Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/01/19 11:52 a.m.48 views

CVE-2024-57927

CVE-2024-57927 relates to the Linux kernel’s NFS write-to-cache path. The root cause was that nfs_netfs_init_request() could be invoked with a NULL file pointer when netfslib copied freshly read data into a write request for the cache, causing an oops via nfs_file_open_context(). The fix prevents...

5.5CVSS6.5AI score0.0017EPSS
CVE
CVE
added 2025/02/27 2:12 a.m.48 views

CVE-2025-21747

The CVE-2025-21747 entry concerns the Linux kernel DRM AST driver (drm/ast: astdp) where the video-signal enable path could trigger a kernel warning due to an insufficient timeout. Root cause: a timeout too short (200 ms) for enabling the ASTDP transmitter; the system may log a WARN_ON in ast_dp_...

5.5CVSS6.3AI score0.00163EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.48 views

CVE-2025-38029

CVE-2025-38029 (Linux kernel) : The issue occurs in kasan when apply_to_pte_range enters lazy MMU mode and invokes kasan_populate_vmalloc_pte(), which can sleep while allocating a single page. This can crash in-context on certain arches (e.g., s390) when preemption is manipulated during lazy MMU ...

5.5CVSS6.3AI score0.0014EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.48 views

CVE-2025-38069

Technical details for CVE-2025-38069 are not provided in the connected documents. Monitor for updates from upstream advisories.

7.8CVSS6.4AI score0.00154EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.48 views

CVE-2025-38301

CVE-2025-38301 affects the Linux kernel nvmem driver for zynqmp_nvmem; root cause: the driver expected a device pointer in context but nvmem_config.priv is never set, causing NULL pointer dereferences when accessing the device. A fix was committed to restore correct context handling (commit 29be4...

5.5CVSS6.5AI score0.00143EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.48 views

CVE-2025-38311

CVE-2025-38311 affects the Linux kernel iavf driver. Root cause: removal of the crit_lock to avoid error-prone try_locks, replacing it with netdev_lock in most cases. This change aims to fix deadlock scenarios observed during VF removal by canceling work without netdev_lock and by expanding the p...

5.5CVSS6.5AI score0.00094EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.48 views

CVE-2025-38446

CVE-2025-38446 affects the Linux kernel clock Framework for imx (ARM i.MX95 DT). The issue is an out-of-bounds access in dispmix_csr_clk_dev_data inside __clk_register() when num_parents is 4, accessing parent_names beyond the valid range. The bug manifests as a KASAN global-out-of-bounds read (s...

7.1CVSS6.4AI score0.00149EPSS
CVE
CVE
added 2025/08/16 10:54 a.m.48 views

CVE-2025-38503

CVE-2025-38503 : Linux kernel BTRFS vulnerability with block_group_tree enabled can trigger an assertion while rebuilding the free space tree, causing a kernel BUG and machine halt. The issue occurs when processing an empty block group (no extents/items) and a ret value of 1 is returned by btrfs_...

5.5CVSS6.2AI score0.00136EPSS
CVE
CVE
added 2025/08/16 11:34 a.m.48 views

CVE-2025-38548

CVE-2025-38548 affects the Linux kernel hwmon driver for Corsair Corsair-CPro. The root cause is improper validation of the input buffer size received by the USB command path, allowing potential mismatches between the reported and actual buffer lengths. The fix, as documented in the connected Ast...

7.8CVSS6.5AI score0.00153EPSS
CVE
CVE
added 2025/08/16 11:34 a.m.48 views

CVE-2025-38550

CVE-2025-38550 is a Linux kernel issue in ipv6 multicast handling. The root cause is delaying the release of the reference to pmc->idev in mld_del_delrec(), while pmc->idev is also used by ip6_mc_clear_src(). The fix (as stated) is to put the reference after ip6_mc_clear_src() returns. The ...

7.8CVSS6.6AI score0.00144EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.48 views

CVE-2025-38601

Summary (CVE-2025-38601): Linux kernel ath11k SRNG deinit path bug can cause a page fault/panic on resume due to not resetting per-list initialized flags after reconfiguration. Root cause: after two resets, ath11k_hal_srng_deinit() destroys srng lists but does not clear per-list ->initialized,...

5.5CVSS6.9AI score0.00148EPSS
CVE
CVE
added 2025/09/04 3:32 p.m.48 views

CVE-2025-38684

CVE-2025-38684 affects the Linux kernel’s net/sched ETS implementation. The issue arose from purging unused DRR queues during ets_qdisc_change(), where the code used the new value of q->nbands for cleanup. The fix ensures the purge uses the old values of q->nbands (and q->nstrict), so pu...

5.5CVSS5.6AI score0.0016EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.48 views

CVE-2026-23226

CVE-2026-23226 involves a kernel vulnerability in ksmbd where the ksmbd_chann_list xarray was lacking synchronization, allowing a use-after-free in multi-channel sessions between lookup_chann_list() and ksmbd_chann_del. The provided documents confirm the root cause and the fix: the patch adds a n...

8.8CVSS5.2AI score0.00423EPSS
CVE
CVE
added 2026/03/25 10:33 a.m.48 views

CVE-2026-23392

The CVE-2026-23392 vulnerability affects the Linux kernel nf_tables flowtable handling. Root cause: during error paths, a hook may still reference a flowtable, exposing it to the packet path and nfnetlink control plane. The fix inserts synchronize_rcu() after unregistering hooks (rcu grace period...

7.8CVSS5.6AI score0.00119EPSS
CVE
CVE
added 2026/05/01 1:56 p.m.48 views

CVE-2026-31709

In the Linux kernel SMB client (cifsacl), CVE-2026-31709 arises from insufficient validation of a server-provided DACL when rewriting security descriptors. The fix extends structural validation to ensure the DACL header, size, and per-ACE bounds are checked before any rewrite paths (replace_sids_...

8.8CVSS5.8AI score0.00259EPSS
CVE
CVE
added 2001/09/12 4:0 a.m.47 views

CVE-1999-1441

CVE-1999-1441 concerns the Linux kernel (2.0.34) allowing a local user to deliver SIGIO signals to arbitrary processes, leading to denial of service if the target does not catch the signal. The root cause is improper restriction of SIGIO delivery across processes. Public references show a practic...

2.1CVSS6.7AI score0.00703EPSS
CVE
CVE
added 2013/04/22 10:0 a.m.47 views

CVE-2013-3236

The CVE-2013-3236 issue affects the Linux kernel component vmci_transport_dgram_dequeue in net/vmw_vsock/vmci_transport.c; it fails to initialize a length variable, allowing local attackers to read kernel stack memory via crafted recvmsg/recvfrom. Affects kernels before 3.9-rc7. Multiple advisori...

4.9CVSS5.8AI score0.00341EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.47 views

CVE-2016-6790

CVE-2016-6790 affects NVIDIA libomx (libnvomx) in Android devices (notably Pixel C) with kernel 3.18. Root cause: NVIDIA OpenMAX component copies an input buffer to an output buffer without validating the input size, enabling local exploitation; the NVIDIA bulletin labels this as a high‑severity ...

9.3CVSS7.3AI score0.01637EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.47 views

CVE-2016-6791

CVE-2016-6791 is an elevation-of-privilege vulnerability in the Qualcomm sound driver affecting Android devices. The issue allows a local malicious application to execute arbitrary code in the kernel context, requiring initial compromise of a privileged process. Affected components/versions inclu...

7.6CVSS6.8AI score0.01208EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.47 views

CVE-2016-8394

CVE-2016-8394 describes an elevation-of-privilege vulnerability in the Synaptics touchscreen driver on Android. The issue could allow a local malicious application to execute arbitrary code in the kernel context by exploiting the Synaptics driver, requiring initial compromise of a privileged proc...

7.6CVSS6.8AI score0.0145EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.47 views

CVE-2016-8403

CVE-2016-8403 describes an information-disclosure vulnerability in Android’s kernel components, including the ION subsystem, Binder, USB driver, and networking subsystem. The issue could allow a local malicious application to access data outside its permission levels, with confidentiality impact ...

4.7CVSS3.9AI score0.01046EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.47 views

CVE-2016-8410

CVE-2016-8410 is an information-disclosure vulnerability in the Qualcomm sound driver affecting Android devices. The issue could allow a local malicious application to access data outside its permission levels, and is rated Moderate because exploitation requires first compromising a privileged pr...

4.7CVSS4.4AI score0.00881EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.47 views

CVE-2016-8415

CVE-2016-8415 describes an elevation-of-privilege flaw in the Qualcomm Wi‑Fi driver that lets a local malicious app execute code in the kernel context. Affected software is Android with kernel versions 3.10 and 3.18; exploitation requires compromising a privileged process. The issue is categorize...

7.6CVSS6.9AI score0.01254EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.47 views

CVE-2016-8437

CVE-2016-8437 describes an improper input validation in Android’s Access Control APIs, with the kernel 3.18 memory range check potentially mishandled. Affected product: Android (Kernel 3.18). Official description notes a memory-range check issue but does not provide exploit paths or a concrete fi...

10CVSS9AI score0.01598EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.47 views

CVE-2025-38050

CVE-2025-38050 affects the Linux kernel hugetlb memory management. A race between __update_and_free_hugetlb_folio() and replace_free_hugepage_folios() can cause folio_hstate(folio) to see a NULL pointer, leading to a kernel NULL pointer dereference and crash. The description explains the root cau...

5.5CVSS6.6AI score0.0014EPSS
CVE
CVE
added 2025/07/04 10:39 a.m.47 views

CVE-2025-38175

The CVE-2025-38175 entry concerns a use-after-free in the Linux kernel binder subsystem (binder_devices) that could occur when a binder device is released without first being removed from the binder_devices list. The Astra Linux bulletin documents the root cause in binder_remove_device within bin...

7.8CVSS6.4AI score0.00138EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.47 views

CVE-2025-38223

CVE-2025-38223 : Linux kernel fix for a kernel BUG triggered by an encrypted inode with an unaligned file size (e.g., 33K or 1K) in Ceph-related code paths. The issue manifests as a kernel OOPS/crash via a bug in ceph_msg_data_cursor_init in net/ceph/messenger.c during ceph_con_workfn processing,...

5.5CVSS6.2AI score0.00088EPSS
CVE
CVE
added 2025/07/10 8:15 a.m.47 views

CVE-2025-38339

CVE-2025-38339 (Linux kernel, powerpc/ arch): The issue arises from a miscalculated JIT size for the BPF trampoline during the dummy pass. arch_bpf_trampoline_size() estimates the JIT code size before the final image buffer is allocated, and the total emitted trampoline instructions depend on the...

5.5CVSS7.3AI score0.00127EPSS
CVE
CVE
added 2025/08/16 11:12 a.m.47 views

CVE-2025-38538

CVE-2025-38538 : In the Linux kernel DMA engine nbpfaxi, memory corruption could occur due to out-of-bounds access in nbpf_probe() where nbpf->chan[] is allocated with num_channels elements but three loops could index one past the end. The second loop copies data from irqbuf[] to nbpf->chan...

7.8CVSS6.7AI score0.00157EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.47 views

CVE-2025-38562

CVE-2025-38562 affects the Linux kernel ksmbd component. When a client performs two session setups with krb5 authentication to ksmbd, a null pointer dereference in generate_encryptionkey could occur if sess->Preauth_HashValue is NULL while the session is valid. The fix ensures the encryption k...

5.5CVSS7AI score0.07142EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.47 views

CVE-2025-38584

The CVE-2025-38584 issue is a Linux kernel vulnerability in the padata subsystem. A race condition/use-after-free could occur in padata_reorder after a padata item is enqueued but before the next item is prepared, potentially allowing premature dereference of the pd reference. The fix updates the...

7.8CVSS7.1AI score0.00161EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.47 views

CVE-2025-38585

CVE-2025-38585 concerns Linux kernel staging/atomisp: a stack buffer overflow in gmin_get_var_int() triggered when gmin_get_config_var() calls EFI get_variable() with a larger-than-expected EFI variable. The bug stems from two issues: (1) gmin_get_config_var() returning a stale error code on EFI ...

7.8CVSS7.9AI score0.00191EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.47 views

CVE-2025-38610

CVE-2025-38610 affects the Linux kernel powercap codebase, specifically the dtpm_cpu path. The vulnerability is caused by a NULL dereference in get_pd_power_uw() when em_cpu_get() returns NULL, which can occur if a CPU becomes unavailable at runtime and get_cpu_device() yields NULL, propagating t...

5.5CVSS7.3AI score0.00146EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.47 views

CVE-2025-38612

CVE-2025-38612 affects the Linux kernel staging driver fbtft (staging: fbtft). The vulnerability is due to a memory leak in fb_deferred_io_init() where memory allocated for info->pagerefs in the fb_info error path was not freed after fb_info allocation completed. The fix adds the cleanup on th...

5.5CVSS7.2AI score0.00159EPSS
CVE
CVE
added 2025/09/04 3:32 p.m.47 views

CVE-2025-38691

Technical details about CVE-2025-38691 are not publicly provided in the supplied connected documents. Monitor vendor advisories (Debian, Mageia, Amazon Linux) for patches and mitigations and update accordingly.

5.5CVSS5.9AI score0.00165EPSS
CVE
CVE
added 2026/03/04 12:58 p.m.47 views

CVE-2026-23231

CVE-2026-23231 affects the Linux kernel nf_tables code. The root cause is a use-after-free in nf_tables_addchain(), where a new chain is published to a table via list_add_tail_rcu() before hooks are registered; on failure the error path frees the chain without an RCU grace period, creating use-af...

7.8CVSS5.8AI score0.00812EPSS
CVE
CVE
added 2026/03/04 2:36 p.m.47 views

CVE-2026-23234

CVE-2026-23234 affects the Linux kernel F2FS subsystem. A use-after-free can occur in f2fs_write_end_io() due to a race with kill_f2fs_super freeing sbi before writeback complete, allowing access to freed sbi during page cache/inode cleanup. The published fix relocates the checkpoint thread wakeu...

7.8CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/04/01 8:36 a.m.47 views

CVE-2026-23410

CVE-2026-23410 – Linux kernel (AppArmor) race condition has a documented use-after-free in rawdata handling. The issue occurs when rawdata inodes aren’t refcounted, allowing an attacker to open a rawdata file while the last reference is removed (e.g., via profile removal), freeing the aa_loaddata...

7.8CVSS5.7AI score0.00141EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.47 views

CVE-2026-46056

The CVE-2026-46056 entry documents a Linux kernel Bluetooth UAF vulnerability in the SSP passkey handlers (hci_event path). The issue arises when hci_conn lookup and field access are performed without holding the hdev lock, creating a window where a connection could be freed concurrently in hci_u...

8.8CVSS5.8AI score0.00262EPSS
CVE
CVE
added 2026/06/03 3:49 p.m.47 views

CVE-2026-46262

CVE-2026-46262 concerns the Linux kernel ASoC fsl_xcvr module. The issue stems from a deadlock: a read lock is acquired while a write lock is already held in the same thread within fsl_xcvr_mode_put(), which is invoked by the upper ALSA core via snd_ctl_elem_write(). This caused a hung task. The ...

5.5CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2000/04/25 4:0 a.m.46 views

CVE-1999-0781

The CVE-1999-0781 entry concerns KDE: local users can run arbitrary commands by setting the KDEDIR environment variable to alter KDE’s executable search path. This documents the affected component as KDE and the root cause as the KDEDIR env var influencing how KDE locates executables, enabling lo...

7.2CVSS8AI score0.0042EPSS
CVE
CVE
added 2005/06/28 4:0 a.m.46 views

CVE-2002-1963

The CVE-2002-1963 entry affects Linux kernel versions 2.4.1–2.4.19. The root cause is that the NR_RESERVED_FILES limit is set to 10, enabling local users to exhaust resources by opening 10 setuid binaries, causing a denial of service. Publicly provided documents confirm the affected kernel range ...

2.1CVSS6.5AI score0.00462EPSS
CVE
CVE
added 2005/11/25 9:0 p.m.46 views

CVE-2005-3810

CVE-2005-3810 affects the Linux kernel 2.6.14 family (2.6.14 up to 2.6.14.3). The vulnerable component is ip_conntrack_proto_icmp.c in the ctnetlink module, where a lack of ICMP_ID information in an ICMP IPv4 message can cause a kernel oops, i.e., a NULL dereference leading to a denial of service...

7.8CVSS6.3AI score0.01444EPSS
CVE
CVE
added 2006/12/06 10:0 p.m.46 views

CVE-2006-6333

The CVE-2006-6333 issue affects Linux kernel 2.6.19: the tr_rx function in ibmtr.c can assign the wrong flag to ip_summed, enabling remote attackers to trigger a memory-corruption DoS by crafting packets that mislead the kernel to treat a field as an offset. The vulnerability is supported by mult...

7.8CVSS6.5AI score0.03273EPSS
CVE
CVE
added 2017/01/12 3:0 p.m.46 views

CVE-2016-8407

CVE-2016-8407 is an information disclosure vulnerability in Android’s kernel components (ION subsystem, Binder, USB driver, and networking). The issue could allow a local malicious app to access data outside its permission levels after compromising a privileged process. Affected products/versions...

4.7CVSS3.9AI score0.01046EPSS
CVE
CVE
added 2017/01/12 8:0 p.m.46 views

CVE-2016-8450

CVE-2016-8450 is an elevation-of-privilege flaw in the Qualcomm sound driver affecting Android kernel space (Kernel-3.10). The NVD entry describes a local attacker compromising a privileged process to gain code execution in the kernel context. The vulnerability is tied to the Qualcomm sound drive...

7.6CVSS6.9AI score0.01324EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.46 views

CVE-2024-58000

CVE-2024-58000 affects the Linux kernel Io_uring reg-wait path. The root cause is speculative execution on a kernel array indexed by user input when using ENTER_EXT_ARG_REG, which could interpret an offset into a pre-mapped memory region as an argument. The documented fix is to prevent speculativ...

5.5CVSS6.4AI score0.00177EPSS
CVE
CVE
added 2025/02/27 8:6 p.m.46 views

CVE-2025-21822

CVE-2025-21822: Technical details are not publicly provided in the supplied documents. Monitor for updates.

5.5CVSS6.5AI score0.00165EPSS
CVE
CVE
added 2025/07/03 8:13 a.m.46 views

CVE-2025-38096

The connected SUSE/OpenSUSE advisory confirms CVE-2025-38096 is addressed by an openSUSE Leap 16.0 kernel security update (openSUSE-SU-2025-20081-1). The CVE concerns the Linux kernel wifi/iwlwifi code, specifically iwl_trans_reclaim warning behavior when the FW is not alive or a FW restart is pe...

5.5CVSS7.1AI score0.00155EPSS
CVE
CVE
added 2025/07/04 10:39 a.m.46 views

CVE-2025-38176

In Linux kernel, binder: fix use-after-free in binderfs_evict_inode() is the root cause of the vulnerability. The issue occurs within binderfs_evict_inode, leading to potential slab-use-after-free conditions observable under stress-ng with binderfs, and is mitigated by the referenced patch fix. C...

7.8CVSS6.3AI score0.00138EPSS
Total number of security vulnerabilities14330