Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2016/11/16 4:49 a.m.65 views

CVE-2016-7912

The CVE-2016-7912 entry describes a use-after-free in the Linux kernel involving ffs_user_copy_worker in drivers/usb/gadget/function/f_fs.c, prior to version 4.5.3. This flaw lets local users escalate privileges by accessing an I/O data structure after a callback, as documented in multiple source...

9.3CVSS7.3AI score0.0211EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.65 views

CVE-2016-8430

CVE-2016-8430 affects the NVIDIA Tegra kernel driver (NVHOST) on Android, where a mismanaged memory reference (user-after-free) can let a local attacker cause a denial of service or escalate to kernel code execution. The issue is described as elevation of privilege with potential for local persis...

9.3CVSS7.4AI score0.01717EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.65 views

CVE-2017-0443

CVE-2017-0443 describes an elevation of privilege in the Qualcomm Wi‑Fi driver on Android, allowing a local malicious application to execute arbitrary code in the kernel context. The vulnerability requires compromising a privileged process to gain initial access, and affects Android devices using...

7.6CVSS6.6AI score0.00882EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.65 views

CVE-2017-0445

CVE-2017-0445 is a kernel-privilege elevation in the HTC touchscreen driver affecting Google Pixel/Pixel XL devices (Android kernel 3.18). The connected CNVD entry confirms an HTC touchscreen driver flaw allowing a local malicious app to execute code in kernel context, i.e., a local privilege esc...

7.6CVSS6.6AI score0.0098EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.65 views

CVE-2017-0527

CVE-2017-0527 describes an elevation-of-privilege vulnerability in the HTC Sensor Hub Driver on Android, enabling a local malicious app to execute arbitrary code in kernel context. Affected products/versions: Android on kernel 3.10 and 3.18. Root cause is operating in the context of the kernel af...

7.6CVSS6.6AI score0.01453EPSS
CVE
CVE
added 2017/05/12 3:0 p.m.65 views

CVE-2017-0613

CVE-2017-0613 is a local elevation-of-privilege flaw in the Qualcomm Secure Execution Environment Communicator driver affecting Android, enabling a non-privileged, user-space process to gain arbitrary code execution in the kernel if a privileged process is first compromised. Affected kernel versi...

7.6CVSS6.7AI score0.01565EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.65 views

CVE-2021-47225

Linux kernel mac80211 deadlock when AP_VLANs are up and the AP interface is closed. Root cause: dev_close() held the wiphy mutex triggers netdev cfg80211 notifier to re-acquire the wiphy mutex. Fixes described: (1) prevent changing iftype while AP_VLANs are up; (2) move the dev_close() loop over ...

5.5CVSS5.2AI score0.00147EPSS
CVE
CVE
added 2024/05/21 2:35 p.m.65 views

CVE-2021-47349

The CVE-2021-47349 issue is a kernel-level deadlock in the mwifiex path: when removing the mwifiex interface or during firmware reset, cfg80211_unregister_wdev() may need to bring down the link, which then attempts to acquire the same wiphy lock already held. The provided traces show the lock/inv...

5.5CVSS6.7AI score0.00178EPSS
CVE
CVE
added 2022/09/13 3:36 p.m.65 views

CVE-2022-3170

CVE-2022-3170 affects the Linux kernel sound subsystem. The vulnerability is an out-of-bounds access that can occur when the user-provided id->name does not end with a NUL character, allowing a privileged local user to trigger a crash or potentially escalate privileges via an ioctl() path. The...

7.8CVSS7.3AI score0.0024EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.65 views

CVE-2022-48762

CVE-2022-48762 refers to an arm64 Linux kernel issue in the extable path for load_unaligned_zeropad, where ex_handler_load_unaligned_zeropad() erroneously parsed register indices from ex->type instead of ex->data. The documented impact is a potential NULL pointer dereference on an MTE-enabl...

6.2CVSS6AI score0.00188EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.65 views

CVE-2022-48820

CVE-2022-48820: In the Linux kernel, a refcount leak was fixed in the stm32 USB PHY PLL enable path. The bug affected the stm32_usbphyc_pll_enable() error path where usbphyc->n_pll_cons.counter was not decremented, potentially leaking a reference. The provided connected documents confirm the f...

7.1CVSS7.6AI score0.00278EPSS
CVE
CVE
added 2024/08/22 1:31 a.m.65 views

CVE-2022-48913

The CVE-2022-48913 issue is a Linux kernel use-after-free in blk_trace (blktrace) allocated when tracing a full disk, where created files under q->debugfs_dir are not removed if bt->dir is NULL, allowing stale pointers (dropped, msg) to be dereferenced. The result is a KASAN-triggered use-a...

7.8CVSS6.6AI score0.00212EPSS
CVE
CVE
added 2025/02/26 1:54 a.m.65 views

CVE-2022-49068

CVE-2022-49068 — Summary (Linux kernel, btrfs) The issue occurs in btrfs direct IO write path: during get_blocks_direct_write(), temporary delalloc extents are reserved and later released with btrfs_delalloc_release_extents(). If the length is modified in the COW path, fewer extents may be releas...

5.5CVSS5.2AI score0.00243EPSS
CVE
CVE
added 2025/02/26 2:24 a.m.65 views

CVE-2022-49684

The Connected documents confirm CVE-2022-49684 relates to the Linux kernel, specifically the iio: adc: aspeed code. The issue is a refcount leak in aspeed_adc_set_trim_data caused by of_find_node_by_name() returning a node pointer with an incremented refcount; the remediation is to call of_node_p...

5.5CVSS6.4AI score0.00209EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.65 views

CVE-2023-52706

The CVE-2023-52706 issue affects the Linux kernel gpio-sim, where an inverted logic in gpio_sim_remove_hogs() prevented freeing GPIO hog structures, causing a memory leak. A fix was applied in the kernel to correct the logic and free the hog structures, mitigating the leak. The vulnerability was ...

5.5CVSS6.6AI score0.00205EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.65 views

CVE-2023-53115

CVE-2023-53115 refers to a Linux kernel vulnerability affecting the scsi mpi3mr driver, where memory leaks were reported in mpi3mr_init_ioc during IOC reinitialization. The confirmed remediation is a memory-management fix that prevents reallocation when IOC is being reinitialized. Multiple adviso...

5.5CVSS6.6AI score0.00163EPSS
CVE
CVE
added 2024/07/29 2:31 p.m.65 views

CVE-2024-41026

CVE-2024-41026 is a Linux kernel issue in the davinci_mmc driver where the transmitted data size could exceed sg_miter length, causing a kernel panic. The vulnerability arises from lack of validation on the data size to be transmitted; the fix limits the number of transmitted bytes to sg_mmiter-&...

5.5CVSS6.5AI score0.00246EPSS
CVE
CVE
added 2024/07/30 7:46 a.m.65 views

CVE-2024-42112

Summary (CVE-2024-42112): In the Linux kernel, the txgbe driver mishandled isb resource freeing when using MSI/INTx interrupts, risking reads from freed memory. The fix moves wx_free_isb_resources() from txgbe_close() to txgbe_remove() and corrects the isb free action in the txgbe_open() error pa...

7.8CVSS6.5AI score0.00233EPSS
CVE
CVE
added 2024/08/08 8:50 a.m.65 views

CVE-2024-42257

The CVE-2024-42257 issue affects the Linux kernel ext4 code: the s_volume_name field in ext4_super_block was not NUL terminated. The root cause was using the wrong string copy approach; memtostr_pad() should be used instead of strncpy(), aligning with prior nonstring annotations in ext4.h. The re...

7.8CVSS6.6AI score0.00202EPSS
CVE
CVE
added 2024/08/17 8:54 a.m.65 views

CVE-2024-42275

In CVE-2024-42275, the Linux kernel’s drm/client path fixes an error code in drm_client_buffer_vmap_local() that previously returned success on a failure path, causing locking issues and an uninitialized map_copy in the caller. The vulnerability is resolved by the upstream kernel fix. No exploits...

5.5CVSS6.7AI score0.00193EPSS
CVE
CVE
added 2024/09/13 6:27 a.m.65 views

CVE-2024-46704

In the Linux kernel workqueue code, CVE-2024-46704 is a data race fix in __flush_work() when flushing a work item for cancellation. The root cause was reading @work->data before testing from_cancel, which could spuriously trigger KCSAN reports. A patch reorganized the code to test @from_cancel...

4.7CVSS4.6AI score0.00175EPSS
CVE
CVE
added 2024/09/13 6:44 a.m.65 views

CVE-2024-46712

The documented CVE-2024-46712 affects the Linux kernel's DRM VMWGFX subsystem: coherent dumb buffers are enabled even when 3D is disabled, causing guest-only content to be retained and wasting guest-host synchronization efforts. The problem arises because coherent surfaces are only meaningful wit...

5.5CVSS5.3AI score0.00177EPSS
CVE
CVE
added 2025/01/11 12:29 p.m.65 views

CVE-2024-55642

CVE-2024-55642: In the Linux kernel, the zone write plug error recovery could deadlock if a device queue freeze occurred while BIOs were plugged and a write failed. The automatic use of report zones after a failed write was removed, and recovery now relies on the user/driver to perform report zon...

5.5CVSS6.8AI score0.00182EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.65 views

CVE-2024-57988

In the Linux kernel, the Bluetooth driver btbcm had a NULL pointer dereference in btbcm_get_board_name() when devm_kstrdup() could return NULL. The fix adds a NULL check in btbcm_get_board_name() to prevent the dereference.

5.5CVSS6.3AI score0.00205EPSS
CVE
CVE
added 2025/03/06 3:54 p.m.65 views

CVE-2024-58062

CVE-2024-58062: In the Linux kernel, the iwlwifi mvm code was fixed to avoid NULL pointer dereference when iterating over active links of a virtual interface (vif). The root cause was a missing check that the link pointer exists before dereferencing it; the patch adds usage of for_each_vif_active...

5.5CVSS7.1AI score0.00169EPSS
CVE
CVE
added 2025/04/01 3:26 p.m.65 views

CVE-2025-21897

CVE-2025-21897: Linux kernel sched_ext vulnerability where pick_task_scx() could return non-queued tasks if balance() wasn’t called. The fix adds a workaround to emulate SCX_RQ_BAL_KEEP only when preceding balance_scx() is missing, and corrects the prior test that used @prev to decide if a task w...

5.5CVSS7.2AI score0.00141EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.65 views

CVE-2025-38012

CVE-2025-38012 concerns the Linux kernel vulnerability in sched_ext where bpf_iter_scx_dsq_new() may leave an uninitialized BPF iterator after an error return, causing bpf_iter_scx_dsq_next() to dereference garbage data. The patch ensures bpf_iter_scx_dsq_new() always clears kit->dsq, making n...

5.5CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.65 views

CVE-2025-38028

CVE-2025-38028 : Linux kernel local vulnerability in NFS/localio due to a race in nfs_local_open_fh. After clp->cl_uuid.lock is dropped, another CPU could free the recently added nfsd_file. The fix uses an RCU read lock before dropping the spin lock to prevent dangling pointers. Exploitation i...

4.7CVSS6.4AI score0.00103EPSS
CVE
CVE
added 2025/09/11 4:49 p.m.65 views

CVE-2025-40300

The CVE-2025-40300 issue affects the Linux kernel’s x86/vmscape mitigation. The vulnerability arises from insufficient branch predictor isolation between a guest and a userspace hypervisor, which is mitigated by conditionally issuing an IBPB after VMexit and before returning to userspace. The fix...

5.5CVSS6AI score0.00331EPSS
CVE
CVE
added 2026/05/28 9:41 a.m.65 views

CVE-2026-46241

CVE-2026-46241 concerns the SPI driver for the MPC52xx in the Linux kernel, where a use-after-free can occur if controller registration fails because interrupts are not properly disabled and freed. The issue is resolved by a fix that ensures interrupts are disabled and resources freed on registra...

7.8CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.64 views

CVE-1999-0400

CVE-1999-0400 affects Linux 2.2.0 where running the ldd command on a core file causes a denial of service. The connected documents confirm the affected component (ldd behavior on core files) and the impact (DoS). No explicit root cause, affected versions beyond Linux 2.2.0 are not detailed here, ...

4.6CVSS7AI score0.01019EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.64 views

CVE-2001-0914

The CVE-2001-0914 issue affects the Linux kernel prior to 2.4.11pre3. It allows local users to cause a denial of service (crash) by starting the core vmlinux kernel, with the root cause described as potentially poor error checking during ELF loading. Publicly available documents name the affected...

2.1CVSS6.6AI score0.0039EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.64 views

CVE-2001-1390

The CVE-2001-1390 entry concerns an unknown vulnerability in the Linux kernel component binfmt_misc prior to version 2.2.19, related to user pages. Connected advisories (Mandrake MDKSA-2001:037 and Debian DSA-047-1, among others) document that the core issue is an off-by-one error in the CPIA dri...

6.2CVSS5.2AI score0.00383EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.64 views

CVE-2001-1392

The supplied documents confirm CVE-2001-1392 affects the Linux kernel prior to 2.2.19, due to missing unregister calls for CPUID and MSR drivers, which could crash the system on unloading/loading (local DoS). Remediation is to upgrade to kernel 2.2.19 or later (as noted in Mandrake/Debian/NVD ref...

2.1CVSS5.4AI score0.00427EPSS
CVE
CVE
added 2005/07/14 4:0 a.m.64 views

CVE-2001-1572

CVE-2001-1572 affects the Linux kernel Netfilter MAC module (versions 2.4.1–2.4.11) and allows remote attackers to bypass MAC-based packet filters by sending small packets. This is a network-vector, low-complexity, no-authentication exploit with partial impacts on confidentiality , integrity , an...

7.5CVSS6.6AI score0.02753EPSS
CVE
CVE
added 2006/02/16 8:0 p.m.64 views

CVE-2003-0956

CVE-2003-0956 describes race conditions in the Linux kernel’s O_DIRECT handling prior to 2.4.22. Affected component: kernel I/O path for direct I/O (O_DIRECT) on 2.4.x. Impact: local users could read data from previously deleted files or see data during reads of truncated files, potentially expos...

2.6CVSS6AI score0.00302EPSS
CVE
CVE
added 2004/04/30 4:0 a.m.64 views

CVE-2004-0424

CVE-2004-0424 involves an integer overflow in the Linux kernel’s ip_setsockopt handling of the MCAST_MSFILTER socket option. Affected ranges are Linux kernel 2.4.22–2.4.25 and 2.6.1–2.6.3. The vulnerability allows local users to cause a crash (denial of service) or potentially execute arbitrary c...

7.2CVSS7.1AI score0.01238EPSS
CVE
CVE
added 2005/01/20 5:0 a.m.64 views

CVE-2004-0812

CVE-2004-0812 describes a local privilege/denial-of-service issue in the Linux kernel before 2.4.23 on AMD64 and Intel EM64T architectures, related to how TSS limits are set up. The vulnerability could allow a local user to crash the system and, in some scenarios, potentially execute arbitrary co...

2.1CVSS7AI score0.0043EPSS
CVE
CVE
added 2004/12/08 5:0 a.m.64 views

CVE-2004-1151

CVE-2004-1151 involves multiple buffer overflows in the Linux 2.6.x kernel, specifically in sys32_ni_syscall() and sys32_vm86_warning() within sys_ia32.c. Exploitation could allow a local attacker to modify kernel memory and escalate privileges (root). Several advisories confirm affected kernels ...

7.2CVSS7.4AI score0.00406EPSS
CVE
CVE
added 2005/12/03 12:0 a.m.64 views

CVE-2004-2607

CVE-2004-2607 is a local-read vulnerability in the Linux kernel (sdla_xfer) caused by casting a large len argument received as int to a short, preventing a read loop from filling a buffer. The description applies to Linux kernel 2.6.x (up to 2.6.5) and 2.4 (up to 2.4.29-rc1). Public documents con...

2.1CVSS5.7AI score0.0046EPSS
CVE
CVE
added 2005/04/05 4:0 a.m.64 views

CVE-2005-0400

The CVE-2005-0400 issue affects the Linux kernel ext2 file system: ext2_make_empty does not initialize memory when allocating a new directory entry block, enabling local users to read potentially sensitive data from the block. The documented fix is in kernel update 2.6.11.6 (and related Red Hat/U...

2.1CVSS4.8AI score0.00443EPSS
CVE
CVE
added 2005/03/30 5:0 a.m.64 views

CVE-2005-0937

The CVE-2005-0937 issue is a Linux kernel vulnerability in futex.c (2.6.x) where get_user may be invoked while mmap_sem is held. This can lead to a deadlock in do_page_fault if another thread is executing mmap or related operations, as described in the Linux kernel advisories. Public references (...

1.2CVSS5.2AI score0.00346EPSS
CVE
CVE
added 2006/01/23 10:0 p.m.64 views

CVE-2006-0037

CVE-2006-0037 concerns the Linux kernel 2.6.14 (and other versions) where the PPTP NAT helper (netfilter/ip_nat_helper_pptp.c) is vulnerable. A crafted outbound packet can trigger an incorrect offset calculation from pointer arithmetic when non-linear SKBs are used, enabling a local user to cause...

4.9CVSS6.3AI score0.0036EPSS
CVE
CVE
added 2006/11/07 12:0 a.m.64 views

CVE-2006-4572

CVE-2006-4572 concerns the Linux kernel’s netfilter ip6_tables. Affects the IPv6 tables implementation in versions prior to 2.6.16.31, allowing remote attackers to bypass security rules: (1) a protocol-disallow rule via a fragment header-adjacent protocol header, and (2) a header-extension rule v...

7.5CVSS7.2AI score0.03534EPSS
CVE
CVE
added 2009/02/17 5:0 p.m.64 views

CVE-2009-0605

CVE-2009-0605 is a Linux kernel vulnerability affecting the do_page_fault path in arch/x86/mm/fault.c, present in 2.6.x up to 2.6.28.5. A local user with a registered Kprobes probe can trigger page faults to cause memory exhaustion, enabling denial of service and potentially privilege gain. The f...

4.9CVSS6.8AI score0.00367EPSS
CVE
CVE
added 2013/09/13 6:0 p.m.64 views

CVE-2013-2890

CVE-2013-2890 affects the Linux kernel HID subsystem (drivers/hid/hid-sony.c). When CONFIG_HID_SONY is enabled, it allows physically proximate attackers to trigger a heap-based out-of-bounds write via a crafted USB device, leading to a denial of service. The vulnerability is described as existing...

4.7CVSS7.3AI score0.00336EPSS
CVE
CVE
added 2013/11/12 1:0 a.m.64 views

CVE-2013-4512

CVE-2013-4512 describes a buffer overflow in the Linux kernel's user-mode Linux port, specifically in the write method of /proc/exitcode (exitcode_proc_write) in arch/um/kernel/exitcode.c, exploitable by local attackers with sufficient privileges. The vulnerability exists in kernels prior to 3.12...

4.7CVSS7.1AI score0.00476EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.64 views

CVE-2016-6776

CVE-2016-6776 is an elevation-of-privilege vulnerability in the NVIDIA Tegra kernel driver (NVHOST) where referencing memory after it has been freed may allow a local attacker to escalate to kernel code execution. The issue is documented across NVIDIA Bulletins for Jetson TK1/K1 and Tegra-line de...

9.3CVSS7.3AI score0.0179EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.64 views

CVE-2016-8429

CVE-2016-8429 concerns the NVIDIA Tegra kernel driver (NVMAP) in Android. The connected NVIDIA bulletins describe a memory safety issue in NVMAP where memory references after free can lead to denial of service and possible privilege escalation, enabling a local attacker to execute code in the ker...

9.3CVSS7.4AI score0.01619EPSS
CVE
CVE
added 2017/04/05 2:0 p.m.64 views

CVE-2017-0325

CVE-2017-0325 affects the NVIDIA kernel driver’s i2c-hid component on Android. The issue allows an attacker to escalate privileges and execute arbitrary code in the kernel context by writing arbitrary data to an arbitrary location within i2c-hid. The vulnerability is local and requires interactio...

7.6CVSS6.9AI score0.01804EPSS
Total number of security vulnerabilities14330