CVE
CVE
added 2014/04/01 1:0 a.m.71 views

CVE-2013-7348

CVE-2013-7348 describes a double free vulnerability in the Linux kernel’s ioctx_alloc (fs/aio.c) prior to 3.12.4. An error path in aio_setup_ring can lead to a use-after-free like condition that enables a local attacker to trigger a system crash (DoS) or potentially other impact. The cited public...

4.6CVSS7.6AI score0.00365EPSS
CVE
CVE
added 2015/12/28 11:0 a.m.71 views

CVE-2015-7884

The CVE-2015-7884 issue affects the Linux kernel’s vivid-osd driver (vivid_fb_ioctl) which does not initialize a structure member, allowing local attackers to read kernel memory. Public advisories in openSUSE and Mageia document the same CVE and indicate remediation via kernel updates; e.g., open...

2.3CVSS2.9AI score0.00437EPSS
CVE
CVE
added 2016/10/10 10:0 a.m.71 views

CVE-2015-8950

CVE-2015-8950 affects the Linux kernel (arch/arm64/mm/dma-mapping.c) prior to 4.0.3, where uninitialized data structures in the ION memory-management path can be exposed via dma_mmap. This local-access vulnerability could allow a non-privileged user to read kernel memory. The public references in...

5.5CVSS4.9AI score0.01457EPSS
CVE
CVE
added 2016/05/05 9:0 p.m.71 views

CVE-2016-2059

The CVE-2016-2059 issue affects the Linux kernel IPC router module (msm_ipc_router_bind_control_port) in the IPC router core for kernel 3.x used in Qualcomm QuIC Android MSM devices. The vulnerability arises because the function does not verify that a port is a client port, enabling a local attac...

7CVSS7.4AI score0.00207EPSS
CVE
CVE
added 2017/05/12 3:0 p.m.71 views

CVE-2017-0620

CVE-2017-0620 is a local elevation-of-privilege in the Qualcomm Secure Channel Manager driver on Android, allowing a malicious local app to run code in the kernel. Affected: Android devices with Kernel-3.10/3.18 (per the CVE entry). Impact per sources is High (CVSSv3: 7.0). Affected devices liste...

7.6CVSS6.6AI score0.00632EPSS
CVE
CVE
added 2018/11/21 12:0 a.m.71 views

CVE-2018-19406

CVE-2018-19406 affects the Linux kernel up to version 4.19.2, specifically kvm_pv_send_ipi in arch/x86/kvm/lapic.c. A crafted system call can reach a state where the APIC map is uninitialized, leading to a NULL pointer dereference and a BUG, causing a local denial of service. Connected advisories...

5.5CVSS6.2AI score0.00356EPSS
CVE
CVE
added 2024/03/04 6:10 p.m.71 views

CVE-2021-47092

Summary: CVE-2021-47092 relates to a Linux kernel KVM VMX issue where setting vmx->fail during emulation_required in L2 nesting was incorrect, potentially causing a VM-Exit/VM-Fail contradiction and a warning during teardown (nested_vmx_vmexit). The fix reverts that change so vmx->fail is n...

5.5CVSS6.5AI score0.00288EPSS
CVE
CVE
added 2024/03/25 9:7 a.m.71 views

CVE-2021-47151

CVE-2021-47151 affects the Linux kernel interconnect: qcom bcm-voter code. The root cause is a missing of_node_put() in of_bcm_voter_get(), leading to a reference leak. This vulnerability pertains to the bcm-voter path within Qualcomm interconnect and can impact kernel reference handling. A patch...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/03/25 9:16 a.m.71 views

CVE-2021-47164

CVE-2021-47164 is a Linux kernel vulnerability fixed by correcting a NULL dereference in net/mlx5e related to lag device handling. Explanation: in bond_enslave(), the active/backup slave was set before the upper dev is assigned; a second event with an upper dev can occur, and if lag dev is NULL a...

5.5CVSS6AI score0.00232EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.71 views

CVE-2021-47533

CVE-2021-47533 affects the Linux kernel drm/vc4: kms path. A use-after-free could occur when duplicating state due to a stale HVS FIFO commit pointer not being cleared after waiting on the previous FIFO user. The fix sets the HVS FIFO commit pointer to NULL once the wait completes to prevent carr...

7.8CVSS6.7AI score0.00216EPSS
CVE
CVE
added 2024/05/24 3:12 p.m.71 views

CVE-2021-47561

CVE-2021-47561 affects the Linux kernel i2c virtio driver. The issue arises when a timeout occurs: the device can continue operating on buffers the guest has freed, risking data corruption on the I2C bus and potential memory corruption inside the guest. The root cause is improper timeout handling...

7.8CVSS6.6AI score0.00202EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.71 views

CVE-2021-47655

CVE-2021-47655 affects the Linux kernel component media: venus: vdec. The root cause is a memory-leak risk in venus_helper_alloc_dpb_bufs() where an early return on an error path (ida_alloc_min()) could skip releasing previously allocated buffers. The fix moves the direct kfree() from the dma_all...

5.5CVSS5.4AI score0.00231EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.71 views

CVE-2022-48729

CVE-2022-48729 (Linux kernel) concerns an issue in IB/hfi1 where increasing ipoib send_queue_size could trigger a kernel panic. The root cause, as described in the supplied docs, is a miscalculation: a shift was treated as a function of the ring size instead of the item size, leading to a panic i...

5.5CVSS7.2AI score0.00196EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.71 views

CVE-2022-48753

CVE-2022-48753 : In the Linux kernel, a memory leak affects the disk Register/IA ranges path. The root cause is an extra reference from kobject_init_and_add() when it fails, leading to allocated memory not being freed. The fix adds a kobject_put() call to ensure proper cleanup and updates the blk...

5.5CVSS7AI score0.00179EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.71 views

CVE-2022-48795

CVE-2022-48795 maps to a PA-RISC Linux kernel issue: overrunning sglist in sba_unmap_sg caused a Data TLB miss and null-pointer dereference, leading to a kernel panic. The root cause was testing sg_dma_len(sglist) before confirming remaining entries (nents), which could cross a page boundary and ...

5.5CVSS6.4AI score0.00239EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.71 views

CVE-2022-48880

CVE-2022-48880 is a Linux kernel issue in platform/surface/aggregator where ssam_request_sync_init() can fail and the request may leak unless ssam_request_sync_free() is called. The fix adds the missing call to ssam_request_sync_free() to ensure proper freeing when initialization fails. This is a...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.71 views

CVE-2022-48896

CVE-2022-48896 concerns a PCI device refcount leak in the Linux kernel’s ixgbe driver. The root cause, per the provided documents, is that pci_get_domain_bus_and_slot() returns a PCI device with an incremented refcount and callers must balance with pci_dev_put(). In affected paths (ixgbe_get_firs...

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2024/08/22 1:33 a.m.71 views

CVE-2022-48924

CVE-2022-48924 relates to the Linux kernel, describing a memory-leak in the int340x thermal driver during int3400_notify() on Tiger Lake, leading to unreferenced objects and potential memory pressure. The provided documents consistently show the root cause as a leak in the int3400_notify path and...

5.5CVSS6.5AI score0.0021EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.71 views

CVE-2022-48927

CVE-2022-48927 refers to a Linux kernel issue in iio: adc: tsc2046 where memory corruption occurred due to an array overflow. The root cause was a mismatch: indio_dev->num_channels counted physical channels plus a timestamp channel, while the target array was allocated only for physical channe...

7.8CVSS6.9AI score0.00218EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.71 views

CVE-2022-49454

CVE-2022-49454 concerns the Linux kernel Mediatek PCI subsystem: a refcount leak in mtk_pcie_subsys_powerup() caused by of_find_compatible_node() returning a node pointer with an incremented refcount. The issue is resolved by adding a missing of_node_put() to release the refcount when the node is...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.71 views

CVE-2022-49633

In the Linux kernel (CVE-2022-49633), a data-race was fixed in icmp_echo_enable_probe where readers could observe concurrent writes. The mitigation adds READ_ONCE() to readers to prevent reading torn data. The provided connected docs confirm this resolution and describe the underlying issue and f...

4.7CVSS6.5AI score0.00167EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.71 views

CVE-2022-49692

The CVE-2022-49692 issue is a Linux kernel fix for the at803x PHY NULL pointer dereference on AR9331 PHY. The vulnerability manifested as kernel paging fault during PHY interrupt handling, traced to AR9331 switch/MDIO initialization and phylink/dsa probe paths. The remedy is in the latest kernel ...

5.5CVSS5.3AI score0.00227EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.71 views

CVE-2022-49774

CVE-2022-49774 affects the Linux kernel (KVM: x86/xen) and concerns eventfd error handling in kvm_xen_eventfd_assign(). The root cause was calling eventfd_ctx_put() on error; a patch introduces a new goto target to handle the error instead. The documents confirm the fix has been applied and refer...

5.5CVSS6.6AI score0.0014EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.71 views

CVE-2022-49950

CVE-2022-49950 affects the Linux kernel: a bug in misc: fastrpc where the probe session-duplication overflow increments the session count even when no sessions are available, allowing memory corruption beyond the fixed-size slab-allocated fastrpc_session array during open(). This was fixed in the...

7.8CVSS7.1AI score0.00206EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.71 views

CVE-2022-49968

CVE-2022-49968 concerns a race condition in the Linux kernel’s ieee802154/adf7242 path causing a use-after-free between adf7242_remove and adf7242_channel due to the upper layer not synchronizing on detaching events. The root cause is that adf7242_channel can be called without checks while destro...

4.7CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.71 views

CVE-2022-49999

CVE-2022-49999 : In the Linux kernel, a race between caching free space for a block group and returning free space to the in‑memory space cache for pinned extents can cause double‑adding free space, corrupting the Btrfs free space tree and space cache. Symptoms include EEXIST when re‑adding freed...

7.8CVSS6.7AI score0.00211EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.71 views

CVE-2022-50001

The CVE-2022-50001 issue affects the Linux kernel netfilter component nft_tproxy. The root cause was that TPROXY could be used from non-prerouting paths, leading to a null dereference crash. The fix restricts nft_tproxy to the prerouting hook, requiring a check that it runs only in prerouting. Th...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.71 views

CVE-2022-50005

The CVE-2022-50005 issue concerns Linux kernel NFC code for pn533 devices. The root cause is a use-after-free caused by a timer (cmd_timeout) not being canceled during pn532_uart_remove(), allowing a concurrent use path to dereference freed memory. The fix adds del_timer_sync() in pn532_uart_remo...

7.8CVSS6.6AI score0.00207EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.71 views

CVE-2022-50007

CVE-2022-50007: In the Linux kernel xfrm_policy_check(), on the error path when fetching pols[1] fails, pols[0] is not decremented, causing a refcount leak. The fix adds a decref for pols[0] in that path. Affected component: Linux kernel xfrm policy check. Impact described as memory leaks on erro...

5.5CVSS6.4AI score0.0021EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.71 views

CVE-2022-50047

The CVE-2022-50047 issue affects the Linux kernel’s net: dsa mv88e6060 code. When a port is neither a CPU port nor a user port, cpu_dp can be NULL, causing a NULL pointer dereference and kernel crash during mv88e6060_setup_port(). This is a local impact vulnerability that leads to a crash; connec...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.71 views

CVE-2022-50134

CVE-2022-50134 affects the Linux kernel RDMA/hfi1 path. The issue is a memory leak in setup_base_ctxt(): when allocating a uctxt->groups chunk via hfi1_alloc_ctxt_rcv_groups(), failure of init_user_ctxt() can leave uctxt->groups unreleased, causing a leak. The referenced advisories specify ...

5.5CVSS6.4AI score0.00208EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.71 views

CVE-2022-50143

CVE-2022-50143 : In the Linux kernel intel_th, there is a resource leak path in error handling after pci_alloc_irq_vectors(); pci_free_irq_vectors() must be called as already done in the remove function. The issue, if triggered, affects the kernel’s handling of IRQ vectors and can impact availabi...

5.5CVSS6.4AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.71 views

CVE-2022-50145

The CVE-2022-50145 issue affects the Linux kernel’s dmaengine sf-pdma path. A data race allows multiple threads to rewrite a DMA channel descriptor, risking NULL pointer dereference and OOPS/hang when device_prep_dma_memcpy() is called concurrently. The vulnerability manifests as a multithreading...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.71 views

CVE-2022-50189

CVE-2022-50189 relates to a Linux kernel turbostat issue where a FILE pointer leak occurs if fscanf fails, causing an open file pointer to be leaked on an early return. The fix closes the file before returning (turbostat.c:2039) to remediate the resource leak. Affected component: Linux kernel tur...

7.1CVSS6.5AI score0.00195EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.71 views

CVE-2022-50198

CVE-2022-50198 applies to the Linux kernel ARM OMAP2+ stack. The vulnerability arises from a refcount leak in omap3xxx_prm_late_init: of_find_matching_node() returns a node pointer with a refcount incremented, and of_node_put() was added to release it when no longer needed. The patch fixes the le...

5.5CVSS6.4AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.71 views

CVE-2022-50209

The CVE-2022-50209 issue in the Linux kernel concerns a refcount leak in meson_mx_socinfo_init. The root cause is that of_find_matching_node() can return a node pointer with an incremented refcount, requiring an of_node_put() when the reference is no longer needed. The fix adds the missing of_nod...

5.5CVSS6.4AI score0.00194EPSS
CVE
CVE
added 2025/06/18 11:4 a.m.71 views

CVE-2022-50231

Root cause: in neon_poly1305_blocks, when both s[] and r[] are uninitialized, the code incorrectly uses the first 32-byte block to initialize s[] (first 16 bytes as key, next 16 as s[]), causing a read-out-of-bounds. The patch fixes this by ensuring the initialization uses poly1305_init_arm64() (...

7.1CVSS6.6AI score0.00198EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.71 views

CVE-2023-52896

The CVE-2023-52896 issue affects the Linux kernel’s btrfs quota handling. A race between the quota rescan path and quota disable can lead the rescan worker to dereference a NULL quota_root, causing a NULL pointer dereference in btrfs_start_transaction. The root cause is that task B clears fs_info...

4.7CVSS6.4AI score0.00239EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.71 views

CVE-2023-53009

The CVE-2023-53009 entry concerns the Linux kernel DRM/AMDKFD path. It describes a fix where a sync is added after creating a VRAM buffer (vram bo) to ensure initialization completes before memory is written by SVM. Without this synchronization there is a risk of data corruption on VRAM allocated...

5.5CVSS6.8AI score0.00159EPSS
CVE
CVE
added 2024/05/17 1:23 p.m.71 views

CVE-2024-35816

CVE-2024-35816 (Linux kernel, firewire_ohci) is resolved by the patch that prevents leaking a leftover IRQ on unbind. The change, including commit 5a95f1ded28691e6, switches to devres for the requested IRQ and removes the call to free_irq() in pci_remove(), which previously left a devm_request_ir...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2024/06/25 2:28 p.m.71 views

CVE-2024-39470

CVE-2024-39470 : In the Linux kernel, a null-pointer dereference could occur in eventfs_find_events() when ei is NULL after update_events_attr, potentially leading to a crash if ei->is_freed is set. The issue has been resolved via kernel patches (stable releases) implementing a guard that retu...

5.5CVSS7AI score0.00213EPSS
CVE
CVE
added 2024/07/12 12:31 p.m.71 views

CVE-2024-40951

CVE-2024-40951 affects the Linux kernel (OCFS2 subsystem). The issue is a NULL pointer dereference in ocfs2_abort_trigger() caused by bdev->bd_super removal and an incorrect use of bh->b_assoc_map without proper initialization, leading to a crash when the function is invoked. The provided s...

5.5CVSS7.1AI score0.00239EPSS
CVE
CVE
added 2024/07/12 12:37 p.m.71 views

CVE-2024-40992

CVE-2024-40992 concerns the Linux kernel RDMA/rxe stack. The root cause was an incorrect resilience check for UD QP receive data: a deferred responder length check in the function copy_data (via commit 689c5421bfe0) could trigger an oversized UD packet to fail with -EINVAL, causing send_data_in t...

5.5CVSS6.7AI score0.00268EPSS
CVE
CVE
added 2024/07/29 2:31 p.m.71 views

CVE-2024-41033

The CVE-2024-41033 issue affects the Linux kernel cachestat component. The root cause is that cachestat() flushed stats while in an RCU read section, which can sleep during workingset_test_recent(). The fix moves the stat-flushing step to occur before the RCU read section and skips stat flushing ...

5.5CVSS6.4AI score0.00288EPSS
CVE
CVE
added 2024/07/29 2:32 p.m.71 views

CVE-2024-41052

CVE-2024-41052 : In the Linux kernel, the VFIO PCI subsystem misused an uninitialized local variable named count during collection of hot-reset devices, causing device-counting mistakes and possible userspace crashes when invoking the hot‑reset info path. The issue has been resolved by initializi...

5.5CVSS6.6AI score0.00272EPSS
Total number of security vulnerabilities14330