Lucene search

K
LinuxLinux Kernel

10748 matches found

CVE
CVE
added 2025/07/25 4:15 p.m.15 views

CVE-2025-38458

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() atmarpd_dev_ops does not implement the send method, which may cause crashas bellow. BUG: kernel NULL pointer dereference, address: 0000000000000000PGD 0 P4D 0Oops: Oops: 0010...

5.9AI score0.00032EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.15 views

CVE-2025-38472

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrackentry from the hash bucket list:[exception RIP: __nf_ct_delete_from_lists+172][..]#7 [ff...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.14 views

CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without callingdrm_sched_entity_push_job(), so msm_job_free() will never getcalled. Since drm_sched_job_cleanup() will NULL out thes_fence, we...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.14 views

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports [1, 2] crashes caused by an attempts to pingthe device which has failed to load firmware. Since such a devicedoesn't pass 'ieee80211_register_hw...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38443

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_genl_connect() error path There is a use-after-free issue in nbd: block nbd6: Receive control failed (result -104)block nbd6: shutting down sockets BUG: KASAN: slab-use-after-free in recv_work+0x694/0xa80 driver...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool isallocated on the stack and assigned to conf->r1bio_pool.This results in conf->r1bio_pool.wait.head pointingto a stack addre...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38449

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attachedto a DRM framebuffer. This leads to the release of the dma-buf backingthe buffer object, if any. [1] Tr...

6.7AI score0.00023EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38457

In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort __tc_modify_qdisc if parent class does not exist Lion's patch [1] revealed an ancient bug in the qdisc API.Whenever a user creates/modifies a qdisc specifying as a parent anotherqdisc, the qdisc API will, during gr...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transportfrom becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport();add a lockdep assert. BUG: ...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.14 views

CVE-2025-38467

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling If there's support for another console device (such as a TTY serial),the kernel occasionally panics during boot. The panic message and arelevant snippet of the call st...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.14 views

CVE-2025-38478

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix initialization of data for instructions that write to subdevice Some Comedi subdevice instruction handlers are known to accessinstruction data elements beyond the first insn->n elements in somecases. The do_insn_ioct...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/28 12:15 p.m.14 views

CVE-2025-38482

In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 <options[1]) & 0x8cec) { However, it->opti...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.13 views

CVE-2022-50107

In the Linux kernel, the following vulnerability has been resolved: cifs: Fix memory leak when using fscache If we hit the 'index == next_cached' case, we leak a refcount on thestruct page. Fix this by using readahead_folio() which takes care ofthe refcount for you.

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.13 views

CVE-2025-38055

In the Linux kernel, the following vulnerability has been resolved: perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq Currently, using PEBS-via-PT with a sample frequency instead of a sampleperiod, causes a segfault. For example: BUG: kernel NULL pointer dereference, address: 000000000...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.13 views

CVE-2025-38069

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops Fix a kernel oops found while testing the stm32_pcie Endpoint driverwith handling of PERST# deassertion: During EP initialization, pci_epf_test_alloc_space() a...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/02 3:15 p.m.13 views

CVE-2025-38091

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: check stream id dml21 wrapper to get plane_id [Why & How]Fix a false positive warning which occurs due to lack of correct checkswhen querying plane_id in DML21. This fixes the warning when performing amode1 reset (...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.13 views

CVE-2025-38128

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: reject malformed HCI_CMD_SYNC commands In 'mgmt_hci_cmd_sync()', check whether the size of parameters passedin 'struct mgmt_cp_hci_cmd_sync' matches the total size of the data(i.e. 'sizeof(struct mgmt_cp_hci_cmd_sy...

7.2AI score0.00026EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.13 views

CVE-2025-38130

In the Linux kernel, the following vulnerability has been resolved: drm/connector: only call HDMI audio helper plugged cb if non-null On driver remove, sound/soc/codecs/hdmi-codec.c calls the plugged_cbwith NULL as the callback function and codec_dev, as seen in itshdmi_remove function. The HDMI au...

7.1AI score0.00026EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.13 views

CVE-2025-38134

In the Linux kernel, the following vulnerability has been resolved: usb: acpi: Prevent null pointer dereference in usb_acpi_add_usb4_devlink() As demonstrated by the fix for update_port_device_state,commit 12783c0b9e2c ("usb: core: Prevent null pointer dereference in update_port_device_state"),usb_...

7.2AI score0.00024EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.13 views

CVE-2025-38156

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7996_mmio_wed_init()does not check for this case, which results in a NULL pointerdereference. Prevent null pointer ...

7.1AI score0.00024EPSS
CVE
CVE
added 2025/07/04 11:15 a.m.13 views

CVE-2025-38175

In the Linux kernel, the following vulnerability has been resolved: binder: fix yet another UAF in binder_devices Commit e77aff5528a18 ("binderfs: fix use-after-free in binder_devices")addressed a use-after-free where devices could be released without firstbeing removed from the binder_devices list...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/04 2:15 p.m.13 views

CVE-2025-38196

In the Linux kernel, the following vulnerability has been resolved: io_uring/rsrc: validate buffer count with offset for cloning syzbot reports that it can trigger a WARN_ON() for kmalloc() attemptthat's too big: WARNING: CPU: 0 PID: 6488 at mm/slub.c:5024 __kvmalloc_node_noprof+0x520/0x640 mm/slub...

6.6AI score0.00026EPSS
CVE
CVE
added 2025/07/06 10:15 a.m.13 views

CVE-2025-38235

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix "appletb_backlight" backlight device reference counting During appletb_kbd_probe, probe attempts to get the backlight deviceby name. When this happens backlight_device_get_by_name looks for adevice in the back...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/09 11:15 a.m.13 views

CVE-2025-38242

In the Linux kernel, the following vulnerability has been resolved: mm: userfaultfd: fix race of userfaultfd_move and swap cache This commit fixes two kinds of races, they may have different results: Barry reported a BUG_ON in commit c50f8e6053b0, we may see the sameBUG_ON if the filemap lookup ret...

6.6AI score0.00035EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.13 views

CVE-2025-38288

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Fix smp_processor_id() call trace for preemptible kernels Correct kernel call trace when calling smp_processor_id() when called inpreemptible kernels by using raw_smp_processor_id(). smp_processor_id() checks to see...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.13 views

CVE-2025-38291

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Prevent sending WMI commands to firmware during firmware crash Currently, we encounter the following kernel call trace when a firmwarecrash occurs. This happens because the host sends WMI commands to thefirmware while...

6.7AI score0.00026EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.13 views

CVE-2025-38294

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: fix NULL access in assign channel context handler Currently, when ath12k_mac_assign_vif_to_vdev() fails, the radio handle(ar) gets accessed from the link VIF handle (arvif) for debug logging, Thisis incorrect. In the ...

6.6AI score0.00026EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.13 views

CVE-2025-38297

In the Linux kernel, the following vulnerability has been resolved: PM: EM: Fix potential division-by-zero error in em_compute_costs() When the device is of a non-CPU type, table[i].performance won't beinitialized in the previous em_init_performance(), resulting in divisionby zero when calculating ...

6.6AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.13 views

CVE-2025-38314

In the Linux kernel, the following vulnerability has been resolved: virtio-pci: Fix result size returned for the admin command completion The result size returned by virtio_pci_admin_dev_parts_get() is 8 byteslarger than the actual result data size. This occurs because theresult_sg_size field of th...

6.8AI score0.00026EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.13 views

CVE-2025-38330

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) KASAN reported out of bounds access - cs_dsp_ctl_cache_init_multiple_offsets().The code uses mock_coeff_template.length_bytes (4 bytes) for register valuealloca...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.13 views

CVE-2025-38341

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retainsthe ownership of the message on error. All existing callersdutifully free the page.

6.6AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabledand the state is not even initialized. Protect the wedge call so it doesnothing in this case. It fixes the following spl...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38360

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add more checks for DSC / HUBP ONO guarantees [WHY]For non-zero DSC instances it's possible that the HUBP domain requiredto drive it for sequential ONO ASICs isn't met, potentially causingthe logic to the tile to e...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38361

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check dce_hwseq before dereferencing it [WHAT] hws was checked for null earlier in dce110_blank_stream, indicating hwscan be null, and should be checked whenever it is used. (cherry picked from commit 79db43611ff61...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the functionget_first_active_display(), but does not check its return value.The return value is a null poi...

6.4AI score0.00018EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38365

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if ithappens and we crash/power fail before the rename completes, the next timethe filesystem is mounted, the ...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38369

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted cantrigger a call trace or even a kernel panic when the parent process ...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38375

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring,we forget to check the received length with the true allocate size. Thiscan lead to an ou...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38386

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in [1], a platform firmware update that increased the numberof method parameters and forgot to update a least one of its callers,caused ACPICA to crash due to...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the samepage lock, and one task waiting on the NFS_LAYOUT_DRAIN bit inpnfs_update_layout(), however the pnfs_layout...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.13 views

CVE-2025-38401

In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdc_prepare_data() fails to map the DMA region, the request isnot prepared for data receiving, but msdc_start_data() proceedsthe DMA with previous setting.Since this will l...

6.6AI score0.00032EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.13 views

CVE-2025-38406

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do withthe driver's stack at this point etc., so the WARN_ON()doesn't add any value. Additionally, this is one of thetop syzbot repo...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.13 views

CVE-2025-38408

In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc() instead ofkmalloc() when allocating the simulation work context. Otherwise thepointers contain random content le...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.13 views

CVE-2025-38416

In the Linux kernel, the following vulnerability has been resolved: NFC: nci: uart: Set tty->disc_data only in success path Setting tty->disc_data before opening the NCI device means we need toclean it up on error paths. This also opens some short window if devicestarts sending data, even bef...

6.5AI score0.00043EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.13 views

CVE-2025-38422

In the Linux kernel, the following vulnerability has been resolved: net: lan743x: Modify the EEPROM and OTP size for PCI1xxxx devices Maximum OTP and EEPROM size for hearthstone PCI1xxxx devices are 8 Kband 64 Kb respectively. Adjust max size definitions and return correctEEPROM length based on dev...

6.6AI score0.00024EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.13 views

CVE-2025-38424

In the Linux kernel, the following vulnerability has been resolved: perf: Fix sample vs do_exit() Baisheng Gao reported an ARM64 crash, which Mark decoded as being asynchronous external abort -- most likely due to trying to accessMMIO in bad ways. The crash further shows perf trying to do a user st...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.13 views

CVE-2025-38425

In the Linux kernel, the following vulnerability has been resolved: i2c: tegra: check msg length in SMBUS block read For SMBUS block read, do not continue to read if the message lengthpassed from the device is '0' or greater than the maximum allowed bytes.

6.2AI score0.00024EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.13 views

CVE-2025-38426

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add basic validation for RAS header If RAS header read from EEPROM is corrupted, it could result in tryingto allocate huge memory for reading the records. Add some validation toheader fields.

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.13 views

CVE-2025-38430

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, thenexamining the cstate can have undefined results. This patch adds a check that the rpc procedure ...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.13 views

CVE-2025-38438

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak. sof_pdata->tplg_filename can have address allocated by kstrdup()and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 (...

6.4AI score0.00022EPSS
Total number of security vulnerabilities10748