Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2017/02/08 3:0 p.m.62 views

CVE-2017-0451

CVE-2017-0451 describes an information-disclosure vulnerability in the Qualcomm sound driver on Android. The issue enables a local malicious application to access data outside its granted permissions after compromising a privileged process. Affected components include Android kernels around 3.10 ...

4.7CVSS4.3AI score0.00574EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.62 views

CVE-2017-0457

The CVE-2017-0457 entry describes an elevation of privilege in the Qualcomm ADSPRPC driver on Android, allowing a local malicious app to execute arbitrary code in the kernel context. Affected components/versions include Android kernel 3.10 and 3.18 with the ADSPRPC driver as the exploit vector; t...

7.6CVSS6.6AI score0.01453EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.62 views

CVE-2017-0460

CVE-2017-0460 describes a local elevation-of-privilege in the Qualcomm networking driver on Android, allowing a malicious local app to execute code in the kernel. Affected are Android kernels 3.10 and 3.18; the exploit requires compromising a privileged process and does not appear to be remotely ...

7.6CVSS6.6AI score0.01486EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.62 views

CVE-2017-0461

CVE-2017-0461 is an information-disclosure vulnerability in the Qualcomm Wi‑Fi driver affecting Android (kernel 3.10/3.18). The issue could allow a locally malicious app to access data outside its permissions, because exploitation requires compromising a privileged process. The connected document...

4.7CVSS4.3AI score0.00866EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.62 views

CVE-2017-0464

CVE-2017-0464 is a local elevation-of-privilege vulnerability in the Qualcomm Wi‑Fi driver used by Android. The flaw allows a locally malicious application to execute arbitrary code in the kernel context after compromising a privileged process. Public documentation identifies the affected stack a...

7.6CVSS6.6AI score0.01486EPSS
CVE
CVE
added 2017/05/12 3:0 p.m.62 views

CVE-2017-0465

CVE-2017-0465 describes an elevation of privilege vulnerability in the Qualcomm ADSPRPC driver that could allow a local attacker to execute arbitrary code in the kernel context on Android devices. Affected components/versions in the public records include the Android kernel (Kernel-3.10, Kernel-3...

7.6CVSS6.6AI score0.00592EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.62 views

CVE-2017-0534

CVE-2017-0534 describes an information disclosure in the Qualcomm video driver for Android, enabling a local malicious application to access data outside its permission levels. Connected CNVD/NVD entries reiterate the issue and affected component (Qualcomm video driver) but do not provide explici...

4.7CVSS4.3AI score0.00866EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.62 views

CVE-2017-0570

CVE-2017-0570 concerns a local elevation-of-privilege flaw in the Broadcom Wi‑Fi driver used by Android. The connected Seebug entry details a heap overflow in the wl_iw_get_essid ioctl path (SIOCGIWESSID): the driver allocates a 33-byte extras buffer and copies ssid.SSID_len bytes from the dongle...

7.6CVSS6.9AI score0.01496EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.62 views

CVE-2017-0582

CVE-2017-0582 is a moderate-e severity elevation-of-privilege issue affecting the Google Nexus 9 sensor hub. The vulnerability stems from the HTC OEM fastboot command which could allow a local attacker to execute code in the sensor hub context. Technical details from connected sources describe a ...

7.6CVSS7.2AI score0.02087EPSS
Web
CVE
CVE
added 2024/05/21 2:20 p.m.62 views

CVE-2021-47273

CVE-2021-47273 concerns the Linux kernel component for the usb dwc3-meson-g12a PHY glue. When PHY0 is disabled and only PHY1 is used (e.g., Odroid-HC4), regmap initialization erroneously targets the usb2 path, since PHY1 regmap entry isn’t initialized. This can lead to a kernel NULL pointer deref...

5.5CVSS6.6AI score0.00222EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.62 views

CVE-2022-49765

CVE-2022-49765 concerns the Linux kernel 9p transport. The issue arises from inconsistent lock state between p9 client structures and the trans_fd transport path. Specifically, p9_req_put() and p9_tag_remove() interactions cross IRQ contexts but the trans_fd path used a different lock, leading to...

5.5CVSS6.5AI score0.00124EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.62 views

CVE-2022-49876

Summary: CVE-2022-49876 is a Linux kernel vulnerability in wifi/mac80211 that causes a general-protection fault when an interface’s status changes during active transmission. The issue stems from accessing sdata->bss after it is set to NULL during ieee80211_runtime_change_iftype/ieee80211_do_s...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.62 views

CVE-2022-49896

CVE-2022-49896 relates to the Linux kernel’s cxl/pmem subsystem. The issue: when a cxl_nvdimm object is removed, associated regions were not consistently disabled, because the driver tracked only one region per nvdimm device. This could leak regions and cause cxl_memdev reference leaks. The vulne...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/08/16 1:22 p.m.62 views

CVE-2023-32246

CVE-2023-32246 refers to a race in ksmbd where rcu_barrier() is not invoked during module unload, potentially allowing unloading with pending RCU callbacks and unintended kernel code execution. Multiple sources indicate the vulnerability has been resolved in the Linux kernel; no exploitation deta...

5.5CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.62 views

CVE-2023-52982

CVE-2023-52982 affects the Linux kernel fscache path for relinquished volumes. The root cause is a mismatch between wake_up_bit() and wait_var_event() on different wait-queues, which could prevent a waiter from waking and cause a hang if wake-ups are delayed. The fixes described in the sources sw...

5.5CVSS6.7AI score0.0021EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.62 views

CVE-2023-52987

CVE-2023-52987 affects the Linux kernel ASoC SOF component: ipc4-mtrace code path. The vulnerability arises from an underflow in sof_ipc4_priority_mask_dfs_write() caused by using a signed id that should be unsigned, leading to an array underflow. The available connected documents consistently st...

7.8CVSS6.5AI score0.00235EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.62 views

CVE-2023-53012

CVE-2023-53012 is documented across multiple connected advisories as a Linux kernel vulnerability affecting the thermal subsystem. The issue arises from calling put_device() before a successful device_register(), specifically in __thermal_cooling_device_register(), and is accompanied by unnecessa...

5.5CVSS6.6AI score0.00188EPSS
CVE
CVE
added 2024/08/08 8:49 a.m.62 views

CVE-2024-42255

CVE-2024-42255: The Linux kernel contains a fix for a NULL pointer dereference in the TPM HMAC handling path. Specifically, in tpm_buf_check_hmac_response(), the code previously dereferenced auth after NULL checking, which could crash if tpm2_sessions_init() was not called when TCG_TPM2_HMAC was ...

5.5CVSS6.6AI score0.00183EPSS
CVE
CVE
added 2024/09/13 5:29 a.m.62 views

CVE-2024-46688

CVE-2024-46688 - Linux kernel erofs fix : The issue is an out-of-bound access in erofs when z_erofs_gbuf_growsize() partially fails, potentially causing NULL-pointer dereference or memory leaks if the old gbuf->pages[] array is too small. The documented mitigation is to compare against gbuf-&g...

5.5CVSS5.5AI score0.002EPSS
CVE
CVE
added 2024/09/18 7:12 a.m.62 views

CVE-2024-46769

CVE-2024-46769 relates to the Linux kernel SPI Intel driver. A check for the pointer returned by devm_kasprintf() in intel_spi_populate_chip() was missing, allowing a NULL pointer to be used for pdata->name. The vulnerability has been resolved in the kernel with the fix described in the linked...

5.5CVSS5.2AI score0.00203EPSS
CVE
CVE
added 2024/09/27 12:39 p.m.62 views

CVE-2024-46837

CVE-2024-46837 affects the Linux kernel component for the DRM panthor uAPI, specifically the group_create path. The vulnerability arose from missing permission checks allowing non-privileged users to create high-priority groups. The underlying fix restricts who can set higher-than-MEDIUM prioriti...

5.5CVSS5.3AI score0.00202EPSS
CVE
CVE
added 2024/12/27 1:49 p.m.62 views

CVE-2024-53186

The CVE-2024-53186 detail describes a Linux kernel race in ksmbd SMB request handling that can cause a use-after-free (UAF). Specifically, ksmbd_conn_handler_loop() waits for conn->r_count to reach zero, while handle_ksmbd_work() decrements r_count and may free conn via ksmbd_conn_free(). Afte...

7.8CVSS7AI score0.00174EPSS
CVE
CVE
added 2025/03/12 9:42 a.m.62 views

CVE-2025-21845

Technical details about CVE-2025-21845 are not provided in the connected documents. The initial description summarizes the issue; monitor for updates.

5.5CVSS6.5AI score0.00239EPSS
CVE
CVE
added 2025/05/20 3:58 p.m.62 views

CVE-2025-37941

CVE-2025-37941 affects the Linux kernel ASoC: codecs/wcd937x. The issue is a potential memory leak in wcd937x_soc_codec_probe() when snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fail, because the allocated wcd937x->clsh_info is not released. The root cause is missing cleanup in err...

5.5CVSS7AI score0.00159EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.62 views

CVE-2025-38021

CVE-2025-38021 affects the Linux kernel in the DRM AMD Display path (drm/amd/display), where update_dchubp_dpp and related code could dereference a null pipe_ctx->plane_state. The issue is a missing null check in the update path that could lead to a null pointer dereference; it is stated to be...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.62 views

CVE-2025-38207

CVE-2025-38207 : In the Linux kernel, a bug in the uprobe handling during vma expansion could cause the upnode page table entry (pte) to be overwritten, potentially orphaning the upbump page. The issue arises when remapping a vma that includes an uprobe, causing a pte overwrite during the set_pte...

5.5CVSS6.4AI score0.00131EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.62 views

CVE-2025-38576

CVE-2025-38576 affects the Linux kernel PowerPC EEH hotplug path. Root cause: race conditions between the PCIe hotplug driver and the EEH driver can yield kernel oops during unplug/recovery cycles and bus disappearance. Resolution: refactor the EEH module to be PCI rescan and remove safe, with cl...

5.5CVSS7AI score0.00149EPSS
CVE
CVE
added 2025/08/22 4:0 p.m.62 views

CVE-2025-38644

CVE-2025-38644 is a Linux kernel issue in the MAC80211 Wi‑Fi code. When a station not yet associated sent NL80211_TDLS_ENABLE_LINK, TDLS was processed before association, leaving sdata->u.mgd.tdls_peer uninitialized and triggering a WARN_ON() in code paths that expected a valid TDLS peer. The ...

5.5CVSS6.6AI score0.00147EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.61 views

CVE-1999-0460

CVE-1999-0460 describes a buffer overflow in the Linux autofs module triggered by excessively long directory names, allowing local users to cause a denial of service. The available connected documents confirm the affected component (Linux autofs module) and the vulnerability class (buffer overflo...

2.1CVSS6.9AI score0.00735EPSS
CVE
CVE
added 2002/08/31 4:0 a.m.61 views

CVE-2001-1394

CVE-2001-1394 is a Linux kernel local vulnerability describing a signedness error in (1) getsockopt and (2) setsockopt prior to kernel version 2.2.19 that allows local users to cause a denial of service. The connected documents confirm the affected component is the Linux kernel and specify the is...

2.1CVSS5.2AI score0.004EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.61 views

CVE-2002-0704

The CVE-2002-0704 entry concerns Netfilter (iptables) NAT capability leaking translated IP addresses in ICMP error messages for versions 1.2.6a and earlier. Affected component: Netfilter (iptables) NAT feature. Root cause: NAT leaks internal addresses in ICMP error messages. Impact: potential exp...

7.5CVSS7AI score0.03242EPSS
CVE
CVE
added 2007/10/14 8:0 p.m.61 views

CVE-2002-2254

The CVE describes a vulnerability in the Linux kernel’s Netfilter/IPTables: the experimental IP packet queuing feature in kernels 2.4 (up to 2.4.19) and 2.5 (up to 2.5.31). If a privileged process exits while traffic is not queued, a later process with the same PID may access network traffic that...

2.1CVSS6.7AI score0.00363EPSS
CVE
CVE
added 2004/07/06 4:0 a.m.61 views

CVE-2004-0626

The CVE-2004-0626 issue affects the Linux kernel 2.6 netfilter subsystem when using iptables with TCP options. Affected code path is tcp_find_option; a large option length can produce a negative value after casting to char, causing an infinite loop that consumes CPU and leads to remote DoS. This ...

5CVSS6.2AI score0.02761EPSS
CVE
CVE
added 2005/03/09 5:0 a.m.61 views

CVE-2005-0207

CVE-2005-0207 corresponds to an unknown vulnerability in Linux kernel 2.4.x, 2.5.x, and 2.6.x where NFS clients can trigger a denial of service via NFS client O_DIRECT error handling. The issue is documented in multiple advisories (RHSA-2005:366 / CESA-2005:366) and CentOS/Ubuntu/NVD entries. Aff...

2.1CVSS6.2AI score0.0041EPSS
CVE
CVE
added 2005/08/17 4:0 a.m.61 views

CVE-2005-2617

The CVE-2005-2617 entry describes a vulnerability in Linux kernel 2.6.12 and later on 64-bit x86 where syscall32_setup_pages (syscall32.c) does not check the return value of insert_vm_struct. This can allow local users to trigger a memory leak via a crafted 32‑bit ELF header. Affected component: ...

3.6CVSS6.1AI score0.00335EPSS
CVE
CVE
added 2006/01/06 11:0 a.m.61 views

CVE-2006-0096

CVE-2006-0096 affects the SDLA driver in Linux kernels 2.6.x before 2.6.11 and 2.4.x before 2.4.29, describing lax capability checks for firmware upgrades. The description notes local attack vectors and an unclear impact; later investigation mentions that exploitation may require root privileges ...

7.2CVSS5.1AI score0.00411EPSS
CVE
CVE
added 2006/04/05 10:0 a.m.61 views

CVE-2006-1624

The CVE-2006-1624 entry concerns the Linux sysklogd package (syslogd) where the default configuration does not enable the -x option (disable name lookups). This enables remote attackers to induce a denial of service via traffic amplification using messages with spoofed source IP addresses. The av...

7.8CVSS6.5AI score0.02783EPSS
CVE
CVE
added 2017/10/29 6:0 a.m.61 views

CVE-2006-5331

CVE-2006-5331 affects the Linux kernel on 64-bit PowerPC systems. The altivec_unavailable_exception function mishandles the path where CONFIG_ALTIVEC is defined and the CPU supports Altivec, but Altivec support was not detected by the kernel, enabling a local user to trigger an Altivec instructio...

5.5CVSS5.2AI score0.00432EPSS
CVE
CVE
added 2009/09/22 10:0 a.m.61 views

CVE-2009-3288

The CVE-2009-3288 entry affects the Linux kernel 2.6.28-rc1 through 2.6.31-rc8. It concerns the sg_build_indirect function in drivers/scsi/sg.c, which uses an incorrect variable when accessing an array, allowing a local user to cause a Denial of Service via a kernel OOPS and NULL pointer derefere...

4.9CVSS7.1AI score0.00438EPSS
CVE
CVE
added 2009/12/13 1:0 a.m.61 views

CVE-2009-4306

CVE-2009-4306 concerns the Linux kernel’s ext4 filesystem, specifically the EXT4_IOC_MOVE_EXT (move extents) ioctl in 2.6.32-git6 and earlier. The vulnerability enables local users to trigger a denial of service through filesystem corruption via unknown vectors, and is described as distinct from ...

4.9CVSS6.3AI score0.00381EPSS
CVE
CVE
added 2009/12/24 4:0 p.m.61 views

CVE-2009-4410

The CVE-2009-4410 issue affects the Linux kernel 2.6.29-rc1 through 2.6.30.y, specifically the fuse_ioctl_copy_user path in fs/fuse/file.c. The bug stems from using the wrong variable as an argument to kunmap in the ioctl handler, enabling local users to trigger a denial of service (panic) via un...

4.9CVSS6.9AI score0.00364EPSS
CVE
CVE
added 2013/04/22 10:0 a.m.61 views

CVE-2013-3237

CVE-2013-3237 affects the Linux kernel’s vsock_stream_sendmsg in net/vmw_vsock/af_vsock.c, where a length variable is not initialized prior to use. This can allow local users to read sensitive data from kernel stack memory via crafted recvmsg/recvfrom syscalls. The issue is linked to the kernel v...

4.9CVSS6.8AI score0.00388EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.61 views

CVE-2016-8400

CVE-2016-8400 describes an information-disclosure vulnerability in the NVIDIA librm library (libnvrm) on Android (Kernel 3.18). A local malicious application could read data outside its permission levels due to improper memory handling in LIBNVRM, potentially exposing sensitive data. The vulnerab...

5.5CVSS5AI score0.00928EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.61 views

CVE-2017-0449

CVE-2017-0449 describes an elevation-of-privilege in the Broadcom Wi‑Fi driver for Android devices using the 3.10 kernel (e.g., Nexus 6P/Nexus 6). A local, privileged process could be exploited by a malicious user/application to execute arbitrary code in the kernel context. The CNVD entry corrobo...

7.6CVSS6.7AI score0.00863EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.61 views

CVE-2017-0452

CVE-2017-0452 describes an information-disclosure vulnerability in the Qualcomm camera driver on Android (kernel 3.10). The issue could allow a local malicious application to access data outside its permission levels after compromising a privileged process. Affected devices include Nexus 5X, Nexu...

4.7CVSS4.3AI score0.0101EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.61 views

CVE-2017-0453

CVE-2017-0453 : Elevation of privilege in the Qualcomm Wi‑Fi driver could allow a local malicious Android application to execute arbitrary code in the kernel context. Affected: Android on Kernel-3.10. First an attack requires compromising a privileged process. CVSS metrics indicate high impact an...

7.6CVSS6.6AI score0.01486EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.61 views

CVE-2017-0454

CVE-2017-0454 is an elevation-of-privilege vulnerability in the Qualcomm audio driver that allows a local malicious application to execute arbitrary code in the kernel context. Affected product: Android with kernel versions 3.10 and 3.18. Root cause is exploitation within the Qualcomm audio drive...

7.6CVSS6.9AI score0.01496EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.61 views

CVE-2017-0463

CVE-2017-0463 is an elevation-of-privilege in the Qualcomm networking driver affecting Android kernels (Kernel-3.10 and Kernel-3.18). The issue could let a local malicious app run code in kernel context after compromising a privileged process. The available connected sources confirm the vulnerabi...

7.6CVSS6.6AI score0.01477EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.61 views

CVE-2017-0521

CVE-2017-0521 is a local elevation-of-privilege issue in the Qualcomm camera driver that could allow a malicious local app to execute arbitrary code in the kernel. The vulnerability targets Android and is tied to kernel versions 3.10 and 3.18, with referenced impact described as high for a compro...

7.6CVSS6.6AI score0.01794EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.61 views

CVE-2017-0575

An elevation of privilege vulnerability exists in the Qualcomm Wi‑Fi driver on Android. CVE-2017-0575 can allow a local attacker to execute arbitrary code in the kernel context after compromising a privileged process. Affected products/versions include Android with the kernel versions 3.10 and 3....

7.6CVSS6.9AI score0.01496EPSS
Total number of security vulnerabilities14330