Lucene search

K
LinuxLinux Kernel

10748 matches found

CVE
CVE
added 2025/06/18 10:15 a.m.15 views

CVE-2025-38075

In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix timeout on deleted connection NOPIN response timer may expire on a deleted connection and crash withsuch logs: Did not receive response to NOPIN on CID: 0, failing connection for I_T Nexus (null),i,0x00023d...

6.4AI score0.00035EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.15 views

CVE-2025-38116

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix uaf in ath12k_core_init() When the execution of ath12k_core_hw_group_assign() orath12k_core_hw_group_create() fails, the registered notifier chain is notunregistered properly. Its memory is freed after rmmod, whic...

7.2AI score0.00028EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.15 views

CVE-2025-38137

In the Linux kernel, the following vulnerability has been resolved: PCI/pwrctrl: Cancel outstanding rescan work when unregistering It's possible to trigger use-after-free here by: (a) forcing rescan_work_func() to take a long time and(b) utilizing a pwrctrl driver that may be unloaded for some reas...

7.2AI score0.00039EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.15 views

CVE-2025-38155

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init()does not check for this case, which results in a NULL pointerdereference. Prevent null pointer ...

7.1AI score0.00025EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.15 views

CVE-2025-38186

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix double invocation of bnxt_ulp_stop()/bnxt_ulp_start() Before the commit under the Fixes tag below, bnxt_ulp_stop() andbnxt_ulp_start() were always invoked in pairs. After that commit,the new bnxt_ulp_restart() can be i...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.15 views

CVE-2025-38205

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Avoid divide by zero by initializing dummy pitch to 1 [Why]If the dummy values in populate_dummy_dml_surface_cfg() aren't updatedthen they can lead to a divide by zero in downstream callers likeCalculateVMAndRowByt...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.15 views

CVE-2025-38210

In the Linux kernel, the following vulnerability has been resolved: configfs-tsm-report: Fix NULL dereference of tsm_ops Unlike sysfs, the lifetime of configfs objects is controlled byuserspace. There is no mechanism for the kernel to find and delete allcreated config-items. Instead, the configfs-t...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.15 views

CVE-2025-38223

In the Linux kernel, the following vulnerability has been resolved: ceph: avoid kernel BUG for encrypted inode with unaligned file size The generic/397 test hits a BUG_ON for the case of encrypted inode withunaligned file size (for example, 33K or 1K): [ 877.737811] run fstests generic/397 at 2025-...

6.2AI score0.00014EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.15 views

CVE-2025-38228

In the Linux kernel, the following vulnerability has been resolved: media: imagination: fix a potential memory leak in e5010_probe() Add video_device_release() to release the memory allocated byvideo_device_alloc() if something goes wrong.

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/09 11:15 a.m.15 views

CVE-2025-38253

In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix crash in wacom_aes_battery_handler() Commit fd2a9b29dc9c ("HID: wacom: Remove AES power_supply after extendedinactivity") introduced wacom_aes_battery_handler() which is scheduledas a delayed work (aes_battery_work)...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/09 11:15 a.m.15 views

CVE-2025-38256

In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: fix folio unpinning syzbot complains about an unmapping failure: [ 108.070381][ T14] kernel BUG at mm/gup.c:71![ 108.070502][ T14] Internal error: Oops - BUG: 00000000f2000800 [#1] SMP[ 108.123672][ T14] Hardware nam...

6.2AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.15 views

CVE-2025-38267

In the Linux kernel, the following vulnerability has been resolved: ring-buffer: Do not trigger WARN_ON() due to a commit_overrun When reading a memory mapped buffer the reader page is just swapped outwith the last page written in the write buffer. If the reader page is thesame as the commit buffer...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.15 views

CVE-2025-38268

In the Linux kernel, the following vulnerability has been resolved: usb: typec: tcpm: move tcpm_queue_vdm_unlocked to asynchronous work A state check was previously added to tcpm_queue_vdm_unlocked toprevent a deadlock where the DisplayPort Alt Mode driver would beexecuting work and attempting to g...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.15 views

CVE-2025-38284

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: pci: configure manual DAC mode via PCI config API only To support 36-bit DMA, configure chip proprietary bit via PCI config APIor chip DBI interface. However, the PCI device mmap isn't set yet andthe DBI is also inacce...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.15 views

CVE-2025-38295

In the Linux kernel, the following vulnerability has been resolved: perf/amlogic: Replace smp_processor_id() with raw_smp_processor_id() in meson_ddr_pmu_create() The Amlogic DDR PMU driver meson_ddr_pmu_create() function incorrectly usessmp_processor_id(), which assumes disabled preemption. This l...

6.4AI score0.00025EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.15 views

CVE-2025-38380

In the Linux kernel, the following vulnerability has been resolved: i2c/designware: Fix an initialization issue The i2c_dw_xfer_init() function requires msgs and msg_write_idx from thedev context to be initialized. amd_i2c_dw_xfer_quirk() inits msgs and msgs_num, but not msg_write_idx. This could a...

6.4AI score0.0004EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.15 views

CVE-2025-38403

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet beforepopulating the fields to avoid any uninitialised data being left in thestructure.

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.15 views

CVE-2025-38439

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT When transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()with the proper length instead of 0. This bug triggers this warningon a system with IOMMU enabled: WARNING: CPU...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.15 views

CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk->sk_forward_alloc can overflow. When we send data, if an skb exists at the tail of the write queue, thekernel will attempt to append ...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.15 views

CVE-2025-38468

In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo roottc qdisc add dev lo root handle 1: htb default 1tc class add dev lo pa...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.15 views

CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg(called during qfq_enqueue) while other threads access itconcurrently. For example, qfq_dump_class may trigg...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.15 views

CVE-2025-38480

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insn_rw_emulate_bits() For Comedi INSN_READ and INSN_WRITE instructions on "digital"subdevices (subdevice types COMEDI_SUBD_DI, COMEDI_SUBD_DO, andCOMEDI_SUBD_DIO), it is common for the subd...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.14 views

CVE-2022-50223

In the Linux kernel, the following vulnerability has been resolved: LoongArch: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK When CONFIG_CPUMASK_OFFSTACK and CONFIG_DEBUG_PER_CPU_MAPS is selected,cpu_max_bits_warn() generates a runtime warning similar as below whilewe show /proc/cpuinfo. Fix t...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.14 views

CVE-2022-50232

In the Linux kernel, the following vulnerability has been resolved: arm64: set UXN on swapper page tables [ This issue was fixed upstream by accident in c3cee924bd85 ("arm64:head: cover entire kernel image in initial ID map") as part of alarge refactoring of the arm64 boot flow. This simple fix is ...

6.3AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38039

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled When attempting to enable MQPRIO while HTB offload is alreadyconfigured, the driver currently returns -EINVAL and triggers aWARN_ON, leading to an unnecessar...

6.7AI score0.00025EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38041

In the Linux kernel, the following vulnerability has been resolved: clk: sunxi-ng: h616: Reparent GPU clock during frequency changes The H616 manual does not state that the GPU PLL supportsdynamic frequency configuration, so we must take extra care when changingthe frequency. Currently any attempt ...

6.7AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38047

In the Linux kernel, the following vulnerability has been resolved: x86/fred: Fix system hang during S4 resume with FRED enabled Upon a wakeup from S4, the restore kernel starts and initializes theFRED MSRs as needed from its perspective. It then loads a hibernationimage, including the image kernel...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38062

In the Linux kernel, the following vulnerability has been resolved: genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie The IOMMU translation for MSI message addresses has been a 2-step process,separated in time: iommu_dma_prepare_msi(): A cookie pointer containing the IOV...

6.1AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38064

In the Linux kernel, the following vulnerability has been resolved: virtio: break and reset virtio devices on device_shutdown() Hongyu reported a hang on kexec in a VM. QEMU reported invalid memoryaccesses during the hang. Invalid read at addr 0x102877002, size 2, region '(null)', reason: rejected ...

6.2AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.14 views

CVE-2025-38071

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Check return value from memblock_phys_alloc_range() At least with CONFIG_PHYSICAL_START=0x100000, if there is

6.3AI score0.00026EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.14 views

CVE-2025-38114

In the Linux kernel, the following vulnerability has been resolved: e1000: Move cancel_work_sync to avoid deadlock Previously, e1000_down called cancel_work_sync for the e1000 reset task(via e1000_down_and_stop), which takes RTNL. As reported by users and syzbot, a deadlock is possible in the follo...

7.1AI score0.00026EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.14 views

CVE-2025-38139

In the Linux kernel, the following vulnerability has been resolved: netfs: Fix oops in write-retry from mis-resetting the subreq iterator Fix the resetting of the subrequest iterator in netfs_retry_write_stream()to use the iterator-reset function as the iterator may have been shortenedby a previous...

6.9AI score0.00035EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.14 views

CVE-2025-38141

In the Linux kernel, the following vulnerability has been resolved: dm: fix dm_blk_report_zones If dm_get_live_table() returned NULL, dm_put_live_table() was nevercalled. Also, it is possible that md->zone_revalidate_map will changewhile calling this function. Only read it once, so that we are a...

7.1AI score0.00024EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.14 views

CVE-2025-38169

In the Linux kernel, the following vulnerability has been resolved: arm64/fpsimd: Avoid clobbering kernel FPSIMD state with SMSTOP On system with SME, a thread's kernel FPSIMD state may be erroneouslyclobbered during a context switch immediately after that state isrestored. Systems without SME are ...

7.1AI score0.00024EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.14 views

CVE-2025-38172

In the Linux kernel, the following vulnerability has been resolved: erofs: avoid using multiple devices with different type For multiple devices, both primary and extra devices should be thesame type. erofs_init_device has already guaranteed that if theprimary is a file-backed device, extra devices...

7.2AI score0.00024EPSS
CVE
CVE
added 2025/07/04 11:15 a.m.14 views

CVE-2025-38176

In the Linux kernel, the following vulnerability has been resolved: binder: fix use-after-free in binderfs_evict_inode() Running 'stress-ng --binderfs 16 --timeout 300' under KASAN-enabledkernel, I've noticed the following: BUG: KASAN: slab-use-after-free in binderfs_evict_inode+0x1de/0x2d0Write of...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.14 views

CVE-2025-38179

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix max_sge overflow in smb_extract_folioq_to_rdma() This fixes the following problem: [ 749.901015] [ T8673] run fstests cifs/001 at 2025-06-17 09:40:30[ 750.346409] [ T9870] ==========================================...

6.8AI score0.00024EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.14 views

CVE-2025-38187

In the Linux kernel, the following vulnerability has been resolved: drm/nouveau: fix a use-after-free in r535_gsp_rpc_push() The RPC container is released after being passed to r535_gsp_rpc_send(). When sending the initial fragment of a large RPC and passing thecaller's RPC container, the container...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.14 views

CVE-2025-38188

In the Linux kernel, the following vulnerability has been resolved: drm/msm/a7xx: Call CP_RESET_CONTEXT_STATE Calling this packet is necessary when we switch contexts because thereare various pieces of state used by userspace to synchronize between BRand BV that are persistent across submits and we...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/09 11:15 a.m.14 views

CVE-2025-38254

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add sanity checks for drm_edid_raw() When EDID is retrieved via drm_edid_raw(), it doesn't guarantee toreturn proper EDID bytes the caller wants: it may be either NULL (thatleads to an Oops) or with too long bytes ...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38279

In the Linux kernel, the following vulnerability has been resolved: bpf: Do not include stack ptr register in precision backtracking bookkeeping Yi Lai reported an issue ([1]) where the following warning appearsin kernel dmesg:[ 60.643604] verifier backtracking bug[ 60.643635] WARNING: CPU: 10 PID:...

6.3AI score0.00035EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38299

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: mt8195: Set ETDM1/2 IN/OUT to COMP_DUMMY() ETDM2_IN_BE and ETDM1_OUT_BE are defined as COMP_EMPTY(),in the case the codec dai_name will be null. Avoid a crash if the device tree is not assigning a codecto these link...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38301

In the Linux kernel, the following vulnerability has been resolved: nvmem: zynqmp_nvmem: unbreak driver after cleanup Commit 29be47fcd6a0 ("nvmem: zynqmp_nvmem: zynqmp_nvmem_probe cleanup")changed the driver to expect the device pointer to be passed as the"context", but in nvmem the context paramet...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38302

In the Linux kernel, the following vulnerability has been resolved: block: don't use submit_bio_noacct_nocheck in blk_zone_wplug_bio_work Bios queued up in the zone write plug have already gone through all allpreparation in the submit_bio path, including the freeze protection. Submitting them throu...

6.6AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38306

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks.That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem anda...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38315

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: btintel: Check dsbr size from EFI variable Since the size of struct btintel_dsbr is already known, we can juststart there instead of querying the EFI variable size. If the finalresult doesn't match what we expect also fa...

6.6AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.14 views

CVE-2025-38317

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Fix buffer overflow in debugfs If the user tries to write more than 32 bytes then it results in memorycorruption. Fortunately, this is debugfs so it's limited to root users.

7.1AI score0.00024EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.14 views

CVE-2025-38325

In the Linux kernel, the following vulnerability has been resolved: ksmbd: add free_transport ops in ksmbd connection free_transport function for tcp connection can be called from smbdirect.It will cause kernel oops. This patch add free_transport ops in ksmbdconnection, and add each free_transports...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.14 views

CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info(),because the source string length was rounded up to the allocation size.

6.3AI score0.00026EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.14 views

CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already donefd_install(). So we need to also free the sync_file. Patchwork: https://patchwork.freedesktop.org/patch/653583...

6.3AI score0.00024EPSS
Total number of security vulnerabilities10748