Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2017/01/12 3:0 p.m.67 views

CVE-2016-6789

CVE-2016-6789 is an elevation-of-privilege in the NVIDIA libomx library (LIBNVOMX.SO) that could allow a local attacker to execute arbitrary code with privileged process rights. Affected environment is Android (kernel 3.18) using NVIDIA components. The vulnerability is scored as CVSS v3.0 base 9....

9.3CVSS7.3AI score0.0179EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.67 views

CVE-2017-0403

CVE-2017-0403 is an elevation-of-privilege vulnerability in the Android kernel performance subsystem. The issue could allow a local malicious application to execute arbitrary code within the kernel context, requiring initial access via a privileged process. Affected software is Android’s kernel w...

7.6CVSS6.5AI score0.01624EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.67 views

CVE-2017-0433

CVE-2017-0433 is an elevation-of-privilege flaw in the Synaptics touchscreen driver for Android, tied to the Kernel-3.10 platform. The vulnerability could allow a local, privileged attacker to execute arbitrary code within the touchscreen chipset context. Several connected sources (including NVD ...

7.6CVSS6.6AI score0.0101EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.67 views

CVE-2017-0439

CVE-2017-0439 describes a local privilege-escalation vulnerability in the Qualcomm Wi‑Fi driver for Android, affecting Kernel-3.10 and Kernel-3.18. The issue could allow a local malicious app to execute arbitrary code in the kernel context after compromising a privileged process. The Android Prod...

7.6CVSS6.6AI score0.0089EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.67 views

CVE-2017-0456

CVE-2017-0456 describes an elevation-of-privilege flaw in the Qualcomm IPA driver that allows a local attacker to run code in the kernel context on Android. Affected components/versions include Android kernel 3.10 and 3.18 with the issue stemming from the IPA driver in Qualcomm silicon. The vulne...

7.6CVSS6.6AI score0.01542EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.67 views

CVE-2021-47125

CVE-2021-47125 concerns a Linux kernel local vulnerability due to a refcount leak in the HTB offload path. The root cause was an incorrect NULL handling around qdisc_refcount_inc in htb_parent_to_leaf_offload, which could leak references if new_q was NULL. The fix adds a NULL pointer check to gua...

5.5CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2024/03/15 8:14 p.m.67 views

CVE-2021-47130

CVE-2021-47130 affects the Linux kernel nvmet subsystem. The issue occurs when a p2p device is found but the p2p pool is empty, causing nvme target to free the SGLs from the p2p pool and trigger a crash (BUG()) in lib/genalloc.c. The documented fix is to assign the p2p_dev for the request only if...

4.4CVSS5.4AI score0.00227EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.67 views

CVE-2021-47268

CVE-2021-47268: Unity/Linux kernel advisory describes a fix for usb: typec: tcpm: cancel vdm and state machine hrtimer when unregister tcpm port, addressing a pending hrtimer that may expire after tcpm port destruction. Root cause is a pending hrtimer in tcpm that could fire during module unload,...

7.8CVSS6.5AI score0.00231EPSS
CVE
CVE
added 2024/05/24 3:9 p.m.67 views

CVE-2021-47519

CVE-2021-47519 concerns the Linux kernel CAN subsystem, specifically a memory leak in can/m_can_read_fifo. According to connected sources, if the second call to m_can_fifo_read() fails, code paths jump to an out_fail label and return before freeing the skb created by alloc_can_skb(), resulting in...

7.5CVSS5.2AI score0.00496EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.67 views

CVE-2022-48870

CVE-2022-48870 : In the Linux kernel, a null pointer dereference could occur in spk_ttyio_release due to a null-ptr-defer in tty handling, which has been fixed (tty: fix possible null-ptr-defer in spk_ttyio_release). The vulnerability affects kernel code involved with the Speakup Speakup AUDPTR/T...

5.5CVSS6.3AI score0.0025EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.67 views

CVE-2022-48881

CVE-2022-48881 (Linux kernel) affects the Linux kernel in the AMD platform x86 code. The vulnerability arises from a refcount leak in amd_pmc_probe, and a reference taken by pci_get_domain_bus_and_slot() that callers must release with pci_dev_put() after use. The fix adds pci_dev_put() in the err...

7.1CVSS6.4AI score0.00226EPSS
CVE
CVE
added 2024/08/22 1:30 a.m.67 views

CVE-2022-48903

The CVE-2022-48903 entry refers to a Linux kernel vulnerability in the btrfs relocation path: a premature return from btrfs_commit_transaction can cause relocation-related crashes. The connected documents indicate upstream fixes in the kernel (e.g., commits addressing btrfs_relocate_block_group a...

5.5CVSS6.2AI score0.0021EPSS
CVE
CVE
added 2024/08/22 1:32 a.m.67 views

CVE-2022-48922

CVE-2022-48922 (Linux kernel, riscv) : Root cause is a NULL pointer dereference when irqsoff latency tracer is enabled because trace_hardirqs_on/off rely on the frame pointer (CALLER_ADDR1). If the frame pointer is repurposed, memory access faults can occur during boot. The issue was mitigated by...

5.5CVSS6.5AI score0.00207EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.67 views

CVE-2022-48984

The connected documents provide concrete details for CVE-2022-48984 affecting Linux kernel can: slcan: fix freed work crash. The issue manifests as a NULL pointer dereference in slcan when the LTP pty03 test crashes, with a crash trace in process_one_work and workqueue handling. Root cause: slcan...

5.5CVSS4.9AI score0.002EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.67 views

CVE-2022-49009

The CVE-2022-49009 issue affects the Linux kernel component hwmon:asus-ec-sensors, where devm_kcalloc may return NULL and the return value must be checked to avoid NULL pointer dereference. The provided documents confirm a resolved vulnerability with a fix implementing checks for the NULL return ...

5.5CVSS5.3AI score0.002EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.67 views

CVE-2022-49013

CVE-2022-49013 affects the Linux kernel SCTP path: a memory leak in sctp_stream_outq_migrate() where the object pointed by prio_head is not released when releasing stream out resources. The description includes a concrete memory-leak instance and a backtrace showing allocation paths, indicating r...

5.5CVSS5.2AI score0.0024EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.67 views

CVE-2022-49146

The CVE-2022-49146 entry describes a Linux kernel issue in virtio handling where drivers bypass the enable_cbs callback during virtio_device_restore(), causing suspend-resume traces and potential interrupt handling problems. The root cause is failure to call virtio_device_ready() in restore, so i...

5.5CVSS5.2AI score0.00243EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.67 views

CVE-2022-49576

CVE-2022-49576 is a Linux kernel vulnerability in IPv4 sysctl_fib_multipath_hash_fields where readers could observe data races while the value is updated concurrently. The root cause is concurrent modification without proper synchronization; fix implemented by adding READ_ONCE() to the readers. T...

4.7CVSS6.5AI score0.00176EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.67 views

CVE-2022-49974

CVE-2022-49974 refers to a Linux kernel vulnerability in the HID Nintendo driver where a null pointer could be dereferenced when queuing rumble work to a destroyed workqueue. The root cause is attempting to queue work after the controller is disconnected and nintendo_hid_remove has destroyed the ...

5.5CVSS6.4AI score0.00179EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.67 views

CVE-2022-50023

The CVE-2022-50023 issue affects the Linux kernel's DMAengine dw-axi-dmac component. When a channel has no descriptor and an interrupt is raised, the kernel can OOPS. The root cause is not validating the descriptor result; the fix is to check the outcome of vchan_next_desc() in axi_chan_block_xfe...

5.5CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.67 views

CVE-2022-50080

CVE-2022-50080 (Linux kernel) affects kernel code path for tee/shm handling. The issue is an integer overflow in register_shm_helper() when calculating pages for a memory region supplied by user space, which can lead to a NULL pointer dereference in internal_get_user_pages_fast() via pin_user_pag...

5.5CVSS6.3AI score0.00223EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.67 views

CVE-2022-50108

CVE-2022-50108 affects the Linux kernel via the mfd: max77620 sub-system. The root cause is a refcount leak in max77620_initialise_fps: of_get_child_by_name() returns a node pointer with an incremented refcount, and the patch adds missing of_node_put() to release it when no longer needed. The iss...

5.5CVSS6.4AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.67 views

CVE-2022-50188

CVE-2022-50188 is a Linux kernel vulnerability where a refcount leak in drm/meson was fixed. The issue arose because of how of_find_device_by_node() held a reference, with missing put_device() in the error path, leading to a refcount leak. The fix patches the kernel (meson_encoder_hdmi_init) to r...

5.5CVSS6.4AI score0.00202EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.67 views

CVE-2022-50192

CVE-2022-50192 : In the Linux kernel, the vulnerability affects the SPI Tegra tegra20-slink path. After calling spi_unregister_master(), the master’s refcount can drop to 0 and the master (and its associated device data) may be freed, causing a use-after-free when using tspi. The fix ensures the ...

7.8CVSS6.5AI score0.00213EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.67 views

CVE-2022-50204

CVE-2022-50204 concerns a Linux kernel issue affecting ARM OMAP2+ where pdata-quirks leaked a refcount in pdata_quirks_init_clocks due to a missing of_node_put() after using of_find_node_by_name() in a loop. The vulnerability is mitigated by a kernel fix that corrects the refcount handling, preve...

5.5CVSS6.5AI score0.00208EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.67 views

CVE-2022-50219

In CVE-2022-50219, the issue is in the Linux kernel’s BPF subsystem. Syzbot reported a use-after-free in compute_effective_progs when detaching BPF links, where a freed memory path could be dereferenced by update_effective_progs() leading to a KASAN UAF. The fix removes the pointer from the cgrou...

7.8CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2023/06/06 12:11 p.m.67 views

CVE-2023-20715

CVE-2023-20715 affects the wlan component in MediaTek-based devices. The issue is an out-of-bounds write caused by a missing bounds check, enabling local escalation of privileges with SYSTEM execution rights required. Exploitation reportedly does not require user interaction. The vulnerability’s ...

6.7CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2023/09/04 2:27 a.m.67 views

CVE-2023-20839

CVE-2023-20839 affects the imgsys component. The root cause is an out-of-bounds read due to missing valid range checking, leading to local information disclosure with system execution privileges required and user interaction for exploitation. The vulnerability is documented across multiple source...

4.2CVSS4AI score0.00091EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.67 views

CVE-2023-52986

CVE-2023-52986 is a Linux kernel issue affecting bpf, sockmap where a listening socket linked to a sockmap can have its sk_prot overridden to a variant in tcp_bpf_prots. The root cause is that cloning a child from a TCP listener checked only for the TCP_BPF_BASE proto variant, whereas the listene...

5.5CVSS6.5AI score0.00266EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.67 views

CVE-2023-52996

CVE-2023-52996 : Linux kernel IPv4 code in fib_metrics_match() uses @type as an array index, which could enable a spectre v1 gadget. The connected advisories indicate this is resolved in the kernel, with mitigation by preventing speculative access to fi->fib_metrics->metrics[type-1]. The vu...

5.5CVSS6.5AI score0.00246EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.67 views

CVE-2023-53061

CVE-2023-53061 affects the Linux kernel (ksmbd) and describes a refcount leak in smb2_open() where the reference count of acls can leak if memory allocation fails. The fix adds the missing posix_acl_release() to prevent the leak. Connected documents confirm the vulnerability was addressed in the ...

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2024/06/24 1:56 p.m.67 views

CVE-2024-32936

CVE-2024-32936 concerns the Linux kernel, specifically the TI j721e CSI2 RX DMA driver. The vulnerability arises when a frame is submitted to DMA: the submitted list may not be updated quickly enough, causing the DMA callback to fire before the list update completes. This race can lead to kernel ...

4.7CVSS6.4AI score0.00138EPSS
CVE
CVE
added 2024/09/11 3:13 p.m.67 views

CVE-2024-45024

The CVE-2024-45024 issue in the Linux kernel concerns page-table locking around hugetlb folios during GUP page-walking. The fix implements a technique to use a PTE lock pointer (ptep_lockptr) so the PTE page-table lock can be acquired consistently with core-mm locking, addressing locking mismatch...

5.5CVSS5.2AI score0.00139EPSS
CVE
CVE
added 2024/11/05 5:4 p.m.67 views

CVE-2024-50097

CVE-2024-50097 is resolved in OpenSUSE kernel-devel-longterm-6.12.11-1.1 on GA media. The issue in the Linux kernel’s fec driver could panics when saving PTP state if PTP is unsupported; the fix guards fec_ptp_save_state behind a PTP-support check, preventing the unconditional state save. Technic...

5.5CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2025/01/11 12:29 p.m.67 views

CVE-2024-54191

CVE-2024-54191 affects the Linux kernel Bluetooth stack (ISO). The issue arises from a circular lock between the socket lock and hdev lock in the ISO path. The fix reworks iso_sock_recvmsg and related code so that the socket lock is released before acquiring hdev, breaking the circular dependency...

5.5CVSS6.5AI score0.00135EPSS
CVE
CVE
added 2024/12/29 8:48 a.m.67 views

CVE-2024-56711

CVE-2024-56711 is a Linux kernel vulnerability affecting the DRM panel driver for himax-hx83102. The issue arises when drm_mode_duplicate() can return NULL due to memory allocation failure, after which code may dereference NULL pointers. The fix adds a explicit NULL check to prevent a NULL pointe...

5.5CVSS6.5AI score0.00213EPSS
CVE
CVE
added 2024/12/29 11:30 a.m.67 views

CVE-2024-56740

CVE-2024-56740 affects the Linux kernel NFSv3 LOCALIO path. The issue arises when res.replen is not cleared in nfs_local_read_done, leading to memory corruption as data can be copied from stale hdrsize/replen values through nfs3_read_done -> server->read_hdrsize -> args.replen -> hdrs...

7.8CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2025/03/07 9:10 a.m.67 views

CVE-2025-21843

CVE-2025-21843 concerns the Linux kernel DRM panthor component (panthor_ioctl_dev_query). The issue is that priorities_info is uninitialized and its value can be copied to a user object when PANTHOR_UOBJ_SET() is invoked. The documented fix is to initialize priorities_info (e.g., via memset) to a...

5.5CVSS7.1AI score0.00197EPSS
CVE
CVE
added 2025/04/01 3:26 p.m.67 views

CVE-2025-21901

Technical details about CVE-2025-21901 beyond the initial description are not provided in the connected documents. The entry notes a kernel patch for RDMA/bnxt_re with possible NULL dereference when the rdev is freed; monitor for updates.

5.5CVSS7AI score0.00187EPSS
CVE
CVE
added 2025/05/20 4:58 p.m.67 views

CVE-2025-37975

CVE-2025-37975 : Linux kernel riscv module relocation fix for out‑of‑bounds access in relocation handling. The patch replaces the end‑of‑relocation access rel[j] with a bounds‑checked approach using num_relocations, effectively correcting the relocation size calculation. The vulnerability is desc...

7.1CVSS6.7AI score0.0015EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.67 views

CVE-2025-38563

CVE-2025-38563 affects the Linux kernel perf subsystem. The issue arises when perf mmap-based mappings can be split (VMA split) after initial mapping, causing mismatched offsets/sizes and leaking reference counts for ringbuffer/auxiliary buffers. The fix adds vm_operations_struct.may_split() and ...

7.8CVSS7.3AI score0.00358EPSS
CVE
CVE
added 1999/09/29 4:0 a.m.66 views

CVE-1999-0074

CVE-1999-0074 describes a flaw where listening TCP ports are assigned sequentially, enabling spoofing. The connected documents do not specify affected products, versions, or root cause details beyond this mechanism. Exploitation status, impact scope, and fixes are not provided; some entries reite...

6.4CVSS7.4AI score0.084EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.66 views

CVE-1999-0216

The CVE-1999-0216 entry concerns a Denial of Service of inetd on Linux triggered by SYN and RST packets. Connected documents consistently describe inetd on Linux as the affected component and the root cause as crafted TCP packets causing denial of service. Public details in the PT-1997-1097 entry...

5CVSS7.4AI score0.02572EPSS
CVE
CVE
added 2002/03/09 5:0 a.m.66 views

CVE-1999-1339

CVE-1999-1339 affects Linux 2.2.10 and earlier (with ipchains) and FreeBSD 3.2 (with ipfw). The issue is triggered by a crafted ping -R (record route) packet, causing a remote attacker to induce a kernel panic and denial of service. The vulnerability arises from how NAT is handled when enabled, a...

5CVSS7AI score0.02611EPSS
CVE
CVE
added 2005/04/15 4:0 a.m.66 views

CVE-2003-0643

CVE-2003-0643 involves an integer signedness error in the Linux Socket Filter (filter.c) in Linux kernels from 2.4.3-pre3 through 2.4.22-pre10, which can cause a crash (denial of service). The vulnerability is documented across multiple sources (NVD/CVE entries, Debian advisory CD/OSV). The initi...

2.1CVSS6.4AI score0.00375EPSS
CVE
CVE
added 2005/03/18 5:0 a.m.66 views

CVE-2005-0210

CVE-2005-0210 is a Netfilter-related vulnerability in Linux kernel 2.6.8.1 where certain fragmented packets reassembled twice cause a data structure to be allocated twice, leading to memory exhaustion and potential denial of service. The connected documents confirm this issue and show that multip...

4.9CVSS5.2AI score0.00448EPSS
CVE
CVE
added 2005/05/11 4:0 a.m.66 views

CVE-2005-1263

CVE-2005-1263 affects the Linux kernel: the elf_core_dump path in binfmt_elf.c can trigger a negative length in create_elf_tables, causing a buffer overflow that enables local attackers to execute arbitrary code. Affected: Linux kernel 2.x up to listed pre-release/rc versions across multiple line...

7.2CVSS5.8AI score0.01774EPSS
CVE
CVE
added 2005/08/22 4:0 a.m.66 views

CVE-2005-2457

CVE-2005-2457 affects the Linux kernel zisofs driver for compressed ISO files. The vulnerability in the driver in older kernels (before 2.6.12.5) allows local users and remote attackers to trigger a denial of service (kernel crash) by crafting a compressed ISO filesystem. The issue is confirmed a...

5CVSS5.2AI score0.03713EPSS
CVE
CVE
added 2005/10/11 4:0 a.m.66 views

CVE-2005-3179

CVE-2005-3179 affects the Linux kernel, specifically the drm.c path in kernel versions 2.6.10 through 2.6.13. The vulnerability arises because a debug file is created in sysfs with world‑readable and world‑writable permissions. This allows a local user to enable DRM debugging and potentially obta...

2.1CVSS4.4AI score0.00398EPSS
CVE
CVE
added 2005/11/25 9:0 p.m.66 views

CVE-2005-3807

CVE-2005-3807 describes a memory leak in the VFS lease handling (locks.c) in Linux kernels 2.6.10–2.6.15 that can lead to local denial of service (memory exhaustion) when Samba activities trigger re-allocation of an fasync entry after clean-up. Multiple connected advisories (Ubuntu USN-231-1 and ...

4.9CVSS6AI score0.00745EPSS
Total number of security vulnerabilities14330