Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2026/05/27 12:17 p.m.38 views

CVE-2026-45936

The CVE-2026-45936 entry concerns a race in the Linux kernel power_supply_changed() handling for Goldfish power supplies. The issue arises when using devm_ allocations for IRQs before the power_supply handle is allocated/registered, creating a window where an interrupt fires after the power_suppl...

7.8CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.38 views

CVE-2026-46152

CVE-2026-46152 affects the Linux kernel’s wifi/mac80211 subsystem. The root cause is that ieee80211_invoke_fast_rx() uses a static per-invocation rx_result, causing concurrent callers to share a single instance and potentially overwrite results between ieee80211_rx_mesh_data() and the switch on r...

8.8CVSS5.8AI score0.00167EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.38 views

CVE-2026-46167

CVE-2026-46167 – Linux kernel usb/usblp heap leak : The vulnerability stems from an uninitialized status buffer (statusbuf) allocated at probe time for LPGETSTATUS. If a malicious printer returns zero bytes, a stale 8-byte heap region could be copied to userspace via LPGETSTATUS, causing a heap l...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.38 views

CVE-2026-46211

CVE-2026-46211 affects the Linux kernel drm/msm/gem component. The flaw in msm_ioctl_gem_info_get_metadata() can cause a NULL pointer dereference due to unchecked allocation (kmemdup()) and always returning 0 on errors, making userspace believe success. The issue is fixed by adding a NULL check f...

5.5CVSS5.9AI score0.00127EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.38 views

CVE-2026-46212

CVE-2026-46212 concerns the Linux kernel’s batman-adv module. The vulnerability arises when deleting backbone claims in batman-adv (function batadv_bla_del_backbone_claims): the code drops a hash-list link entry that is still referenced, risking that the entry could be freed by batadv_claim_relea...

8.8CVSS5.7AI score0.00274EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.38 views

CVE-2026-46233

CVE-2026-46233 affects the Linux kernel batman-adv component (batadv_bla_purge_claims). The issue arises when iterating the claims list with an rcu_read_lock() and encountering a claim being released, potentially setting backbone_gw to NULL before the delayed kfree, making batadv_bla_claim_get_ba...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/06/03 4:19 p.m.38 views

CVE-2026-46273

The CVE-2026-46273 entry describes a Linux kernel vulnerability in the ibmveth driver affecting Power systems: GSO offload fails when MSS < 224 bytes, potentially freezing the network adapter and causing DoS until a manual reset. The fix adds an ndo_features_check to disable GSO for MSS 1; si...

8.6CVSS5.6AI score0.00389EPSS
CVE
CVE
added 2026/06/08 3:46 p.m.38 views

CVE-2026-46304

MODE C: The CVE-2026-46304 entry centers on the Linux kernel nvmet subsystem. The vulnerability stems from nvmet_tcp_release_queue_work() running on the nvmet-wq and possibly dropping the final controller reference through nvmet_cq_put(), which can trigger nvmet_ctrl_free() and flush ctrl->asy...

7.5CVSS5.4AI score0.00389EPSS
CVE
CVE
added 2026/06/08 3:50 p.m.38 views

CVE-2026-46312

CVE-2026-46312 is a Linux kernel vulnerability involving media: videobuf2 where vb2_dma_sg_mmap did not set the VMA flags, potentially triggering a WARN_ON in drm_gem_mmap_obj() during mmap() of an imported dma-buf. The fix adds proper VMA flag handling in vb2_dma_sg_mmap_mmap (consistent with vb...

5.5CVSS5.4AI score0.00114EPSS
CVE
CVE
added 2026/06/08 3:50 p.m.38 views

CVE-2026-46313

CVE-2026-46313 concerns a Linux kernel vulnerability in the media/ipu6 path. The issue is an error-pointer dereference in ipu6_pci_probe() where isp->psys is an error pointer (not NULL) and is dereferenced, potentially leading to a crash. The fix sets isp->psys to NULL on the error path bef...

5.5CVSS5.3AI score0.00114EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.38 views

CVE-2026-52917

Summary (concrete details from provided sources): CVE-2026-52917 fixes a Linux kernel SCTP diagnostics flaw in the sock_diag lookup during the dump_one path. The issue occurs when an SCTP association has been freed but is still being reported, allowing the code to dereference an invalid associati...

7.1CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.37 views

CVE-2022-50361

Summary: CVE-2022-50361 concerns the Linux kernel wilc1000 module. In wilc_netdev_ifc_init(), an unregister_netdev() path is missing in the error handling path. The fault report shows a kernel BUG at net/core/dev.c with an invalid opcode when alloc_ordered_workqueue() fails. The root issue is tha...

5.5CVSS6.4AI score0.00206EPSS
CVE
CVE
added 2025/09/18 1:58 p.m.37 views

CVE-2022-50400

The CVE-2022-50400 issue concerns the Linux kernel greybus: audio_helper code, where debugfs usage was removed due to incorrect handling that could leak memory and even erase all debugfs entries. The fix is to remove all debugfs logic from the audio_helper code; if needed later, a fix for the inc...

5.5CVSS6.2AI score0.00135EPSS
CVE
CVE
added 2025/09/18 4:3 p.m.37 views

CVE-2022-50406

CVE-2022-50406 affects the Linux kernel iomap/writeback path. Connected advisories confirm a memory corruption fix during writeback error recording, described as: “iomap: iomap: fix memory corruption when recording errors during writeback.” The issue is associated with the kernel code path handli...

7.8CVSS6.3AI score0.00152EPSS
CVE
CVE
added 2025/09/16 8:11 a.m.37 views

CVE-2023-53288

CVE-2023-53288 relates to a memory leak in the Linux kernel’s DRM subsystem. The issue occurs in drm/client: when a new mode is assigned to modeset->mode, the previously configured mode is not freed, leading to a kmemleak report chain (drm_mode_duplicate → drm_client_modeset_probe → __drm_fb_h...

5.5CVSS6AI score0.00136EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.37 views

CVE-2025-38076

CVE-2025-38076 concerns the Linux kernel vulnerability related to module unloading and allocation tags. The issue arises from a use-after-free risk when memory containing a module’s allocation tags remains alive after unloading, because percpu counters referenced by those tags could be freed by f...

7.8CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.37 views

CVE-2025-38121

The CVE-2025-38121 entry describes a Linux kernel issue in the wifi: iwlwifi: mld path. When an error occurs during init, in_hw_restart is set but never cleared, causing the code to retry init as if in a restart while not actually in one. This can lead to a NULL pointer dereference during cancell...

5.5CVSS7AI score0.00137EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.37 views

CVE-2025-38379

CVE-2025-38379 affects the Linux kernel SMB/CIFS client during channel reconnect in smb2_reconnect_server(). A dummy tcon passed to smb2_reconnect() had an uninitialized ->query_interface, causing queue_delayed_work() to be invoked on an incorrect tcon and triggering a kernel warning (seen in ...

5.5CVSS6AI score0.00148EPSS
CVE
CVE
added 2025/08/16 10:55 a.m.37 views

CVE-2025-38519

The CVE-2025-38519 entry pertains to the Linux kernel (mm/damon) and is supported by multiple sources in the connected documents. The root cause is a divide-by-zero crash in damon_get_intervals_score() when region size is zero. The current patch fixes the bug without disallowing zero-size regions...

5.5CVSS6.5AI score0.00119EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.37 views

CVE-2025-38559

CVE-2025-38559 (Linux kernel) affects the Intel PMT subsystem on x86 platforms. The issue is a NULL pointer dereference in intel_pmt_read() when an ep (endpoint) is missing, leading to kernel oops in crashlog handling. The fix, as described, augments intel_pmt_entry with a pointer to the pcidev t...

5.5CVSS7.1AI score0.00145EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.37 views

CVE-2025-38573

CVE-2025-38573: Linux kernel SPI cs42l43 handling bug where the software node’s property entries were not guaranteed to be null-terminated due to missing count, allowing a downstream cs35l56 amplifier driver parse to walk past the array into unknown memory. Root cause: property-count not specifie...

5.5CVSS7AI score0.00145EPSS
CVE
CVE
added 2025/08/19 5:3 p.m.37 views

CVE-2025-38605

CVE-2025-38605 affects the Linux kernel’s wifi/ath12k driver. In ath12k_dp_tx_get_encap_type(), arvif may be NULL during vdev delete, risking a kernel panic. The fix passes the valid ab pointer directly from the caller to avoid dereferencing arvif. Affected reference points to ath12k_dp_tx and re...

5.5CVSS7AI score0.00134EPSS
CVE
CVE
added 2025/09/04 3:32 p.m.37 views

CVE-2025-38704

CVE-2025-38704: In the Linux kernel, a bug in rcu/nocb could access an invalid nocb_cb_kthread pointer during CPU online/offline cycles. The fix changes the safety check to use rdp->nocb_gp_kthread instead of rdp_gp->nocb_gp_kthread. Public advisories from SUSE (SUSE-SU-2026:20220-1, openSU...

7.8CVSS6.2AI score0.00155EPSS
CVE
CVE
added 2025/09/04 3:32 p.m.37 views

CVE-2025-38707

CVE-2025-38707 is a Linux-kernel NTFS3 file-name sanity-check vulnerability. The issue arises from a too-long file name not being validated against the directory-entry size, potentially enabling local escalation when processing NTFS names. The CVE entry in the initial doc shows a HIGH impact with...

7.8CVSS6AI score0.00156EPSS
CVE
CVE
added 2025/09/05 5:20 p.m.37 views

CVE-2025-39686

CVE-2025-39686: In the Linux kernel comedi subsystem, insn_rw_emulate_bits() incorrectly emulated INSN_READ/WRITE for subdevices that support INSN_BITS, handling only a single sample instead of insn->n samples. The fix is to make the function process all n samples or return an error to conform...

7.8CVSS5.8AI score0.00171EPSS
CVE
CVE
added 2025/09/16 1:0 p.m.37 views

CVE-2025-39817

CVE-2025-39817 — Linux kernel efivarfs_d_compare may trigger a slab-out-of-bounds in memcmp when dentry->d_name.len

7.1CVSS6.1AI score0.00152EPSS
CVE
CVE
added 2025/09/16 1:0 p.m.37 views

CVE-2025-39824

The CVE CVE-2025-39824 affects the Linux kernel HID subsystem. A crafted HID descriptor can trigger a use-after-free in hid_input handling during hidinput_connect() after hid_hw_start(), notably via ASUS HID devices (e.g., ASUS ROG N-Key keyboard). The root cause is that capability bitmaps may no...

7.8CVSS5.4AI score0.00152EPSS
CVE
CVE
added 2025/09/19 3:26 p.m.37 views

CVE-2025-39850

CVE-2025-39850 affects the Linux kernel vxlan implementation. When the VXLAN device runs with the proxy option enabled, ARP/IPv6 Neighbor Solicitation can be spuriously suppressed if the remote host’s MAC is not behind the any remote. The root cause is dereferencing an FDB nexthop entry that may ...

5.5CVSS6AI score0.00135EPSS
CVE
CVE
added 2025/10/28 11:48 a.m.37 views

CVE-2025-40040

CVE-2025-40040 is a Linux kernel vulnerability arising from the mm/ksm: fix flag-dropping behavior in ksm_madvise. The issue causes an UFFD inconsistency in userfaultfd Release paths when a VMA registered for UFFD in MINOR mode undergoes MADV_UNMEARGEABLE, inadvertently clearing the upper 32 bits...

5.5CVSS5.8AI score0.00338EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.37 views

CVE-2025-71089

CVE-2025-71089 affects the Linux kernel via IOMMU Shared Virtual Addressing (SVA). In SVA, the IOMMU can cache kernel page-table entries, so freeing a kernel page-table page and reusing it could leave stale IOMMU entries, enabling use-after-free or write-after-free scenarios that could allow loca...

7.8CVSS6.3AI score0.00145EPSS
CVE
CVE
added 2026/05/27 12:14 p.m.37 views

CVE-2025-71304

CVE-2025-71304 — Linux kernel Smack DOI handling : The issue arises when writing to /smack/doi with a value previously used, which can disable networking for non-ambient labels. This can lead to privilege escalation, DoS, or information leaks. Debian/RootOS OSV notes indicate patches exist (e.g.,...

5.5CVSS5.7AI score0.0016EPSS
Web
CVE
CVE
added 2026/02/04 4:7 p.m.37 views

CVE-2026-23074

CVE-2026-23074 is a Linux kernel vulnerability in net/sched teql where the teql queuing discipline may be used outside its intended root qdisc, allowing a crafted packet sequence to create a use-after-free scenario in the qfq/qos path due to queue length (qlen) handling. The root cause is that te...

7.8CVSS5.2AI score0.00134EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.37 views

CVE-2026-23201

CVE-2026-23201: Linux kernel fix for ceph oops due to invalid pointer in kfree() within parse_longname(). Root cause was advancing the pointer to skip the initial '_' in ceph snapshot names, causing kfree() to receive an invalid pointer when listing .snap directories. The patch eliminates the poi...

5.5CVSS5.2AI score0.00112EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.37 views

CVE-2026-23210

In CVE-2026-23210, the Linux kernel ice driver experiences a NULL pointer dereference during VSI rebuild when PTP periodic work runs concurrently with VSI rebuild. The root cause is a race where ice_ptp_prepare_for_reset() cancels PTP work, ice_ptp_rebuild() queues it, and VSI rebuild occurs afte...

4.7CVSS5.2AI score0.00106EPSS
CVE
CVE
added 2026/04/22 8:15 a.m.37 views

CVE-2026-31432

CVE-2026-31432 affects the Linux kernel ksmbd component. Affected handling of compound requests (e.g., READ + QUERY_INFO(Security)) could allow an out-of-bounds write when the first READ command consumes most of the response buffer and ksmbd builds a security descriptor. The root cause is that sm...

8.8CVSS5.8AI score0.00507EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.37 views

CVE-2026-31508

The CVE-2026-31508 issue affects the Linux kernel in the Open vSwitch teardown path. The root cause is that after a patch, the teardown code for OVS ports no longer unconditionally takes the RTNL, allowing netdev_destroy() to finish and free the netdev before unregistration completes if the IFF_O...

7.8CVSS5.6AI score0.00129EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.37 views

CVE-2026-31589

The CVE-2026-31589 issue affects the Linux kernel memory management in the mm path related to folio_unmap_invalidate. The vulnerability arises when the system calls free_folio() directly, instead of loading the free_folio function pointer after obtaining a mapping reference or lock, potentially l...

9.8CVSS5.5AI score0.00444EPSS
CVE
CVE
added 2026/05/06 7:21 a.m.37 views

CVE-2026-43074

CVE-2026-43074 affects the Linux kernel eventpoll code. The vulnerability arises from ep_free() freeing the eventpoll structure while still in use by another thread, creating a use-after-free (UAF). The fix defers kfree() of the epi->ep struct to an RCU grace period to prevent UAF; multiple so...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.37 views

CVE-2026-43120

In the Linux kernel RDMA/irdma driver, CVE-2026-43120 describes a double-free during rereg_user_mr when IB_MR_REREG_TRANS is set. If the trans reg path fails after allocating a new umem, the code releases it but fails to NULL the iwmr->region, causing ib_umem_release to be invoked again during...

7.8CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.37 views

CVE-2026-43303

The CVE-2026-43303 issue affects the Linux kernel’s memory management in mm/page_alloc. Subsystems such as slub, shmem, and ttm expose page->private and fail to clear it before freeing pages. If freed pages are later allocated as high-order pages and split, tail pages may retain stale page-&gt...

7.8CVSS5.8AI score0.0013EPSS
CVE
CVE
added 2026/05/27 9:24 a.m.37 views

CVE-2026-45838

CVE-2026-45838 – Linux kernel : The vulnerability arises in BPF handling for cgroup_storage_get_next_key, where list_next_entry() can wrap to the list head and a subsequent NULL check becomes dead code, causing get_next_key() to read storage->key from a bogus pointer and copy it to userspace. ...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/05/27 9:24 a.m.37 views

CVE-2026-45842

CVE-2026-45842 concerns the Linux kernel slip module. When rslots are configured to 0 (no receive compression), the code may allocate a NULL rstate and set rslot_limit to 0. The receive path does not guard against this, causing slhc_uncompress() to dereference comp->rstate[x] if the VJ header ...

5.5CVSS5.8AI score0.00114EPSS
Web
CVE
CVE
added 2026/05/27 12:17 p.m.37 views

CVE-2026-45898

The CVE-2026-45898 issue affects the Linux kernel’s RDMA/iwcm component, where flawed work submission logic could cause queue_work() to queue items that are still live, enabling a work item to be processed and freed while still on the workqueue and triggering list corruption. The root cause is th...

9.8CVSS5.8AI score0.00465EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.37 views

CVE-2026-45899

CVE-2026-45899 is a Linux kernel/ext4 issue where, if a split extent operation fails, stale extent entries may remain in the extent status tree. The fix requires dropping all of the potentially stale extents when the split fails to prevent inconsistent metadata. Exploitation details are not provi...

5.5CVSS5.8AI score0.0016EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.37 views

CVE-2026-45917

The CVE-2026-45917 issue affects the Linux kernel IP Virtual Server (IPVS) component, where a race between the netdev notifier and the destination cache for a closing device could leak a device reference until the destination is removed. Root cause: the code caches dest_dst with a device that is ...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/27 12:58 p.m.37 views

CVE-2026-46083

CVE-2026-46083 concerns the Linux kernel SPI subsystem. The description indicates a fix for resource leaks that occur when a device is being set up and spi_setup() fails during registration, requiring a call to controller cleanup() to avoid leaking resources allocated by setup(). OpenSUSE/SUSE ad...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:58 p.m.37 views

CVE-2026-46094

CVE-2026-46094 affects the Linux kernel ext4 code. The vulnerability arises from a bounds check in check_xattrs() for the next xattr entry, where the code compared (void*)next >= end. This could allow next to point within sizeof(u32) bytes of end, and on the subsequent loop iteration IS_LAST_E...

7.1CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.37 views

CVE-2026-46110

CVE-2026-46110 affects the Linux kernel stmmac driver. When RX memory is exhausted, stmmac_rx() could misinterpret descriptors (full vs dirty), risking a NULL pointer dereference and potential kernel panic. The fix adds an explicit check to bail out when the next RX descriptor is dirty before adv...

7.5CVSS5.9AI score0.005EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.37 views

CVE-2026-46157

The CVE-2026-46157 entry concerns the ALSA PCM OSS subsystem in the Linux kernel, where runtime.oss.trigger could be accessed concurrently without protection, causing a data race on a bit field and risking corruption of adjacent fields. The issue is addressed by extending the existing params_lock...

7.8CVSS5.7AI score0.00099EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.37 views

CVE-2026-46166

The CVE-2026-46166 affects the Linux kernel’s wireless subsystem (mac80211) in the radar detect work. The root cause is unsafe list iteration during radar processing, where ieee80211_dfs_cac_cancel can free the iterated chanctx and remove it from the list, causing a slab-use-after-free. A guarded...

8.8CVSS5.8AI score0.00203EPSS
Total number of security vulnerabilities14330