Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2010/05/21 5:0 p.m.60 views

CVE-2010-1446

CVE-2010-1446 affects KGDB in the Linux kernel on PowerPC, where arch/powerpc/mm/fsl_booke_mmu.c does not perform a proper security check for access to a kernel page. Local users could overwrite arbitrary kernel memory. The vulnerability is noted across multiple advisories (e.g., Debian DSA-2053-...

1.9CVSS6.4AI score0.0034EPSS
CVE
CVE
added 2012/05/17 10:0 a.m.60 views

CVE-2011-4112

CVE-2011-4112 affects the Linux kernel net subsystem prior to 3.1. The issue arises from improper restriction of the IFF_TX_SKB_SHARING flag, enabling local users with CAP_NET_ADMIN to access /proc/net/pktgen/pgctrl and, using the pktgen package with a bridge device for a VLAN interface, trigger ...

5.5CVSS5.2AI score0.00468EPSS
Web
CVE
CVE
added 2017/02/06 6:4 a.m.60 views

CVE-2016-10154

CVE-2016-10154 affects Linux kernel 4.9.x prior to 4.9.1. The smbhash function in fs/cifs/smbencrypt.c interacts incorrectly with CONFIG_VMAP_STACK, enabling local users to trigger a denial of service (system crash or memory corruption) or other unspecified impacts by exploiting use of more than ...

5.5CVSS5.9AI score0.00452EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.60 views

CVE-2016-8409

CVE-2016-8409 is an information-disclosure vulnerability in the NVIDIA video driver on Android (Kernel-3.10). It could allow a local malicious app with access to a privileged process to read data outside its permission levels on affected devices (e.g., Nexus 9). The issue is labeled Moderate in s...

4.7CVSS4.4AI score0.00881EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.60 views

CVE-2016-8425

CVE-2016-8425 affects the NVIDIA Tegra kernel driver (NVHOST). The issue is a use-after-free in memory handling that can allow a local unprivileged process to escalate to the kernel, potentially enabling arbitrary code execution or denial of service. Exploitation status is not provided in the sup...

9.3CVSS7.4AI score0.01619EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.60 views

CVE-2016-8477

CVE-2016-8477 targets the Qualcomm camera driver in Android and is an information disclosure vulnerability. A local malicious application could access data outside its permission level after compromising a privileged process, making this a local, privilege-requiring issue. Affected: Android on Ke...

4.7CVSS4.3AI score0.00866EPSS
Web
CVE
CVE
added 2017/04/05 2:0 p.m.60 views

CVE-2017-0327

CVE-2017-0327 affects the NVIDIA crypto driver in the Android/Tegr­a kernel. The connected document notes that the vulnerability arises because an input buffer is copied to an output buffer without validating the input size, which may lead to memory corruption and a denial of service (the NVIDIA ...

7.6CVSS6.9AI score0.01841EPSS
CVE
CVE
added 2017/02/08 3:0 p.m.60 views

CVE-2017-0435

CVE-2017-0435 is an elevation-of-privilege in the Qualcomm sound driver affecting Android kernels (Kernel-3.10 and Kernel-3.18). The vulnerability could let a local malicious app execute arbitrary code in the kernel context after compromising a privileged process. The CVE is documented with Qualc...

7.6CVSS6.6AI score0.00773EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.60 views

CVE-2017-0462

CVE-2017-0462 describes an elevation-of-privilege vulnerability in the Qualcomm Seemp driver that could allow a local malicious Android application to execute arbitrary code in the kernel context. Affected product is Android with Kernel-3.18; Android ID A-33353601. The base impact is high, requir...

7.6CVSS6.9AI score0.00995EPSS
CVE
CVE
added 2017/04/07 10:0 p.m.60 views

CVE-2017-0574

CVE-2017-0574 describes an elevation-of-privilege vulnerability in the Broadcom Wi‑Fi driver on Android. The issue could allow a local malicious application to execute arbitrary code in the kernel context by exploiting the Wi‑Fi driver, with the Android platform and kernel versions specified as K...

7.6CVSS6.9AI score0.01496EPSS
CVE
CVE
added 2017/02/06 6:4 a.m.60 views

CVE-2017-5548

The CVE-2017-5548 issue affects the Linux kernel 4.9.x up to 4.9.5, where drivers/net/ieee802154/atusb.c interacts with CONFIG_VMAP_STACK. This can allow local users to cause a denial of service (system crash or memory corruption) or other impact by using more than one virtual page for a DMA scat...

7.8CVSS7.6AI score0.00451EPSS
CVE
CVE
added 2019/06/14 1:24 a.m.60 views

CVE-2019-12818

CVE-2019-12818 affects the Linux kernel prior to 4.20.15. The issue is in the NFC LLCP code: nfc_llcp_build_tlv in net/nfc/llcp_commands.c may return NULL, and if the caller neglects to check, a NULL pointer dereference can occur, leading to denial of service. The vulnerability impacts nfc_llcp_b...

7.5CVSS7.7AI score0.05482EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.60 views

CVE-2022-48886

The CVE-2022-48886 issue affects the Linux kernel ice subsystem and is due to not validating kzalloc return, allowing NULL pointer dereference. The fix adds a return-value check for kzalloc and uses a goto-label for cleanup to share code paths. Connected advisories (SUSE/SU-2024:3209-1, SUSE/SU-2...

5.5CVSS6.5AI score0.00205EPSS
CVE
CVE
added 2024/10/21 8:6 p.m.60 views

CVE-2022-49030

The CVE-2022-49030 issue affects the Linux kernel component libbpf, specifically a size overflow in ringbuf mmap when mapping producer and data pages. The root cause is an overflow of the 32-bit read/write region size (max 2GB ringbuf on x86-64) due to computing 2 * max_entries, which can overflo...

7.8CVSS7.4AI score0.00277EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.60 views

CVE-2022-49760

The CVE-2022-49760 entry documents a Linux kernel issue in hugetlb_change_protection related to PTE marker handling when using uffd-wp. The root cause, as described across connected reports, is that uffd-wp can cause incorrect handling of a PTE marker in two scenarios: (1) protecting a PTE marker...

5.5CVSS6.6AI score0.0015EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.60 views

CVE-2022-49847

CVE-2022-49847 concerns a segmentation fault in the Linux kernel's ti_am65 cpsw Ethernet driver (am65_cpsw_nuss) during module removal. The fix changes the cleanup sequence: am65_cpsw_nuss_phylink_cleanup() is moved to run after am65_cpsw_nuss_cleanup_ndev(), ensuring phylink remains valid while ...

5.5CVSS6.4AI score0.0014EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.60 views

CVE-2022-49851

CVE-2022-49851 — Linux kernel (RISC-V) reserved memory setup Vulnerability context: The issue arises in how RISC-V sets up reserved memory using the early device-tree copy. The pointer to reserved memory regions can be an early, pre-virtual-memory address when accessed via of_reserved_mem_lookup(...

7.1CVSS6.3AI score0.00171EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.60 views

CVE-2022-49866

CVE-2022-49866 concerns a memory‑leak in the Linux kernel’s MHI/wwan path: the MHI driver registered a network device without marking needs_free_netdev, so free_netdev() wasn’t called on unregister. The public sources describe a patch that sets needs_free_netdev to true when registering the netwo...

5.5CVSS6.4AI score0.00163EPSS
CVE
CVE
added 2025/05/01 2:10 p.m.60 views

CVE-2022-49883

CVE-2022-49883 is a Linux kernel KVM x86 vulnerability related to SMM handling. The issue arises because the number of general purpose registers (GPRs) used for the SMRAM image depends on the image format. On 64‑bit hosts, if the guest lacks X86_FEATURE_LM, KVM may access 16 GPRs for a 32‑bit SMR...

7.1CVSS6.8AI score0.00153EPSS
CVE
CVE
added 2023/04/06 12:0 a.m.60 views

CVE-2023-20660

CVE-2023-20660 affects the WLAN component in MediaTek devices, with an out-of-bounds read caused by an integer overflow that can lead to local information disclosure. Exploitation requires SYSTEM-level privileges, and no user interaction is needed. A patch is referenced (ALPS07588383 / ALPS075883...

4.4CVSS4.2AI score0.00093EPSS
CVE
CVE
added 2023/06/06 12:11 p.m.60 views

CVE-2023-20716

CVE-2023-20716 concerns the wlan component in MediaTek chips, where an out-of-bounds write occurs due to a missing bounds check in the WLAN driver. This can lead to local escalation of privileges with System execution rights, and no user interaction is required. Reported patch: ALPS07796883 (Issu...

6.7CVSS6.7AI score0.00093EPSS
CVE
CVE
added 2025/08/16 1:25 p.m.60 views

CVE-2023-32249

CVE-2023-32249 affects the Linux kernel ksmbd component. The issue is mitigated by a patch that returns STATUS_NOT_SUPPORTED when the binding session is a guest on multichannel, effectively disallowing guest access for that path. The NVD metrics classify the impact as locally exploitable with low...

5.5CVSS6.6AI score0.00151EPSS
CVE
CVE
added 2024/05/17 2:24 p.m.60 views

CVE-2023-52684

CVE-2023-52684 affects the Linux kernel’s Qualcomm QSEE communication driver (qseecom). The issue involves memory leaks in error paths where memory allocated for SCM calls could fail to be freed. The root cause was returning error codes directly instead of jumping to the cleanup labels that relea...

5.5CVSS6.7AI score0.00202EPSS
CVE
CVE
added 2024/08/21 6:10 a.m.60 views

CVE-2023-52914

The CVE-2023-52914 entry concerns a Linux kernel issue in the io_uring/poll path. The vulnerability arises when a ready poll request cannot complete inline, so a hash is not added, which can lead to loss of access to the poll request and a subsequent request leak, potentially stalling the ring ex...

5.5CVSS6.5AI score0.00205EPSS
CVE
CVE
added 2024/09/13 5:29 a.m.60 views

CVE-2024-46696

CVE-2024-46696 concerns a Linux kernel vulnerability in nfsd4_cb_getattr_release where a use-after-free occurs after a delegation reference is dropped. The embedded fields become unsafe to access if not done last. Connected documents confirm this is a local issue in the kernel’s NFS daemon with a...

7.8CVSS7.3AI score0.00215EPSS
CVE
CVE
added 2025/02/27 8:0 p.m.60 views

CVE-2025-21807

CVE-2025-21807 (Linux kernel) affects the block subsystem. queue_attr_store() previously freezes the device queue before invoking the attribute store operation. For attributes controlling queue limits, the store could lock queue limits via queue_limits_start_update(), creating an ABBA deadlock if...

5.5CVSS6.5AI score0.00119EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.60 views

CVE-2025-38347

CVE-2025-38347 is tied to a Linux kernel issue in the F2FS file system. The description details a deadlock scenario during mknod in a corrupted directory, caused by locking the directory inode page twice while processing ACL/xattrs. The root cause is a mismatch between inode number and xattr inod...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/08/16 10:55 a.m.60 views

CVE-2025-38515

CVE-2025-38515 concerns a race in the Linux kernel’s DRM scheduler. The description states a small race between drm/sched spsc_queue_push and the run-job worker, where spsc_queue_push may return not-first while the worker has idled due to the job count reaching zero. The consequence is that job s...

4.7CVSS6.5AI score0.00141EPSS
CVE
CVE
added 2025/08/16 10:55 a.m.60 views

CVE-2025-38516

CVE-2025-38516 is a Linux kernel vulnerability in the pinctrl/qcom/msm subsystem. The issue arises when certain pins are registered as IRQ-capable on platforms where intr_detection_width is not 1 or 2, enabling a user-space trigger that can cause a BUG() in msm_gpio_irq_set_type() and potentially...

5.5CVSS6.3AI score0.00149EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.60 views

CVE-2025-38556

The Connected documents confirm CVE-2025-38556 affects the Linux kernel HID core, where the s32ton() conversion could crash when invoked with 0 bits. The fix HardenS32ton() so that it returns a reasonable result instead of faulting on 0-bit input, aligning behavior with snto32(). This CVE entry i...

7.1CVSS7.2AI score0.0015EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.60 views

CVE-2025-38565

CVE-2025-38565: In the Linux kernel perf_mmap() path, if buffer allocation fails the code still invokes event_mapped(), which can increment perf_rdpmc_allowed on x86 and leaks references because perf_mmap_close() is not called. The documented fix is to return early on failure to prevent the refer...

7.8CVSS7.1AI score0.00168EPSS
CVE
CVE
added 2026/02/13 1:29 p.m.60 views

CVE-2026-23112

CVE-2026-23112 affects the Linux kernel nvmet-tcp implementation. The issue in nvmet_tcp_build_pdu_iovec allows walking past cmd->req.sg when a PDU length/offset exceeds sg_cnt, causing bogus sg->length/offset usage and leading to _copy_to_iter() GPF/KASAN. The fix adds guards for sg_idx, r...

9.8CVSS5.2AI score0.00399EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.60 views

CVE-2026-46124

CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...

7.5CVSS5.8AI score0.00425EPSS
CVE
CVE
added 2000/02/04 5:0 a.m.59 views

CVE-1999-0401

CVE-1999-0401 describes a race condition in Linux kernel 2.2.1 that allows local users to read arbitrary memory from /proc files. The vulnerability arises from a race in the /proc handling in Linux 2.2.1, enabling partial/possible disclosure of memory contents to unprivileged local users. Affecte...

3.7CVSS6.7AI score0.00308EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.59 views

CVE-1999-1352

CVE-1999-1352 describes a local privilege/vulnerability in Linux 2.2 where mknod follows symbolic links, potentially allowing a local user to overwrite files or gain privileges. The connected sources reiterate this behavior but do not provide concrete exploitation details, specific vulnerable ver...

4.6CVSS6.9AI score0.00384EPSS
CVE
CVE
added 2006/01/27 10:0 p.m.59 views

CVE-2002-1573

CVE-2002-1573 refers to an unspecified vulnerability in the Linux kernel’s pcilynx ieee1394 (pcilynx.c) driver, affected in kernels before 2.4.20 and related to wrap handling. The initial description notes unknown impact and attack vectors; public detail is limited. Public references describe the...

10CVSS6.4AI score0.02221EPSS
CVE
CVE
added 2004/07/13 4:0 a.m.59 views

CVE-2004-0658

CVE-2004-0658 describes an integer overflow in the hpsb_alloc_packet function of the IEEE 1394 (Firewire) driver (versions 2.4 and 2.6). This vulnerability can allow local users to cause a denial of service (crash) and potentially execute arbitrary code through the functions raw1394_write, state_...

7.2CVSS7.9AI score0.00432EPSS
CVE
CVE
added 2005/02/06 5:0 a.m.59 views

CVE-2005-0180

CVE-2005-0180 involves multiple signedness errors in sg_scsi_ioctl (scsi_ioctl.c) of Linux 2.6.x. The flaw lets a local user read or modify kernel memory by passing negative integers to the ioctl, bypassing a maximum-length check before copy_from_user/copy_to_user. Connected advisories (e.g., Man...

3.6CVSS7.3AI score0.00507EPSS
CVE
CVE
added 2006/01/09 8:0 p.m.59 views

CVE-2005-4351

CVE-2005-4351 – Summary (concrete details from connected docs): The vulnerability affects BSD Securelevels implementations in FreeBSD (up to 6.0-STABLE and 7.0-CURRENT), OpenBSD (up to 3.8), DragonFly (up to 1.2), and Linux (up to 2.6.15). The root cause is that, while securelevels protect files ...

4.3CVSS6.5AI score0.00426EPSS
Web
CVE
CVE
added 2017/08/07 3:0 a.m.59 views

CVE-2006-3635

CVE-2006-3635 concerns the Linux kernel ia64 subsystem prior to 2.6.26. The vulnerability arises from mishandling of invalid Register Stack Engine (RSE) state, enabling a local attacker to trigger a denial of service through stack consumption, potentially crashing the system. The issue is limited...

5.5CVSS5AI score0.00532EPSS
CVE
CVE
added 2007/09/18 7:0 p.m.59 views

CVE-2007-0997

CVE-2007-0997 describes a race condition in the Linux kernel 2.6.17 through 2.6.17.6 affecting the tee (sys_tee) system call. The issue could allow local users to cause a denial of service (system crash), obtain sensitive information (kernel memory contents), or gain privileges via unspecified ve...

6.9CVSS6.4AI score0.00249EPSS
CVE
CVE
added 2007/07/12 4:0 p.m.59 views

CVE-2007-3720

The CVE-2007-3720 entry describes a vulnerability in the Linux kernel 2.4 process scheduler that uses CPU billing from periodic sampling ticks. This design allows local users to cause a denial of service (CPU consumption) by calling voluntary nanosecond sleeps, making the process inactive during ...

2.1CVSS6.1AI score0.00311EPSS
CVE
CVE
added 2008/10/03 5:18 p.m.59 views

CVE-2008-4410

CVE-2008-4410 affects Linux kernel 2.6.26.5: the vmi_write_ldt_entry function in arch/x86/kernel/vmi_32.c invokes write_idt_entry where write_ldt_entry was intended, enabling local users to trigger a denial of service (persistent application failure) through crafted function calls. The descriptio...

4.9CVSS5.7AI score0.00381EPSS
CVE
CVE
added 2009/10/30 8:5 p.m.59 views

CVE-2009-3623

CVE-2009-3623 affects the Linux kernel (nfsd4) via the lookup_cb_cred function in fs/nfsd/nfs4callback.c. When a client uses AUTH_NULL for NFSv4, the code may access the credentials cache and trigger a NULL pointer dereference, causing a denial of service (system crash). The public details come f...

7.8CVSS7.3AI score0.03474EPSS
CVE
CVE
added 2010/04/20 3:0 p.m.59 views

CVE-2010-1488

The CVE-2010-1488 issue affects the Linux kernel prior to 2.6.34-rc4, where proc_oom_score in fs/proc/base.c selects a candidate for the OOM killer using inappropriate data structures. This could allow local users to trigger a denial of service via certain task-creation patterns. The vulnerabilit...

2.1CVSS6.2AI score0.0034EPSS
CVE
CVE
added 2010/10/08 8:0 p.m.59 views

CVE-2010-2938

CVE-2010-2938 affects the Linux kernel 2.6.18 on Red Hat Enterprise Linux 5, specifically arch/x86/hvm/vmx/vmcs.c VMCS handling. The flaw occurs on Intel platforms without Extended Page Tables (EPT) where VMCS fields are accessed without confirming hardware support. Local users can cause a denial...

4.9CVSS7.1AI score0.00346EPSS
CVE
CVE
added 2013/07/28 6:0 p.m.59 views

CVE-2013-4129

The CVE-2013-4129 issue affects the Linux kernel up to version 3.10.3, in the bridge multicast code (net/bridge/br_mdb.c and net/bridge/br_multicast.c). The underlying flaw is a timer state check: a timer’s timeout value can be modified without confirming whether the timer is armed, enabling a lo...

4.7CVSS6.2AI score0.00454EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.59 views

CVE-2016-8401

CVE-2016-8401 is an information-disclosure vulnerability in Android’s kernel components, including the ION subsystem, Binder, USB driver, and networking stack. The issue allows a local malicious application to access data outside its permission level, requiring compromise of a privileged process ...

4.7CVSS3.9AI score0.01046EPSS
CVE
CVE
added 2017/03/08 1:0 a.m.59 views

CVE-2017-0306

CVE-2017-0306 affects the NVIDIA Tegra GPU driver (NVHOST) within the Android kernel (Kernel-3.10). A vulnerability in the NVHOST driver copies an input buffer to an output buffer without validating size, which can lead to denial of service and may enable local privilege escalation by a malicious...

9.3CVSS7.2AI score0.01741EPSS
CVE
CVE
added 2017/05/02 9:0 p.m.59 views

CVE-2017-0331

CVE-2017-0331 (NVIDIA Tegra kernel driver, NVMAP): An elevation-of-privilege/DoS issue where untrusted data can change between validation and use, potentially allowing a local attacker to escalate privileges or cause kernel-state impact. Affected context references Android on kernel 3.10 and the ...

9.3CVSS7.2AI score0.00716EPSS
Total number of security vulnerabilities14330