Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2017/02/08 3:0 p.m.63 views

CVE-2017-0448

CVE-2017-0448 is an information-disclosure vulnerability in the NVIDIA Tegra NVHOST kernel driver. The root cause is a memory handling flaw (use-after-free/memory after free) that can allow a local attacker to access data outside the process permissions. Affected stack: Android devices using Kern...

5.5CVSS5.2AI score0.00545EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.63 views

CVE-2017-0586

CVE-2017-0586 is an information-disclosure vulnerability in the Qualcomm sound driver affecting Android devices. The issue enables a local malicious application to access data outside its permissions, and is exploitable after compromising a privileged process. Affected: Android kernels around 3.1...

4.7CVSS4.4AI score0.01052EPSS
CVE
CVE
added 2017/02/06 6:4 a.m.63 views

CVE-2017-5547

The CVE-2017-5547 issue affects Linux kernel 4.9.x prior to 4.9.6, specifically the drivers/hid/hid-corsair.c path. The root cause is incorrect interaction with CONFIG_VMAP_STACK, enabling a local attacker to trigger a denial of service (system crash) or memory corruption by abusing more than one...

7.8CVSS7.6AI score0.00448EPSS
CVE
CVE
added 2017/04/23 5:37 a.m.63 views

CVE-2017-8061

The CVE-2017-8061 issue affects Linux kernels 4.9.x and 4.10.x prior to 4.10.7, where dvb-usb-firmware.c mishandles CONFIG_VMAP_STACK, allowing local users to trigger a denial of service or memory corruption by using more than one virtual page for a DMA scatterlist. Root cause: incorrect interact...

7.8CVSS7.8AI score0.00429EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.63 views

CVE-2020-36790

The CVE-2020-36790 entry refers to a Linux kernel issue where a memory leak in nvmet was fixed: specifically, the code failed to free the new_model_number. The connected documents consistently identify this as a resolved kernel vulnerability (nvmet: fix a memory leak) with no additional exploit d...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2024/05/21 2:19 p.m.63 views

CVE-2021-47251

Summary: CVE-2021-47251 affects the Linux kernel’s wireless stack via mac80211, where the skb length check in ieee80211_scan_rx() was corrected. The fix replaces hard-coded header-length constants with dynamic calculation based on the frame type, preventing a validation WARN_ON in cfg80211 later....

7.8CVSS6.7AI score0.00231EPSS
CVE
CVE
added 2024/05/21 2:20 p.m.63 views

CVE-2021-47278

CVE-2021-47278 : Linux kernel vulnerability in the bus: mhi: pci_generic driver where the remove path used del_timer(), which may not wait for the timer handler to finish, causing a potential use-after-free. The fix is to replace del_timer() with del_timer_sync() to ensure the timer handler has f...

7.8CVSS6.6AI score0.00219EPSS
CVE
CVE
added 2024/05/24 3:12 p.m.63 views

CVE-2021-47570

CVE-2021-47570 is addressed in the Linux kernel staging area (rt8188eu driver). The issue was a memory leak in rtw_wx_read32() where ptmp was not freed before returning -EINVAL. A fix (memory cleanup) has been applied to resolve this vulnerability; references point to kernel stable commits that i...

5.5CVSS5.2AI score0.00181EPSS
CVE
CVE
added 2024/08/22 3:31 a.m.63 views

CVE-2022-48940

CVE-2022-48940: In the Linux kernel, a crash can occur in BPF map handling when both a bpf_spin_lock and a bpf_timer are present in a map value. The root cause is that copy_map_value does not set both s_off and t_off when copying values in and out of the map, which can lead to overwriting the oth...

5.5CVSS6.8AI score0.00207EPSS
CVE
CVE
added 2024/10/21 8:5 p.m.63 views

CVE-2022-48964

The CVE-2022-48964 entry concerns a use-after-free in the Linux kernel ravb_rx_gbeth() path. The vulnerability arises when a socket buffer (skb) is freed by napi_gro_receive(), and later dereferenced, leading to potential memory corruption. The connected sources consistently describe this as a fi...

7.8CVSS7.4AI score0.00227EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.63 views

CVE-2022-49828

CVE-2022-49828 affects the Linux kernel hugetlbfs: when a HugeTLB page is poisoned, the page was previously truncated from the page cache; the patch keeps the poisoned page in the cache. As described, subsequent reads/mappings can trigger the allocation of a new hugepage instead of signaling pois...

5.5CVSS6.6AI score0.00165EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.63 views

CVE-2022-49894

CVE-2022-49894 affects the Linux kernel cxl region handling: PATCH fixes region HPA ordering validation to skip regions without address space, preventing a NULL pointer dereference and kernel crash in store_targetN() path (drivers/cxl/core/region.c). Descriptions show the crash trace and affected...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.63 views

CVE-2022-49899

CVE-2022-49899 concerns the Linux kernel’s fscrypt handling of fscrypt_master_key. The connected docs describe a fix that stops storing fscrypt_master_key structs as payloads inside the keyrings subsystem and instead keeps them in a regular kernel data structure with revised reference counting an...

5.5CVSS6.7AI score0.00185EPSS
CVE
CVE
added 2023/06/06 12:11 p.m.63 views

CVE-2023-20712

CVE-2023-20712 affects MediaTek WLAN code (wlan module) and is due to a missing bounds check, enabling an out-of-bounds write that can yield local privilege escalation to System level. Exploit requires LOCAL access with HIGH privileges and no user interaction. Patch: ALPS07796914 (Issue ALPS07796...

6.7CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2023/09/04 2:27 a.m.63 views

CVE-2023-20845

CVE-2023-20845 affects imgsys. The vulnerability is an out-of-bounds read caused by missing valid range checking, leading to local information disclosure with system execution privileges required and user interaction for exploitation. Patch ID ALPS07197795 / Issue ID ALPS07340357 is associated wi...

4.2CVSS4AI score0.00091EPSS
CVE
CVE
added 2023/09/04 2:28 a.m.63 views

CVE-2023-20847

CVE-2023-20847 affects MediaTek chips, specifically the imgsys_cmdq component, where a missing valid range check can cause an out-of-bounds read. This vulnerability can lead to local denial of service with SYSTEM privileges required, and exploitation requires user interaction. The known remedy in...

4.2CVSS4.4AI score0.00088EPSS
CVE
CVE
added 2024/05/21 3:22 p.m.63 views

CVE-2023-52704

CVE-2023-52704 pertains to the Linux kernel, specifically the freezer/umh path. The issue arises in call_usermode_helper_exec() for the KILLABLE case after the core freezer logic rewrite, where an unconditional wait_for_completion() was not optional and could leave an on-stack completion unused a...

5.5CVSS5.4AI score0.00205EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.63 views

CVE-2023-52911

CVE-2023-52911 is a Linux kernel issue in the DRM/MSM driver related to a NULL pointer dereference when the Adreno GPU runs in headless mode (e.g., on i.MX platforms). The crash occurs during reboot in the msm_atomic_commit_tail path, with an oops/NULL dereference involving slab kmalloc and relat...

5.5CVSS6.4AI score0.00208EPSS
CVE
CVE
added 2025/03/27 4:37 p.m.63 views

CVE-2023-52929

The CVE-2023-52929 entry concerns a Linux kernel nvmem core cleanup bug: if dev_set_name() fails, nvmem->wp_gpio remains leaked because the cleanup path doesn’t release it. The described fix prefers reworking initialization and cleanup by splitting device_register() and reusing the nvmem_relea...

5.5CVSS6.7AI score0.00226EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.63 views

CVE-2023-52995

CVE-2023-52995 concerns a Linux kernel vulnerability in riscv/kprobe instruction simulation for JALR when probing vfs_write. The flaw could cause a crash (kernel Oops) with an invalid user-memory access, as shown in the crash trace (e.g., Unable to handle kernel access to user memory without uacc...

5.5CVSS6.4AI score0.00237EPSS
CVE
CVE
added 2025/09/15 2:4 p.m.63 views

CVE-2023-53178

The CVE-2023-53178 issue affects the Linux kernel zswap writeback path. A race in zswap can swap out a page (A) and later swap in a different page (B) for the same swap slot, potentially causing memory corruption. The published fix ensures that once the swap page cache is allocated, zswap-shrink ...

4.7CVSS5.5AI score0.00103EPSS
CVE
CVE
added 2024/09/13 5:29 a.m.63 views

CVE-2024-46684

CVE-2024-46684 : In the Linux kernel, the binfmt_elf_fdpic path is affected. The vulnerability stems from an incorrect AUXV size calculation in create_elf_fdpic_tables() when ELF_HWCAP2 is defined, which could result in the last AUXV entry being zero and trigger a kernel BUG. The fix adds one to ...

5.5CVSS5.1AI score0.00199EPSS
CVE
CVE
added 2024/09/13 5:29 a.m.63 views

CVE-2024-46699

CVE-2024-46699: In the Linux kernel, drm/v3d preemption was not disabled around the write_seqcount_begin/end() used to update GPU stats, risking seqcount/RCU race conditions. Root cause: missing __seqprop_assert around the update path in v3d stats code leading to potential data corruption under p...

7.8CVSS7.4AI score0.00212EPSS
CVE
CVE
added 2024/12/27 2:22 p.m.63 views

CVE-2024-56554

CVE-2024-56554: Linux kernel binder use-after-free due to freeze work left queued when cleaning up a binder reference. The issue occurs when a reference is freed while ref->freeze.work remains queued in the process workqueue, triggering KASAN slab-use-after-free in binder_release_work. A patch...

7.8CVSS6.6AI score0.00209EPSS
CVE
CVE
added 2025/01/19 11:52 a.m.63 views

CVE-2024-57905

In CVE-2024-57905, Linux kernel iio: adc: ti-ads1119 is fixed: the scan path pushed data from a triggered buffer used a local struct with an uninitialized hole between sample and timestamp, risking information leakage to userspace. The fix initializes the scan struct to zero before use to avoid p...

7.1CVSS6AI score0.0019EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.63 views

CVE-2024-57995

CVE-2024-57995 affects the Linux kernel’s wifi ath12k driver. In ath12k_mac_assign_vif_to_vdev(), if arvif is created on a different radio it is later freed via ath12k_mac_unassign_link_vif(), and a subsequent check on arvif could read freed memory (read-after-free). The fix relocates the check t...

7.8CVSS6.6AI score0.0022EPSS
CVE
CVE
added 2025/04/01 3:41 p.m.63 views

CVE-2025-21932

CVE-2025-21932: In the Linux kernel, a merge-forcing path in vma_modify() can corrupt VMG start/end when an out-of-memory occurs during commit of a merge across VMAs. The fix adds a bail-out path and stores start/end in locals to keep VMG state pristine after a failed merge. The issue is tied to ...

5.5CVSS7AI score0.00186EPSS
CVE
CVE
added 2025/04/01 3:46 p.m.63 views

CVE-2025-21954

CVE-2025-21954 – Linux kernel netmem: prevent TX of unreadable skbs. Root cause: stable trees support netmem RX but not TX; forwarding unreadable SKBs to TX could cause DMA-mapping APIs to receive invalid DMA addresses, risking device handling. Fix: prevent the xmit of unreadable skbs. Impact (as...

5.5CVSS7AI score0.00186EPSS
CVE
CVE
added 2025/07/28 11:21 a.m.63 views

CVE-2025-38491

CVE-2025-38491 — Linux kernel TLS (TLS ULP) handling. The vulnerability stems from data disappearing from under the TLS ULP on certain reads, which could lead to undefined behavior. The fix replaces the WARN_ON() and buggy early exit (which left a freed skb anchor) with proper error handling: it ...

5.5CVSS6.3AI score0.00107EPSS
CVE
CVE
added 2025/08/12 4:2 p.m.63 views

CVE-2025-38500

CVE-2025-38500 : In the Linux kernel, a use-after-free could occur when changing xfrm interface collect_md state via xfrmi_changelink(), because the collect_md interface could be placed in both xfrmi_net and collect_md_xfrmi structures. The fix uses the xi from netdev_priv earlier in the path to ...

7.8CVSS6.9AI score0.0014EPSS
CVE
CVE
added 2025/08/16 5:30 a.m.63 views

CVE-2025-38501

CVE-2025-38501 concerns the Linux kernel component ksmbd. The vulnerability arises from allowing repeated connections from the same IP, which can exhaust the server’s maximum connections and deny access to normal clients. The connected sources indicate a patch was applied to limit repeated connec...

7.5CVSS6.6AI score0.02113EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.63 views

CVE-2025-38555

The CVE CVE-2025-38555 is a use-after-free in Linux kernel USB gadget driver during composite_dev_cleanup, arising when configfs_composite_bind() frees cdev->os_desc_req on kmalloc failure but doesn’t NULL it, leading to a subsequent use of non-NULL pointer. The issue affects the usb gadget’s ...

7.8CVSS7.1AI score0.00162EPSS
CVE
CVE
added 2025/09/05 5:21 p.m.63 views

CVE-2025-39718

CVE-2025-39718 affects the Linux kernel vulnerability in vsock/virtio packet handling. The issue arises when receiving a VSock packet in a guest: only the virtqueue buffer size was previously validated before virtio_vsock_skb_rx_put(), but the function uses the packet header length as the skb_put...

5.5CVSS6AI score0.00137EPSS
CVE
CVE
added 2026/06/03 3:50 p.m.63 views

CVE-2026-46266

Summary (CVE-2026-46266): In the Linux kernel, RAW sockets using IPPROTO_RAW (255) could be triggered by a malicious incoming ICMP packet that sets the protocol field to 255 and matches a RAW socket, causing undesired FNHE cache changes. This issue has been resolved in updates cited across multip...

9.1CVSS5.8AI score0.00346EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.62 views

CVE-1999-0451

CVE-1999-0451 affects Linux 2.0.36 and describes a local Denial of Service where local users can prevent any server from listening on a non-privileged port. The connected Red Hat and CVE payloads reiterate the same description. The sources do not provide concrete exploit details, affected package...

2.1CVSS6.7AI score0.00735EPSS
CVE
CVE
added 2000/10/13 4:0 a.m.62 views

CVE-2000-0344

The CVE-2000-0344 entry affects the knfsd NFS server in Linux kernel 2.2.x. The vulnerability is a denial of service triggered by a negative size value, exploitable by remote attackers. The available sources confirm the affected component and the impact (denial of service) but do not provide expl...

5CVSS6.8AI score0.01851EPSS
CVE
CVE
added 2002/05/03 4:0 a.m.62 views

CVE-2001-1244

Technical details such as affected products, versions, and root cause are not publicly provided in the connected documents. Monitor CVE-2001-1244 updates for concrete details.

5CVSS7.1AI score0.35293EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.62 views

CVE-2001-1397

CVE-2001-1397 affects the System V shared memory implementation in the Linux kernel before version 2.2.19. The issue allows attackers to modify recently freed memory within SYSV shared memory. Public sources consistently describe this as a kernel memory handling flaw rather than a user-space vuln...

2.1CVSS5.3AI score0.0044EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.62 views

CVE-2002-1976

CVE-2002-1976 affects Linux kernel 2.2+ where ifconfig fails to report when an interface is in promiscuous mode if activated via PACKET_MR_PROMISC, potentially allowing an attacker with local access to sniff network traffic without detection. The vulnerability description is supported by multiple...

2.1CVSS6.5AI score0.00405EPSS
CVE
CVE
added 2005/05/02 4:0 a.m.62 views

CVE-2005-1369

CVE-2005-1369 affects the it87 and via686a I2C drivers; prior to fixes in 2.6.11.8 and 2.6.12-rc2, these drivers created a writable sysfs file alarms, enabling a local attacker to cause CPU DoS by writing to it. Connected advisories indicate the issue is resolved by upgrading the kernel to a vers...

2.1CVSS5.3AI score0.00376EPSS
CVE
CVE
added 2005/05/17 4:0 a.m.62 views

CVE-2005-1589

The CVE-2005-1589 issue affects the Linux kernel’s pktcdvd (and raw device) ioctl handler. In kernel 2.6.12-rc4 and earlier, pkt_ioctl in pktcdvd.c calls the wrong function when issuing an ioctl to the block device, which can leak kernel address space to user space. This local-privilege scenario ...

7.2CVSS6AI score0.01182EPSS
Web
CVE
CVE
added 2005/08/22 4:0 a.m.62 views

CVE-2005-2098

The CVE-2005-2098 issue affects the Linux 2.6 kernel up to but before 2.6.12.5, where the KEYCTL_JOIN_SESSION_KEYRING error path fails to release the session management semaphore. This can allow local users or remote attackers to cause a denial of service (semaphore hang) by creating a new sessio...

5CVSS6AI score0.03198EPSS
CVE
CVE
added 2006/01/10 11:0 a.m.62 views

CVE-2005-4639

CVE-2005-4639: A buffer overflow in the CA-driver (dst_ca.c) for TwinHan DST Frontend/Card affects Linux kernel 2.6.12 and other versions before 2.6.15. It allows local users to crash the system and potentially execute arbitrary code by reading more than eight bytes into an eight-byte array. Publ...

4.6CVSS7.4AI score0.00469EPSS
CVE
CVE
added 2010/02/26 7:0 p.m.62 views

CVE-2005-4886

The CVE-2005-4886 entry concerns the Linux kernel prior to 2.6.12-rc4, where the selinux_parse_skb_ipv6 function in security/selinux/hooks.c can be triggered by an incorrect call to ipv6_skip_exthdr, enabling remote attackers to cause a denial of service (OOPS). Connected advisories (RHSA-2005:51...

7.8CVSS7.1AI score0.02645EPSS
CVE
CVE
added 2006/02/07 6:0 p.m.62 views

CVE-2006-0454

The CVE-2006-0454 issue affects the Linux kernel (2.6.x) where icmp_send mishandles failures in ip_options_echo, enabling remote attackers to crash the host via crafted ICMP options (record-route, timestamp with needaddr and truncated value). Public advisories from SUSE, Red Hat, Fedora, Ubuntu d...

5CVSS6.1AI score0.03774EPSS
CVE
CVE
added 2006/05/12 1:0 a.m.62 views

CVE-2006-1859

CVE-2006-1859 is a memory leak in the Linux kernel before 2.6.16.16, caused by a flaw in __setlease() within fs/locks.c. This leak can be exploited by a local attacker to cause a Denial of Service by consuming kernel memory. Multiple connected advisories reiterate the same root cause and link it ...

2.1CVSS7.2AI score0.00449EPSS
CVE
CVE
added 2020/01/15 4:37 p.m.62 views

CVE-2007-4774

CVE-2007-4774 concerns the Linux kernel prior to 2.4.36-rc1, where a race condition can bypass systrace policies by flooding a ptraced process with SIGCONT signals, potentially waking a PTRACED process. The documentation consistently describes this as a policy bypass rather than a broader impact ...

5.9CVSS5.5AI score0.01738EPSS
CVE
CVE
added 2013/08/25 1:0 a.m.62 views

CVE-2013-4220

The CVE-2013-4220 entry concerns the Linux kernel (ARM64) and the bad_mode handler in arch/arm64/kernel/traps.c. The vulnerability arises when a local user triggers a register access path that yields an unexpected ESR value, enabling a Denial of Service via a system crash on affected ARM64 kernel...

4.9CVSS6.2AI score0.00495EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.62 views

CVE-2016-8412

CVE-2016-8412 is an elevation-of-privilege vulnerability in the Qualcomm camera that could allow a local malicious app to execute arbitrary code in the kernel context. The issue affects Android kernel versions 3.10 and 3.18 and is rated High because exploitation requires first compromising a priv...

7.6CVSS6.9AI score0.01254EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.62 views

CVE-2017-0436

Summary of CVE-2017-0436 (Qualcomm sound driver privilege escalation) : The vulnerability affects Android, specifically the Qualcomm sound driver within kernel contexts (kernel versions 3.10 and 3.18). It enables a local, malicious application to elevate privileges and execute arbitrary code in t...

7.6CVSS6.6AI score0.0087EPSS
Total number of security vulnerabilities14330