Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/05/01 2:9 p.m.69 views

CVE-2022-49766

The CVE-2022-49766 entry concerns the Linux kernel netlink path: it fixes a bounds-check issue in the creation of struct nlmsgerr. The underlying cause was related to a memcpy across a composite flexible array struct, which is mitigated by switching from __nlmsg_put to nlmsg_put() and explaining ...

5.5CVSS6.6AI score0.0014EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.69 views

CVE-2022-49963

The CVE-2022-49963 entry describes a Linux kernel issue in drm/i915/ttm CCS handling. Root cause: in migrate_copy(), plain integer arithmetic can overflow when handling large objects; emitting PTEs uses the full object size, and copies fail because only a few fixed-size windows exist for mapping ...

5.5CVSS6.8AI score0.00179EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.69 views

CVE-2022-50059

CVE-2022-50059 affects the Linux kernel; the issue occurs in the ceph path where handle_cap_grant on an IMPORT operation may fail to release the snap_rwsem, potentially causing a deadlock. The vulnerability detail is supported by multiple connected Nessus/OpenVAS advisories (e.g., EulerOS/Unity L...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50141

In CVE-2022-50141, the Linux kernel component mmc: sdhci-of-esdhc had a refcount leak in esdhc_signal_voltage_switch caused by of_find_matching_node() returning a node pointer with an incremented refcount. The fix adds a missing of_node_put() to release refs when the node is no longer needed, pre...

5.5CVSS6.4AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50155

CVE-2022-50155 concerns the Linux kernel MTDi parsing code: a refcount leak in bcm4908_partitions_fw_offset was fixed by ensuring of_node_put() is called after of_find_node_by_path() returns a node. The vulnerability affects the kernel component responsible for partition parsing (mtd: parsers: of...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50161

CVE-2022-50161 is a Linux kernel vulnerability where the of_flash_probe_versatile refcount leak is fixed. The root cause is that of_find_matching_node_and_match() returns a node pointer with an incremented refcount, and the patch adds a missing of_node_put() to release it when no longer needed. D...

5.5CVSS6.4AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50184

The CVE-2022-50184 issue in the Linux kernel concerns a refcount leak in the Meson HDMI encoder path. Specifically, in drm/meson: encoder_hdmi_init, of_graph_get_remote_node() returns a remote device node pointer with an incremented refcount, and a missing of_node_put() could lead to a leak. The ...

5.5CVSS6.5AI score0.00202EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50186

The CVE-2022-50186 entry concerns a Linux kernel issue in ath11k where on htc_tx_completion error the skb was not dropped, leading to a memory leak. The documented fix ensures the skb is freed on eid >= ATH11K_HTC_EP_COUNT before returning, as the completion_handler expects consumption even in...

5.5CVSS6.5AI score0.00205EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50197

In CVE-2022-50197, the Linux kernel vulnerability affects the cpufreq: zynq component. The root cause is a refcount leak when retrieving a device node: of_find_compatible_node() returns a node pointer with an incremented refcount, and missing of_node_put() on cleanup leads to a leak. The fix adds...

5.5CVSS6.4AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50203

CVE-2022-50203 affects the Linux kernel ARM OMAP2+ display path. The described issue is a refcount leak in omapdss_init_fbdev where of_find_node_by_name() can return a node with an incremented refcount. The recommended action is to call of_node_put() when the node is no longer used to prevent the...

5.5CVSS6.5AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.69 views

CVE-2022-50207

Summary (CVE-2022-50207) : In the Linux kernel, ARM bcm Kona handling had a refcount leak in bcm_kona_smc_init. The root cause: of_find_matching_node() returns a node pointer with an incremented refcount and may not be released. The patch adds a missing of_node_put() to drop the reference when th...

5.5CVSS6.4AI score0.00208EPSS
CVE
CVE
added 2023/08/07 3:21 a.m.69 views

CVE-2023-20810

CVE-2023-20810 affects the IOMMU component in MediaTek platforms. Root cause: improper input validation in the IOMMU leading to potential local information disclosure with required system execution privileges. Exploitation described as local, with no user interaction needed. Impact per documents:...

4.4CVSS4.3AI score0.00086EPSS
CVE
CVE
added 2024/06/24 1:56 p.m.69 views

CVE-2024-37026

CVE-2024-37026 is a Linux kernel vulnerability affecting the DRM/xe path: the GuC context scheduling queue can deadlock when a migration job is queued behind a fault due to shared engines with user jobs. The issue arises because the migrate exec queue could be serviced behind non-reserved BCS ins...

5.5CVSS6.5AI score0.00184EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.69 views

CVE-2024-40933

The CVE-2024-40933 entry concerns a Linux kernel IIO temperature driver mlx90635 issue. The vulnerability arises in mlx90635_probe() where a failure of devm_regmap_init_i2c() could yield regmap_ee as an error pointer rather than being checked with IS_ERR(regmap_ee), effectively a copy-paste error...

5.5CVSS6.5AI score0.00208EPSS
CVE
CVE
added 2024/07/12 12:31 p.m.69 views

CVE-2024-40950

CVE-2024-40950 (Linux kernel) : The issue concerns mistaken use of mapping_large_folio_support for anonymous folios in THP handling, causing a mis-split of anon THP when splitting huge pages. Root cause: anon folios could be passed to mapping_large_folio_support() in split_huge_page_to_list_to_or...

5.5CVSS6.4AI score0.00208EPSS
CVE
CVE
added 2024/07/12 12:32 p.m.69 views

CVE-2024-40964

The CVE-2024-40964 issue is in the Linux kernel ALSA: hda: cs35l41, where cs35l41_hda_unbind() dereferenced a codec pointer when device index could be 0. The fix uses the codec pointer stored in the cs35l41_hda structure, preventing the null pointer dereference. Severity is MEDIUM (CVSSv3.1: 5.5)...

5.5CVSS7.1AI score0.00288EPSS
CVE
CVE
added 2024/07/12 12:37 p.m.69 views

CVE-2024-40986

CVE-2024-40986 affects the Linux kernel DMA engine for Xilinx XDMA. The issue arises from data synchronization in xdma_channel_isr() where the code does not properly sequence operations before using xdma->stop_request, requiring the vchan lock prior to stop_request usage. The vulnerability is ...

5.5CVSS6.5AI score0.00229EPSS
CVE
CVE
added 2024/07/30 7:45 a.m.69 views

CVE-2024-42100

Technical details for CVE-2024-42100 are not provided in the connected documents. The materials reference the CVE but do not specify affected products, versions, root cause, impact, or fixes beyond the initial description; monitor for updates.

5.5CVSS6.4AI score0.00239EPSS
CVE
CVE
added 2024/08/17 9:21 a.m.69 views

CVE-2024-43816

CVE-2024-43816 : In the Linux kernel, the lpfc SCSI target code (lpfc_prep_embed_io) referenced a little-endian sgl->sge_len value when copying with memcpy, which could cause a memory out-of-bounds access on big-endian systems when FCP targets are zoned. The fix redefines the sgl pointer as a ...

5.5CVSS6.5AI score0.00193EPSS
CVE
CVE
added 2024/08/20 11:45 p.m.69 views

CVE-2024-43862

CVE-2024-43862 affects the Linux kernel’s net: wan: fsl_qmc_hdlc component. The root cause is using a spinlock (carrier_lock) to protect carrier detection while framer_get_status() may take a mutex, creating a potential deadlock. The issue is addressed by converting carrier_lock from a spinlock t...

5.5CVSS6.5AI score0.00141EPSS
CVE
CVE
added 2024/09/11 3:13 p.m.69 views

CVE-2024-45014

In CVE-2024-45014, Linux kernel s390/boot exposes a memory-muncertainty issue: when the kernel image is allocated, extra memory for offsetting the image start to align with the lower 20 bits of the KASLR base address was not accounted for, potentially allowing the kernel to access memory beyond i...

5.5CVSS5.1AI score0.00177EPSS
CVE
CVE
added 2024/09/11 3:13 p.m.69 views

CVE-2024-45023

CVE-2024-45023 affects the Linux kernel’s MD raid1 path. Root cause: the recovery status was not checked in raid1’s choose_bb_rdev() (and similarly in choose_slow_rdev()), allowing unrecovered data to be read when a degraded array lands valid data on slow disks while a normal disk is still recove...

7.1CVSS7AI score0.00182EPSS
CVE
CVE
added 2024/09/18 7:12 a.m.69 views

CVE-2024-46790

CVE-2024-46790 concerns the Linux kernel: when freeing PG_hwpoison pages they are isolated rather than released, leading to a warning: “alloc_tag was not set.” The Astra Linux bulletin confirms the issue and states the fix is to “clear the page tag reference after the page got isolated and accoun...

5.5CVSS5.2AI score0.00179EPSS
CVE
CVE
added 2024/12/27 2:22 p.m.69 views

CVE-2024-56553

CVE-2024-56553 is a Linux kernel memory-leak fix in the binder subsystem. The issue occurred when a freeze notification is cleared (BC_CLEAR_FREEZE_NOTIFICATION) before binder_freeze_notification_done(), leaving entries in proc->delivered_freeze queued and leaking on process exit. The patch en...

5.5CVSS6.4AI score0.00182EPSS
CVE
CVE
added 2024/12/29 11:30 a.m.69 views

CVE-2024-56743

CVE-2024-56743 affects the Linux kernel NFS path. The issue arises from holding RCU while calling nfsd_file_put_local; the RCU hold is moved from nfs_to_nfsd_file_put_local to nfs_to_nfsd_net_put, with the rcu-protective call nfsd_serv_put being the one that requires RCU. This change addresses a ...

5.5CVSS6.6AI score0.00133EPSS
CVE
CVE
added 2025/07/25 12:47 p.m.69 views

CVE-2025-38356

CVE-2025-38356 (Linux kernel) . The issue affects the DRM frontend (drm/xe/guc) where during driver probe the code may briefly run in CT safe mode (driven by a delayed work). If probe aborts early, unwind can destroy a pending delayed work that would restart itself, triggering a WARN in the workq...

5.5CVSS6.2AI score0.00154EPSS
CVE
CVE
added 2026/05/27 12:59 p.m.69 views

CVE-2026-46099

The CVE-2026-46099 entry describes a use-after-free race in Linux kernel IPv6 handling for seg6 and rpl lightweight tunnels. A NOREF destination cached during ip6_route_input() can be freed by a concurrent FIB lookup on a shared nexthop under PREEMPT_RT, leading to a WARN or potential instability...

8.1CVSS5.8AI score0.00321EPSS
CVE
CVE
added 2026/06/03 3:49 p.m.69 views

CVE-2026-46259

In the Linux kernel procfs path do_task_stat() reading /proc/[pid]/stat, task->real_parent is accessed without proper RCU protection, enabling a potential Use-After-Free when another task is released. The fix switches from task_tgid_nr_ns() to task_ppid_nr_ns() to add proper RCU protection for...

7.8CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.68 views

CVE-2001-0851

CVE-2001-0851 covers the Linux kernel 2.0, 2.2 and 2.4 with syncookies enabled. The issue arises from the syncookie handling that allows a remote attacker to bypass firewall rules by brute-forcing the cookie, effectively defeating first-hop filtering. Public advisories from Red Hat, SUSE, Mandrak...

5CVSS6.6AI score0.03087EPSS
CVE
CVE
added 2003/07/15 4:0 a.m.68 views

CVE-2003-0465

The CVE-2003-0465 issue affects the Linux kernel (2.4/2.5) where strncpy does not pad with null bytes on architectures other than x86, potentially allowing information leaks. Red Hat’s RHSA-2004:188 and related advisories document this as a kernel vulnerability with fixes in updated kernel packag...

5CVSS6.3AI score0.01863EPSS
CVE
CVE
added 2003/06/28 4:0 a.m.68 views

CVE-2003-0476

CVE-2003-0476 affects the Linux kernel 2.4.x execve system call, where the executable’s file descriptor is recorded in the caller’s file table, enabling local users to read restricted file descriptors. Public advisories (e.g., Debian DSA-423-1, RHSA-2003:408) note this vulnerability and recommend...

2.1CVSS5.9AI score0.00406EPSS
CVE
CVE
added 2003/07/04 4:0 a.m.68 views

CVE-2003-0501

The CVE-2003-0501 issue concerns the Linux /proc filesystem allowing a local attacker to read sensitive information by opening entries in /proc/self before a setuid program runs, potentially preventing proper ownership/permission changes. Connected advisories confirm this can be triggered in Linu...

2.1CVSS5.4AI score0.00829EPSS
Web
CVE
CVE
added 2005/04/05 4:0 a.m.68 views

CVE-2005-0749

The CVE-2005-0749 issue affects the Linux kernel prior to 2.6.11.6. The vulnerability arises in load_elf_library where freeing an invalid pointer via a crafted ELF library or executable can trigger a kernel crash (DoS). Affected component: kernel’s ELF loading/free path (load_elf_library). The pu...

7.2CVSS5AI score0.00446EPSS
CVE
CVE
added 2005/09/14 4:0 a.m.68 views

CVE-2005-1913

CVE-2005-1913 affects the Linux kernel up to version 2.6.12.1. The vulnerability occurs when a non group-leader thread executes a different program while an itimer is pending; the expiry signal is delivered to the old group-leader task, which no longer exists, causing a kernel panic (local DoS). ...

2.1CVSS7AI score0.00389EPSS
CVE
CVE
added 2005/08/08 4:0 a.m.68 views

CVE-2005-2500

CVE-2005-2500: A buffer overflow in the Linux kernel 2.6.12 code path (xdr_xcode_array2 in xdr.c) used by SuSE Linux Enterprise Server 9 can be triggered by crafted XDR data for the nfsacl protocol, potentially allowing remote denial of service and possibly arbitrary code execution. The vulnerabi...

7.5CVSS7.9AI score0.04739EPSS
CVE
CVE
added 2005/12/14 7:0 p.m.68 views

CVE-2005-3358

CVE-2005-3358 affects Linux kernel prior to 2.6.15: passing a 0 bitmask to set_mempolicy can trigger a kernel panic, enabling local denial of service. Public details in Debian DSAs and OpenVAS entries confirm the issue and list patched kernel versions (e.g., Debian 2.6.8-16sarge2; Red Hat/CentOS ...

4.9CVSS4.4AI score0.01014EPSS
CVE
CVE
added 2005/11/27 10:0 p.m.68 views

CVE-2005-3858

Technical details about CVE-2005-3858 are not publicly available in the provided connected documents. Monitor for updates.

7.8CVSS4.6AI score0.03286EPSS
CVE
CVE
added 2006/03/21 6:0 p.m.68 views

CVE-2006-1342

CVE-2006-1342 is a local information-leak in the Linux kernel’s IPv4 socket-name handling. The root cause is that sockaddr_in.sin_zero is not cleared when returning IPv4 socket names from getsockname, getpeername, or accept, potentially exposing portions of kernel memory. Public advisories across...

2.1CVSS5.5AI score0.00712EPSS
CVE
CVE
added 2006/04/19 6:0 p.m.68 views

CVE-2006-1524

The MADV_REMOVE issue (CVE-2006-1524) affects Linux kernel 2.6.16 up to 2.6.16.6, where madvise_remove does not enforce file/mmap restrictions, enabling a local user to bypass IPC permissions and overwrite portions of readonly tmpfs files with zeros. The problem is tied to the mprotect-related fl...

3.6CVSS7.1AI score0.00426EPSS
CVE
CVE
added 2006/10/12 8:0 p.m.68 views

CVE-2006-4813

Concrete details found: CVE-2006-4813 affects the Linux kernel 2.6.x prior to 2.6.13, where __block_prepare_write in fs/buffer.c fails to clear buffers under certain error conditions, allowing a local user to read portions of files that have been unlinked. Impact is partial confidentiality; explo...

2.1CVSS7.2AI score0.00402EPSS
CVE
CVE
added 2007/01/04 2:0 a.m.68 views

CVE-2006-5749

The CVE-2006-5749 issue affects the Linux kernel 2.4 series up to, but not including, 2.4.34-rc4. It concerns the isdn_ppp_ccp_reset_alloc_state function in drivers/isdn/isdn_ppp.c, which does not call init_timer for the ISDN PPP CCP reset state timer. The underlying cause is a timer initializati...

1.7CVSS7.1AI score0.00355EPSS
CVE
CVE
added 2007/11/15 8:0 p.m.68 views

CVE-2007-5501

The CVE-2007-5501 entries confirm a vulnerability in the Linux kernel 2.6.21–2.6.23.7 and 2.6.24-rc through 2.6.24-rc2 where remote attackers can cause a denial of service (crash) by sending crafted ACKs that trigger a NULL pointer dereference in net/ipv4/tcp_input.c (tcp_sacktag_write_queue). Th...

7.8CVSS6AI score0.03822EPSS
CVE
CVE
added 2013/04/05 9:0 p.m.68 views

CVE-2013-1858

The CVE-2013-1858 issue affects the Linux kernel prior to 3.8.3, where the clone system-call mishandles a combination of CLONE_NEWUSER and CLONE_FS. This enables local users to escalate privileges by calling chroot and taking advantage of the sharing of the / directory between a parent process an...

7.2CVSS6.6AI score0.01685EPSS
CVE
CVE
added 2013/12/09 6:0 p.m.68 views

CVE-2013-6432

CVE-2013-6432 affects the Linux kernel ping_recvmsg in net/ipv4/ping.c and can cause a local denial of service via a NULL pointer dereference when interacting with read() on ping sockets. The vulnerability exists in kernel versions prior to 3.12.4. The provided connected documents corroborate the...

4.6CVSS7AI score0.00475EPSS
CVE
CVE
added 2014/03/11 1:0 a.m.68 views

CVE-2014-0102

CVE-2014-0102 affects the Linux kernel up to version 3.13.6. The vulnerability is in the function keyring_detect_cycle_iterator (security/keys/keyring.c), which does not correctly determine whether keyrings are identical. This can allow local users to cause a denial of service (OOPS) by issuing c...

5.2CVSS5.5AI score0.00555EPSS
CVE
CVE
added 2017/02/06 6:4 a.m.68 views

CVE-2016-10153

The CVE-2016-10153 issue affects the Linux kernel 4.9.x before 4.9.6, where the crypto scatterlist API interacts incorrectly with CONFIG_VMAP_STACK, enabling local attackers to cause a denial of service (system crash or memory corruption) or potentially other impacts due to reliance on earlier ne...

7.8CVSS7.6AI score0.0043EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.68 views

CVE-2017-0429

CVE-2017-0429 is an elevation-of-privilege vulnerability in the NVIDIA kernel driver’s i2c-hid component, enabling a local attacker to write arbitrary values to kernel memory and potentially execute code with kernel privileges. Public descriptions tie the issue to the NVIDIA kernel driver on Andr...

9.3CVSS7.2AI score0.00908EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.68 views

CVE-2017-0531

CVE-2017-0531 is an information-disclosure vulnerability in the Qualcomm Wi‑Fi driver for Android, allowing a local malicious application to access data outside its permission levels after compromising a privileged process. Affected components/versions are Android kernel build lines (Kernel-3.10 ...

4.7CVSS4.3AI score0.00891EPSS
Web
CVE
CVE
added 2017/04/07 10:0 p.m.68 views

CVE-2017-0584

CVE-2017-0584 is an information-disclosure issue in the Qualcomm Wi‑Fi driver affecting Android. The vulnerability could let a local malicious application access data outside its permissions, requiring compromise of a privileged process. The Initial document cites kernel versions 3.10 and 3.18 an...

4.7CVSS4.4AI score0.01052EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.68 views

CVE-2021-47133

CVE-2021-47133 affects Linux kernel; memory leak in the amd_sfh driver (HID: amd_sfh: Fix memory leak in amd_sfh_work) detected by kmemleak. Root cause: unreferenced kmem object in request_list handling; fix implemented as freeing the request_list entry once the processed entry is removed from th...

5.5CVSS6.4AI score0.00193EPSS
Total number of security vulnerabilities14330