Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2024/05/17 11:40 a.m.70 views

CVE-2024-27406

CVE-2024-27406 refers to a Linux kernel issue where the iov_iter unit test (TEST_IOV_ITER) incorrectly depended on MMU, causing a crash on nommu systems (e.g., qemu kc705-nommu) when vmap() is invoked. The root cause is that vmap() is not supported on nommu, leading to a kernel panic. The vulnera...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2024/07/12 12:31 p.m.70 views

CVE-2024-40949

CVE-2024-40949: Linux kernel vulnerability in shmem swapin where replacing an old shmem folio could cause mem_cgroup_migrate() to clear the old folio’s memcg data, leading to incorrect memcg lruvec association and potential LRU list crashes or wrong statistics. The fix branches to use mem_cgroup_...

5.5CVSS7AI score0.00208EPSS
CVE
CVE
added 2024/07/29 3:47 p.m.70 views

CVE-2024-41083

CVE-2024-41083 affects the Linux kernel netfs code path. The flaw in netfs_page_mkwrite() could dereference a NULL folio->mapping when the folio lock is held, causing kernel oopses during mmap/write scenarios. The fix ensures folio->mapping is valid after taking the folio lock (consistent w...

5.5CVSS6.3AI score0.00196EPSS
CVE
CVE
added 2024/08/17 9:21 a.m.70 views

CVE-2024-43815

CVE-2024-43815 affects the Linux kernel crypto/mxs-dcp path. The vulnerability could leak stack memory via the AES payload field when using a hardware key from a key slot; the fix sets the payload field to 0 in these cases. The common path, where the key comes from main memory via the descriptor ...

7.1CVSS6.4AI score0.00213EPSS
CVE
CVE
added 2024/08/20 11:45 p.m.70 views

CVE-2024-43862

CVE-2024-43862 affects the Linux kernel’s net: wan: fsl_qmc_hdlc component. The root cause is using a spinlock (carrier_lock) to protect carrier detection while framer_get_status() may take a mutex, creating a potential deadlock. The issue is addressed by converting carrier_lock from a spinlock t...

5.5CVSS6.5AI score0.00141EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.70 views

CVE-2025-21717

CVE-2025-21717 affects the Linux kernel mlx5e path: kvzalloc_node lacks cpu_to_node conversion, allowing an out-of-bounds access when ethtool/netlink calls mlx5e_open on a CPU above MAX_NUMNODES, potentially panicking the kernel. The issue is fixed by adding a missing cpu_to_node conversion to ml...

7.1CVSS6.2AI score0.00158EPSS
CVE
CVE
added 2025/03/07 9:9 a.m.70 views

CVE-2025-21841

CVE-2025-21841 : Linux kernel vulnerability in cpufreq/amd-pstate where amd_pstate_update_limits() takes a cpufreq_policy reference but fails to decrement the refcount on an exit path. This can lead to a use-after-free or resource mismanagement depending on refcount handling. The issue is resolve...

5.5CVSS7.1AI score0.00181EPSS
CVE
CVE
added 2025/03/07 9:10 a.m.70 views

CVE-2025-21842

CVE-2025-21842 concerns the Linux kernel amdkfd code: a destructor for GTT memory (amdgpu_amdkfd_free_gtt_mem) takes void** but may be called with a void* due to implicit casting, causing errors during execution. The issue was fixed in the kernel (as described in the Astra Linux advisory and the ...

5.5CVSS7.1AI score0.00212EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.70 views

CVE-2025-38056

The CVE-2025-38056 vulnerability affects the Linux kernel ASoC: SOF Intel HDA path. Specifically, hda_generic_machine_select() appends -idisp to the tplg filename by allocating a new string and storing it into a global, which becomes a freed pointer after module unloads, enabling a use-after-free...

7.8CVSS6.5AI score0.00161EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.69 views

CVE-1999-0628

The CVE-1999-0628 issue involves the rwho/rwhod service, which exposes machine status and user information. Documents reference the vulnerable component as the rwho/rwhod service; no specific product/vendor/version is named. The impact description indicates partial confidentiality exposure, with ...

5CVSS7.4AI score0.01452EPSS
CVE
CVE
added 2000/01/04 5:0 a.m.69 views

CVE-1999-0986

The CVE-1999-0986 entry concerns the Linux ping command (Linux 2.0.3x) where local users can cause a denial of service by sending oversized packets using the -R (record route) option. The available data identifies the affected component as the ping utility and the root cause as improper handling ...

5CVSS6.7AI score0.04256EPSS
CVE
CVE
added 2016/05/02 10:0 a.m.69 views

CVE-2003-1604

CVE-2003-1604 relates to the Linux kernel vulnerability in net/netfilter/nf_nat_redirect.c: nf_nat_redirect_ipv4. The connected Nessus entries indicate that Linux kernels before 4.4 are affected, where remote attackers can cause a denial of service (NULL pointer dereference/system crash) by sendi...

7.8CVSS8.6AI score0.03752EPSS
CVE
CVE
added 2004/10/26 4:0 a.m.69 views

CVE-2004-0816

CVE-2004-0816: Integer underflow in the Linux kernel’s iptables firewall logging rules prior to 2.6.8 can allow a remote attacker to crash the system via a malformed IP packet. Multiple sources (Mandrake MDKSA-2005:022, SUSE advisory, NVD, Exploit-DB/Seebug pages) confirm the vulnerability exists...

7.5CVSS7.3AI score0.11508EPSS
CVE
CVE
added 2005/01/06 5:0 a.m.69 views

CVE-2004-1333

The CVE-2004-1333 entry describes an integer overflow in the vc_resize function of Linux kernel 2.4 and 2.6 before 2.6.10, which allows local users to trigger a kernel crash (DoS) via a short new screen value that leads to a buffer overflow. This is the only concrete detail provided in the initia...

2.1CVSS7.1AI score0.00959EPSS
CVE
CVE
added 2007/10/09 10:0 a.m.69 views

CVE-2004-2731

CVE-2004-2731 concerns the Linux kernel Sbus PROM driver (drivers/sbus/char/openprom.c) allowing local code execution via integer overflows when a small buffer is passed to copyin_string or a negative size to copyin. It affects 2.4.x (up to 2.4.27) and 2.6.x (up to 2.6.7) and possibly later versi...

4.4CVSS7.3AI score0.00562EPSS
CVE
CVE
added 2005/01/20 5:0 a.m.69 views

CVE-2005-0124

Technical details about CVE-2005-0124 are not provided in the supplied documents. No concrete affected product/version or root cause information is present here; monitor for updates from official advisories.

2.1CVSS6AI score0.00564EPSS
CVE
CVE
added 2005/02/16 5:0 a.m.69 views

CVE-2005-0176

The CVE-2005-0176 issue affects the Linux kernel (2.6.9 and earlier) where shmctl-based locking of System V shared memory could be misused by local unprivileged users to unlock memory from other processes. This could cause sensitive memory contents to be swapped to disk and read by others after r...

5CVSS5.8AI score0.02218EPSS
CVE
CVE
added 2005/02/24 5:0 a.m.69 views

CVE-2005-0532

The CVE-2005-0532 issue affects the Linux kernel: the reiserfs_copy_from_user_to_file_region function in reiserfs/file.c is vulnerable on 64-bit architectures for kernel 2.6.10/2.6.11 before 2.6.11-rc4, where casting discrepancies between size_t and int can trigger a local buffer overflow. Impact...

2.1CVSS5.5AI score0.00519EPSS
CVE
CVE
added 2005/05/17 4:0 a.m.69 views

CVE-2005-1264

The CVE-2005-1264 issue is a concrete flaw in Linux kernel 2.6.x where raw devices (raw.c) call the wrong function before passing an ioctl to block devices, exposing kernel address space to userspace. This local, privilege-escalation risk is corroborated across multiple advisories (e.g., RHSA-200...

7.2CVSS5.2AI score0.00534EPSS
CVE
CVE
added 2006/01/05 11:0 a.m.69 views

CVE-2005-4618

CVE-2005-4618 corresponds to a Linux kernel local-denial-of-service issue caused by a buffer overflow in sysctl writes. Affected are Linux kernel 2.6.x before 2.6.15; exploitation could corrupt user memory or cause a denial of service via a long string, with the caveat that the vulnerability may ...

3.6CVSS5.4AI score0.00452EPSS
CVE
CVE
added 2006/03/23 11:0 p.m.69 views

CVE-2006-1368

CVE-2006-1368 affects the Linux kernel USB Gadget RNDIS driver. The vulnerability is a buffer overrun in the RNDIS response handling: during a remote NDIS response to OID_GEN_SUPPORTED_LIST the code allocates memory for the reply data but not for the reply structure, enabling a boundary condition...

10CVSS6.3AI score0.0601EPSS
CVE
CVE
added 2006/11/03 11:0 p.m.69 views

CVE-2006-5701

CVE-2006-5701 is a real issue in the Linux kernel 2.6.x squashfs module where mounting a crafted squashfs filesystem can cause a local denial of service due to a double-free condition. Affected by this vulnerability are systems using the squashfs implementation in 2.6.x kernels (as referenced by ...

4.9CVSS7.1AI score0.00852EPSS
CVE
CVE
added 2009/03/25 1:0 a.m.69 views

CVE-2009-0787

The CVE-2009-0787 issue affects the Linux kernel 2.6.28 series (before 2.6.28.9) in the eCryptfs component. The root cause is an incorrect size being used when writing kernel memory to the eCryptfs file header, which triggers an out-of-bounds read and allows a local user to obtain portions of ker...

4.9CVSS6.8AI score0.00389EPSS
CVE
CVE
added 2013/06/08 10:0 a.m.69 views

CVE-2011-3619

CVE-2011-3619 affects the Linux kernel (before 3.0) via AppArmor’s apparmor_setprocattr in security/apparmor/lsm.c. Unvalidated parameters can trigger a NULL pointer dereference/OOPS by writing to /proc/#####/attr/current, enabling local denial-of-service; kernel patch exists in 3.0+ (see ChangeL...

4.6CVSS6.2AI score0.00472EPSS
CVE
CVE
added 2013/06/08 10:0 a.m.69 views

CVE-2011-4087

CVE-2011-4087 affects the Linux kernel up to version 2.6.38, where the function br_parse_ip_options in net/bridge/br_netfilter.c fails to initialize a data structure properly. This can allow remote attackers to cause a denial of service by manipulating connectivity to an Ethernet bridge-enabled n...

7.5CVSS6.9AI score0.02669EPSS
CVE
CVE
added 2012/01/27 3:0 p.m.69 views

CVE-2011-4325

CVE-2011-4325 – Linux kernel NFS vulnerability : The NFS implementation in the Linux kernel up to 2.6.31-rc6 can dereference uninitialized data, enabling a local denial-of-service via NULL pointer dereference and an O_DIRECT oops (e.g., demonstrated with diotest4 from LTP). Affected component: ke...

4.9CVSS5.6AI score0.00384EPSS
CVE
CVE
added 2013/03/22 10:0 a.m.69 views

CVE-2013-1828

The CVE-2013-1828 issue affects the Linux kernel prior to 3.8.4, where sctp_getsockopt_assoc_stats in net/sctp/socket.c does not validate the requested size before a copy_from_user, enabling local privilege escalation via SCTP_GET_ASSOC_STATS getsockopt. Affected are kernel versions before 3.8.4;...

6.9CVSS5.9AI score0.01014EPSS
CVE
CVE
added 2013/03/22 10:0 a.m.69 views

CVE-2013-2636

The CVE-2013-2636 entry concerns the Linux kernel prior to 3.8.4, where net/bridge/br_mdb.c does not initialize certain structures. This can allow local users to read sensitive kernel memory via a crafted application. The issue is addressed by the 3.8.4 update (ChangeLog-3.8.4); remediation is to...

1.9CVSS5.4AI score0.00361EPSS
CVE
CVE
added 2013/04/22 10:0 a.m.69 views

CVE-2013-3230

CVE-2013-3230 affects the Linux kernel prior to 3.9-rc7: l2tp_ip6_recvmsg in net/l2tp/l2tp_ip6.c fails to initialize a structure member, allowing local users to obtain sensitive information from kernel stack memory via a crafted recvmsg/recvfrom. The issue is mitigated by updating the kernel to 3...

4.9CVSS5.2AI score0.0037EPSS
CVE
CVE
added 2016/08/07 9:0 p.m.69 views

CVE-2015-0568

The CVE-2015-0568 entry describes a use-after-free in the MSM-Camera driver (drivers/media/video/msm/msm_camera.c), in the msm_set_crop function, for the Linux kernel 3.x used with Qualcomm Innovation Center (QuIC) Android contributions. A crafted ioctl call from a local attacker can trigger memo...

7.8CVSS7.3AI score0.00902EPSS
CVE
CVE
added 2017/04/12 10:0 p.m.69 views

CVE-2016-5856

Technical details for CVE-2016-5856 are not publicly available in the provided documents. Monitor for updates.

7.6CVSS6.8AI score0.00588EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.69 views

CVE-2016-8413

CVE-2016-8413 is an information disclosure vulnerability in the Qualcomm camera driver on Android. The issue affects Kernel-3.10 and Kernel-3.18 environments and could let a local malicious application access data outside its usual permission level after compromising a privileged process. Impact ...

4.7CVSS4.3AI score0.00866EPSS
Web
CVE
CVE
added 2017/01/12 8:0 p.m.69 views

CVE-2016-8424

CVE-2016-8424 is an elevation-of-privilege in the NVIDIA Tegra GPU driver (NVMAP) that can let a local, unprivileged process execute code in kernel context by referencing memory after it has been freed (use-after-free). Affected: Android devices using the NVIDIA Tegra kernel driver (Kernel-3.10)....

9.3CVSS7.4AI score0.01619EPSS
CVE
CVE
added 2016/11/28 3:1 a.m.69 views

CVE-2016-9313

CVE-2016-9313 affects the Linux kernel in security/keys/big_key.c (big_key data type). The issue arises when unsuccessful crypto registration occurs in conjunction with a subsequent key-type registration, enabling local users to trigger a NULL pointer dereference and kernel panic (denial of servi...

9.3CVSS8.2AI score0.02111EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.69 views

CVE-2017-0440

CVE-2017-0440 describes an elevation-of-privilege flaw in the Qualcomm Wi‑Fi driver for Android kernels 3.10 and 3.18. A local malicious app could exploit it to execute code in the kernel context, after compromising a privileged process. The vulnerability is classified as High severity in the pub...

7.6CVSS6.6AI score0.00863EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.69 views

CVE-2017-0563

CVE-2017-0563 is an elevation-of-privilege in the HTC touchscreen driver affecting the Android kernel (Kernel-3.10). A local malicious application could execute arbitrary code in the kernel context, potentially enabling a persistent device compromise that may require reflashing. The vulnerability...

9.3CVSS7.3AI score0.00889EPSS
CVE
CVE
added 2017/06/14 1:0 p.m.69 views

CVE-2017-0648

CVE-2017-0648 is a local elevation-of-privilege in the Android kernel FIQ debugger. The issue arises from the FIQ debugger and SysRq access enabling arbitrary kernel code execution when exploited by a local attacker via a compromised device. Technical details in the connected sources show the roo...

9.3CVSS7.3AI score0.01849EPSS
Web
CVE
CVE
added 2017/04/19 11:0 p.m.69 views

CVE-2017-7979

CVE-2017-7979 affects the Linux kernel 4.11.x via the packet action API (net/sched/act_api.c). The vulnerability arises from mishandling the tb nlattr array in the cookie feature, enabling a local attacker to trigger denial of service through uninitialized memory access and a refcount underflow, ...

7.8CVSS8.1AI score0.00395EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.69 views

CVE-2021-47132

CVE-2021-47132 refers to a Linux kernel issue in the MPTCP code where sk_forward_memory could be corrupted during retransmission due to unsafe updates that did not acquire the msk spin lock. A fix was introduced that adds a new variant of the blamed function which explicitly acquires the msk spin...

7.1CVSS7AI score0.00213EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.69 views

CVE-2021-47264

The CVE-2021-47264 issue is tied to the Linux kernel ASoC core code, where a null pointer dereference in fmt_single_name() could occur if the return value of devm_kstrdup() is not checked. The connected documents confirm the vulnerability and indicate that it has been resolved by adding a check o...

5.5CVSS6.7AI score0.00222EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.69 views

CVE-2021-47292

CVE-2021-47292 affects the Linux kernel io_uring subsystem. The issue is a memory leak in io_init_wq_offload() where a leaked hash_map can occur when io_uring_enter() is called in parallel (syz-executor traffic). Root cause: missing synchronization around kzalloc/hash_map updates in io_init_wq_of...

5.5CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.69 views

CVE-2021-47312

The CVE-2021-47312 issue in Linux kernel nf_tables caused a NULL pointer dereference during error handling when flow is NULL (chain flags NFT_CHAIN_HW_OFFLOAD is false). The fix ensures nft_flow_rule_destroy is only called if flow is non-null, preventing the crash in the error path. Connected ven...

5.5CVSS5.4AI score0.0022EPSS
CVE
CVE
added 2024/06/19 2:53 p.m.69 views

CVE-2021-47593

CVE-2021-47593 concerns the Linux kernel mptcp ULP, where the kernel flag handling for fallback sockets could allow a plain TCP subflow to retain kernel ownership and trigger a kernel crash. The issue occurs when accept() returns a plain TCP sk that is still tagged as kernel, allowing setsockopt ...

5.5CVSS6.9AI score0.00246EPSS
CVE
CVE
added 2024/07/16 11:13 a.m.69 views

CVE-2022-48781

CVE-2022-48781 affects Linux kernel crypto: af_alg. The issue stems from removing alg_memory_allocated and an alg_proto memory_allocated field without a corresponding sysctl_mem, which makes sk_has_account() true and causes NULL pointer dereferences in sk_prot_mem_limits()/sock_reserve_memory whe...

5.5CVSS6.8AI score0.00195EPSS
CVE
CVE
added 2024/07/16 12:25 p.m.69 views

CVE-2022-48835

CVE-2022-48835 involves a page fault in the Linux kernel driver mpt3sas (SCSI) on a LUN reset path. A faulty invalid reply_q pointer used by mpt3sas_base_sync_reply_irqs leads to a kernel oops when processing reply queues; the described mitigation is to move the _base_process_reply_queue() call i...

5.5CVSS6.6AI score0.00239EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.69 views

CVE-2022-48873

CVE-2022-48873 affects the Linux kernel in the misc: fastrpc subsystem. The root cause is improper handling of map removal on error paths during creater_process and device_release, risking a use‑after‑free. The fixed behavior is to avoid removing the map from the list on error in fastrpc_init_cre...

7.8CVSS6.5AI score0.00241EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.69 views

CVE-2022-48937

CVE-2022-48937 affects the Linux kernel io_uring subsystem, specifically a missing schedule point introduced in io_add_buffers. The vulnerability can cause soft lockups when a loop runs ~65,535 times performing kmalloc allocations, with DEBUG features (e.g., KASAN) enabled amplifying the issue. R...

3.3CVSS7AI score0.0016EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.69 views

CVE-2022-48986

CVE-2022-48986 targets the Linux kernel memory management path for dax. The issue arises because pud_huge() returns true on x86 for dax puds, allowing the gup_pud_range path to behave unexpectedly when hugetlb is not in use, which can trigger a general protection fault and kernel panic in get_use...

5.5CVSS5.2AI score0.00243EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.69 views

CVE-2022-49198

CVE-2022-49198 targets the Linux kernel’s mptcp path. According to multiple sources, the vulnerability stems from a race in __mptcp_alloc_tx_skb where skb->tcp_tsorted_anchor is initialized before the skb release path under memory pressure, causing kfree_skb to release the destination twice an...

5.5CVSS5.3AI score0.00245EPSS
CVE
CVE
added 2025/02/26 2:13 a.m.69 views

CVE-2022-49461

CVE-2022-49461 concerns the Linux kernel where the gateway’s handling of an advertising message fails to free relay information after extraction, causing a memory leak. The root cause is in the advertisement handler not freeing allocated relay data, leading to local memory exhaustion. Multiple co...

5.5CVSS5.5AI score0.00243EPSS
Total number of security vulnerabilities14330