Lucene search

K
LinuxLinux Kernel

10712 matches found

CVE
CVE
added 2025/07/10 8:15 a.m.7 views

CVE-2025-38306

In the Linux kernel, the following vulnerability has been resolved: fs/fhandle.c: fix a race in call of has_locked_children() may_decode_fh() is calling has_locked_children() while holding no locks.That's an oopsable race... The rest of the callers are safe since they are holding namespace_sem anda...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.7 views

CVE-2025-38308

In the Linux kernel, the following vulnerability has been resolved: ASoC: Intel: avs: Fix possible null-ptr-deref when initing hw Search result of avs_dai_find_path_template() shall be verified beforebeing used. As 'template' is already known whenavs_hw_constraints_init() is fired, drop the search ...

6.7AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.7 views

CVE-2025-38309

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xe_svm_init() earlier In xe_vm_close_and_put() we need to be able to call xe_svm_fini(),however during vm creation we can call this on the error path, beforehaving actually initialised the svm state, leading to vari...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.7 views

CVE-2025-38316

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: avoid NULL pointer dereference in mt7996_set_monitor() The function mt7996_set_monitor() dereferences phy beforethe NULL sanity check. Fix this to avoid NULL pointer dereference by moving thedereference after th...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.7 views

CVE-2025-38318

In the Linux kernel, the following vulnerability has been resolved: perf: arm-ni: Fix missing platform_set_drvdata() Add missing platform_set_drvdata in arm_ni_probe(), otherwisecalling platform_get_drvdata() in remove returns NULL.

6.6AI score0.00022EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.7 views

CVE-2025-38330

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache) KASAN reported out of bounds access - cs_dsp_ctl_cache_init_multiple_offsets().The code uses mock_coeff_template.length_bytes (4 bytes) for register valuealloca...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.7 views

CVE-2025-38340

In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix OOB memory read access in KUnit test KASAN reported out of bounds access - cs_dsp_mock_bin_add_name_or_info(),because the source string length was rounded up to the allocation size.

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.7 views

CVE-2025-38341

In the Linux kernel, the following vulnerability has been resolved: eth: fbnic: avoid double free when failing to DMA-map FW msg The semantics are that caller of fbnic_mbx_map_msg() retainsthe ownership of the message on error. All existing callersdutifully free the page.

6.6AI score0.00022EPSS
CVE
CVE
added 2025/07/18 8:15 a.m.7 views

CVE-2025-38349

In the Linux kernel, the following vulnerability has been resolved: eventpoll: don't decrement ep refcount while still holding the ep mutex Jann Horn points out that epoll is decrementing the ep refcount and thendoing a mutex_unlock(&ep->mtx); afterwards. That's very wrong, because it can lead t...

6.5AI score0.00023EPSS
CVE
CVE
added last week7 views

CVE-2025-38351

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/hyper-v: Skip non-canonical addresses during PV TLB flush In KVM guests with Hyper-V hypercalls enabled, the hypercallsHVCALL_FLUSH_VIRTUAL_ADDRESS_LIST and HVCALL_FLUSH_VIRTUAL_ADDRESS_LIST_EXallow a guest to request inva...

7.1AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49953

In the Linux kernel, the following vulnerability has been resolved: iio: light: cm3605: Fix an error handling path in cm3605_probe() The commit in Fixes also introduced a new error handling path which shouldgoto the existing error handling path.Otherwise some resources leak.

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49975

In the Linux kernel, the following vulnerability has been resolved: bpf: Don't redirect packets with invalid pkt_len Syzbot found an issue [1]: fq_codel_drop() try to drop a flow whitout anyskbs, that is, the flow->head is null.The root cause, as the [2] says, is because that bpf_prog_test_run_s...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49979

In the Linux kernel, the following vulnerability has been resolved: net: fix refcount bug in sk_psock_get (2) Syzkaller reports refcount bug as follows:------------[ cut here ]------------refcount_t: saturated; leaking memory.WARNING: CPU: 1 PID: 3605 at lib/refcount.c:19 refcount_warn_saturate+0xf...

6.7AI score0.00025EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-49997

In the Linux kernel, the following vulnerability has been resolved: net: lantiq_xrx200: restore buffer if memory allocation failed In a situation where memory allocation fails, an invalid buffer addressis stored. When this descriptor is used again, the system panics in thebuild_skb() function when ...

6.7AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50014

In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix FOLL_FORCE COW security issue and remove FOLL_COW Ever since the Dirty COW (CVE-2016-5195) security issue happened, we knowthat FOLL_FORCE can be possibly dangerous, especially if there are racesthat can be exploited by...

7.8AI score0.94181EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50025

In the Linux kernel, the following vulnerability has been resolved: cxl: Fix a memory leak in an error handling path A bitmap_zalloc() must be balanced by a corresponding bitmap_free() in theerror handling path of afu_allocate_irqs().

6.4AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50043

In the Linux kernel, the following vulnerability has been resolved: net: fix potential refcount leak in ndisc_router_discovery() The issue happens on specific paths in the function. After both theobject rt and neigh are grabbed successfully, when lifetime isnonzero but the metric needs change, the ...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50056

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix missing i_op in ntfs_read_mft There is null pointer dereference because i_op == NULL.The bug happens because we don't initialize i_op for records in $Extend.

6.6AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50070

In the Linux kernel, the following vulnerability has been resolved: mptcp: do not queue data on closed subflows Dipanjan reported a syzbot splat at close time: WARNING: CPU: 1 PID: 10818 at net/ipv4/af_inet.c:153inet_sock_destruct+0x6d0/0x8e0 net/ipv4/af_inet.c:153Modules linked in: uio_ivshmem(OE)...

6.3AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50114

In the Linux kernel, the following vulnerability has been resolved: net: 9p: fix refcount leak in p9_read_work() error handling p9_req_put need to be called when m->rreq->rc.sdata is NULL to avoidtemporary refcount leak. [Dominique: commit wording adjustments, p9_req_put argument fixes for re...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50163

In the Linux kernel, the following vulnerability has been resolved: ax25: fix incorrect dev_tracker usage While investigating a separate rose issue [1], and enablingCONFIG_NET_DEV_REFCNT_TRACKER=y, Bernard reported an orthogonal ax25 issue [2] An ax25_dev can be used by one (or many) struct ax25_cb...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50189

In the Linux kernel, the following vulnerability has been resolved: tools/power turbostat: Fix file pointer leak Currently if a fscanf fails then an early return leaks an openfile pointer. Fix this by fclosing the file before the return.Detected using static analysis with cppcheck: tools/power/x86/...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50195

In the Linux kernel, the following vulnerability has been resolved: ARM: dts: qcom: replace gcc PXO with pxo_board fixed clock Replace gcc PXO phandle to pxo_board fixed clock declared in the dts.gcc driver doesn't provide PXO_SRC as it's a fixed-clock. This cause akernel panic if any driver actual...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50205

In the Linux kernel, the following vulnerability has been resolved: ext2: Add more validity checks for inode counts Add checks verifying number of inodes stored in the superblock matchesthe number computed from number of inodes per group. Also verify we haveat least one block worth of inodes per gr...

6.3AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.6 views

CVE-2022-50219

In the Linux kernel, the following vulnerability has been resolved: bpf: Fix KASAN use-after-free Read in compute_effective_progs Syzbot found a Use After Free bug in compute_effective_progs().The reproducer creates a number of BPF links, and causes a faultinjected alloc to fail, while calling bpf_...

6.6AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38008

In the Linux kernel, the following vulnerability has been resolved: mm/page_alloc: fix race condition in unaccepted memory handling The page allocator tracks the number of zones that have unaccepted memoryusing static_branch_enc/dec() and uses that static branch in hot paths todetermine if it needs...

6.4AI score0.00025EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38012

In the Linux kernel, the following vulnerability has been resolved: sched_ext: bpf_iter_scx_dsq_new() should always initialize iterator BPF programs may call next() and destroy() on BPF iterators even after new()returns an error value (e.g. bpf_for_each() macro ignores error returns fromnew()). bpf...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38016

In the Linux kernel, the following vulnerability has been resolved: HID: bpf: abort dispatch if device destroyed The current HID bpf implementation assumes no output report/request willgo through it after hid_bpf_destroy_device() has been called. This leadsto a bug that unplugging certain types of ...

6.7AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38028

In the Linux kernel, the following vulnerability has been resolved: NFS/localio: Fix a race in nfs_local_open_fh() Once the clp->cl_uuid.lock has been dropped, another CPU could come inand free the struct nfsd_file that was just added. To prevent that fromhappening, take the RCU read lock before...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38032

In the Linux kernel, the following vulnerability has been resolved: mr: consolidate the ipmr_can_free_table() checks. Guoyu Yin reported a splat in the ipmr netns cleanup path: WARNING: CPU: 2 PID: 14564 at net/ipv4/ipmr.c:440 ipmr_free_table net/ipv4/ipmr.c:440 [inline]WARNING: CPU: 2 PID: 14564 a...

6.3AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38036

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vf: Perform early GT MMIO initialization to read GMDID VFs need to communicate with the GuC to obtain the GMDID valueand existing GuC functions used for that assume that the GT hasit's MMIO members already setup. However, du...

6.3AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.6 views

CVE-2025-38050

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios A kernel crash was observed when replacing free hugetlb folios: BUG: kernel NULL pointer dereference, address: 0000000000000028PGD 0 P4D 0Oops: Oops...

6.6AI score0.00026EPSS
CVE
CVE
added 2025/07/02 3:15 p.m.6 views

CVE-2025-38093

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: x1e80100: Add GPU cooling Unlike the CPU, the GPU does not throttle its speed automatically when itreaches high temperatures. With certain high GPU loads it is possible toreach the critical hardware shutdown tempe...

6.6AI score0.00023EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.6 views

CVE-2025-38155

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7915: Fix null-ptr-deref in mt7915_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7915_mmio_wed_init()does not check for this case, which results in a NULL pointerdereference. Prevent null pointer ...

7.1AI score0.00023EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.6 views

CVE-2025-38156

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7996: Fix null-ptr-deref in mt7996_mmio_wed_init() devm_ioremap() returns NULL on error. Currently, mt7996_mmio_wed_init()does not check for this case, which results in a NULL pointerdereference. Prevent null pointer ...

7.1AI score0.00022EPSS
CVE
CVE
added 2025/07/03 9:15 a.m.6 views

CVE-2025-38164

In the Linux kernel, the following vulnerability has been resolved: f2fs: zone: fix to avoid inconsistence in between SIT and SSA w/ below testcase, it will cause inconsistence in between SIT and SSA. create_null_blk 512 2 1024 1024mkfs.f2fs -m /dev/nullb0mount /dev/nullb0 /mnt/f2fs/touch /mnt/f2fs...

7.1AI score0.00022EPSS
CVE
CVE
added 2025/07/09 11:15 a.m.6 views

CVE-2025-38252

In the Linux kernel, the following vulnerability has been resolved: cxl/ras: Fix CPER handler device confusion By inspection, cxl_cper_handle_prot_err() is making a series of fragileassumptions that can lead to crashes: 1/ It assumes that endpoints identified in the record are a CXL-type-3device, n...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.6 views

CVE-2025-38266

In the Linux kernel, the following vulnerability has been resolved: pinctrl: mediatek: eint: Fix invalid pointer dereference for v1 platforms Commit 3ef9f710efcb ("pinctrl: mediatek: Add EINT support for multipleaddresses") introduced an access to the 'soc' field of structmtk_pinctrl in mtk_eint_do...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.6 views

CVE-2025-38276

In the Linux kernel, the following vulnerability has been resolved: fs/dax: Fix "don't skip locked entries when scanning entries" Commit 6be3e21d25ca ("fs/dax: don't skip locked entries when scanningentries") introduced a new function, wait_entry_unlocked_exclusive(),which waits for the current ent...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.6 views

CVE-2025-38327

In the Linux kernel, the following vulnerability has been resolved: fgraph: Do not enable function_graph tracer when setting funcgraph-args When setting the funcgraph-args option when function graph tracer is netenabled, it incorrectly enables it. Worse, it unregisters itself when itwas never regis...

6.2AI score0.00024EPSS
CVE
CVE
added 2025/07/10 9:15 a.m.6 views

CVE-2025-38338

In the Linux kernel, the following vulnerability has been resolved: fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio() Sometimes, when a file was read while it was being truncated byanother NFS client, the kernel could deadlock because folio_unlock()was called twice, and the second call...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 ("eventpoll: Set epoll timeout if it's inthe future"), the following program would immediately enter a busyloop in the kernel: int main() { int...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38021

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp Similar to commit 6a057072ddd1 ("drm/amd/display: Fix null check forpipe_ctx->plane_state in dcn20_program_pipe") that addresses a nullpointer der...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements inthe freq_in[] and signal_out[] arrays, causing NULL pointerdereferences and triggering a kernel Oops (p...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38056

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix UAF when reloading module hda_generic_machine_select() appends -idisp to the tplg filename byallocating a new string with devm_kasprintf(), then stores the stringright back into the global variable snd_so...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloc_tag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still inuse and if so, we keep the memory containing module's allocation tagsalive until all tags are...

6.4AI score0.00026EPSS
CVE
CVE
added 4 days ago3 views

CVE-2025-38352

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() andcalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parento...

7AI score0.00024EPSS
CVE
CVE
added yesterday1 views

CVE-2025-38436 drm/scheduler: signal scheduled fence when kill job

In the Linux kernel, the following vulnerability has been resolved: drm/scheduler: signal scheduled fence when kill job When an entity from application B is killed, drm_sched_entity_kill()removes all jobs belonging to that entity throughdrm_sched_entity_kill_jobs_work(). If application A's job depe...

7.3AI score
CVE
CVE
added yesterday0 views

CVE-2025-38353 drm/xe: Fix taking invalid lock on wedge

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabledand the state is not even initialized. Protect the wedge call so it doesnothing in this case. It fixes the following spl...

7.1AI score
CVE
CVE
added yesterday0 views

CVE-2025-38354 drm/msm/gpu: Fix crash when throttling GPU immediately during boot

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boot. In thatcase, the call to of_devfreq_cooling_register() will immediately try toapply devfreq cooling...

6.9AI score
Total number of security vulnerabilities10712