Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/06/18 11:1 a.m.35 views

CVE-2022-50013

Summary: CVE-2022-50013 relates to the f2fs (Flash-Friendly File System) code in the Linux kernel. The issue arises from a NAT/NAT bitmap inconsistency that can cause a BUG_ON() in f2fs_new_node_page() when a NAT entry’s blkaddr is not NULL_ADDR while its NAT bitmap marks it free. The vulnerabili...

5.5CVSS6.4AI score0.00203EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.35 views

CVE-2022-50174

The CVE-2022-50174 issue affects the Linux kernel net/hinic path when a hinic device is used as a bond slave and statistics are read from the master bond device. The root cause is in hinic_get_stats64(), which previously called down(&nic_dev->mgmt_lock) to protect a critical section, risking s...

5.5CVSS6.3AI score0.00153EPSS
CVE
CVE
added 2025/08/09 2:30 p.m.35 views

CVE-2022-50233

CVE-2022-50233 (bluetooth: device name can cause reading kernel memory by not supplying terminal \0) affects SUSE Linux Enterprise Server 15 SP4 kernels (live patch stream). The SUSE advisories indicate this issue was fixed in multiple kernel live patches (e.g., SUSE-SU-2026:0163-1, 0166-1, 0168-...

5.5CVSS7.2AI score0.0013EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.35 views

CVE-2022-50356

CVE-2022-50356 affects the Linux kernel’s net: sched: sfb path. When the default qdisc is sfb and dev_queue initialization fails during mqprio_init(), the code calls sfb_reset() to free resources, but the qdisc pointer (q->qdisc) may be NULL, leading to a general protection fault (null pointer...

5.5CVSS6.1AI score0.00191EPSS
CVE
CVE
added 2025/09/15 2:6 p.m.35 views

CVE-2023-53194

CVE-2023-53194 is a Linux kernel vulnerability in fs/ntfs3 related to an insufficient length check in indx_get_root, which can lead to a use-after-free condition observed via KASAN during mounting operations. The provided reports describe a use-after-free read (size 2) on a page accessed by the m...

7.8CVSS5.9AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.35 views

CVE-2023-53249

CVE-2023-53249 affects Linux kernel clk-imx8mn clock driver. The vulnerability arises from a memory-leak in imx8mn_clocks_probe caused by using of_iomap() for an ioremap region and kzalloc() for allocations that aren’t automatically freed if error paths occur. The fix switches to devm_of_iomap() ...

5.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.35 views

CVE-2023-53250

The CVE-2023-53250 entry concerns a null-pointer dereference in Linux kernel firmware handling (dmi-sysfs). The issue occurs in dmi_sysfs_register_handle during initialization, triggered by a kobject/dmi_sysfs lifecycle sequence where list_add_tail is followed by an error path, leading to an unin...

5.5CVSS6AI score0.00135EPSS
CVE
CVE
added 2025/10/01 11:46 a.m.35 views

CVE-2023-53513

The CVE-2023-53513 issue is a Linux kernel vulnerability where incomplete validation of the nbd ioctl arg can trigger an i_size overflow when the arg is coerced to int (arg cast in nbd_ioctl /nbd_add_socket). The root cause is insufficient validation of large ioctl arguments, allowing an overflow...

5.5CVSS6.1AI score0.00136EPSS
CVE
CVE
added 2025/07/09 10:42 a.m.35 views

CVE-2025-38241

CVE-2025-38241 affects the Linux kernel in mm/shmem and swap paths, causing a soft lockup with mTHP swapin due to a conflict between readahead-ordered folios in swap cache and the swapin folio allocation. The issue occurs when a 10G swap device (e.g., zram) is used with THP and cgroup memory limi...

5.5CVSS6.5AI score0.00094EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.35 views

CVE-2025-38557

CVE-2025-38557 : In the Linux kernel HID subsystem, a vulnerability affects the apple_backlight feature. A malicious HID device with quirk APPLE_MAGIC_BACKLIGHT can trigger a NULL pointer dereference when toggling the power feature-report if the HID descriptor declares only one field for the powe...

5.5CVSS6.8AI score0.00145EPSS
CVE
CVE
added 2025/08/22 4:0 p.m.35 views

CVE-2025-38632

CVE-2025-38632 affects the Linux kernel pinctrl/pinmux logic. The issue is a race where updates to mux_usecount and mux_owner were not performed atomically under the same lock, allowing a state where mux_usecount > 0 but mux_owner is NULL, potentially causing a NULL pointer on subsequent pin r...

4.7CVSS6.5AI score0.00104EPSS
CVE
CVE
added 2025/09/05 5:20 p.m.35 views

CVE-2025-39683

CVE-2025-39683 (Linux kernel tracing vulnerability) The issue occurs when processing long strings in ftrace filters: trace_get_user may fail, but parser->buffer end is not zeroed, leading to a slab-out-of-bounds read in strsep/ftrace_process_regex and related release paths. The result is a loc...

7.1CVSS5.8AI score0.00164EPSS
CVE
CVE
added 2025/09/05 5:20 p.m.35 views

CVE-2025-39685

Summary (CVE-2025-39685) : In the Linux kernel, the comedi pcl726 driver could trigger an out-of-bounds when an excessively large IRQ number was passed (example 0x80008000). The fix adds an interrupt number check to prevent passing an IRQ number that is too large. It notes that if it->options[...

7.1CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/07 3:16 p.m.35 views

CVE-2025-39730

CVE-2025-39730 is a Linux kernel issue affecting NFS filehandle handling. The connected Astra/Amazon Linux livepatch advisories (ALAS2023LIVEPATCH-2025-108 and related entries) confirm a fix for NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() by ensuring the minimal filehandle length is...

7.8CVSS5.9AI score0.00181EPSS
CVE
CVE
added 2025/09/11 4:52 p.m.35 views

CVE-2025-39757

CVE-2025-39757 is a Linux kernel/ALSA USB-audio issue where UAC3 cluster segment descriptors were not validated for sizes against declared lengths or allocated buffers, enabling potential out-of-bounds (OOB) access. Connected advisories (Astra Linux and kernel security bulletins) confirm the vuln...

7.1CVSS6.3AI score0.00164EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.35 views

CVE-2025-39767

CVE-2025-39767 describes a Linux kernel issue on LoongArch where enabling CONFIG_KASAN, CONFIG_PREEMPT_VOLUNTARY_BUILD, and CONFIG_PREEMPT_VOLUNTARY together can trigger a soft deadlock due to slow module load times. The root cause involves module_frob_arch_sections() evaluating PLT/GOT counts; a...

5.5CVSS5.8AI score0.00106EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.35 views

CVE-2025-39770

CVE-2025-39770 affects the Linux kernel’s GSO/TSO handling for IPv6. When performing GSO on IPv6 packets with extension headers, the kernel may request checksum offload even though the egress device only advertises NETIF_F_IPV6_CSUM, which explicitly does not support offloading for packets with e...

5.5CVSS5.8AI score0.00144EPSS
CVE
CVE
added 2025/09/16 1:0 p.m.35 views

CVE-2025-39815

The CVE-2025-39815 entry concerns the Linux kernel (RISC-V KVM) where a stack overrun could occur when loading vlenb. The issue arises because userspace can place up to 2048 bits into an xlen-sized stack buffer; the fix adds a pre-check to ensure only xlen bits are used. The vulnerability is desc...

5.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/09/16 1:0 p.m.35 views

CVE-2025-39825

CVE-2025-39825 is described in the connected IBM security bulletin as a Linux kernel vulnerability: the smb client race with concurrent opens in rename(2). The root cause is a race during the rename operation where, besides sending the rename request, the kernel also closes deferred closes, await...

4.7CVSS6.1AI score0.00101EPSS
CVE
CVE
added 2025/09/19 3:26 p.m.35 views

CVE-2025-39838

CVE-2025-39838 (Linux kernel CIFS UTF16 conversion) Description context: A NULL pointer dereference can occur during UTF16 conversion in the CIFS code path of the Linux kernel. Specifically, a NULL value can be passed to __cifs_sfu_make_node, which then propagates to cifs_strndup_to_utf16 and eve...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.35 views

CVE-2025-39886

CVE-2025-39886 in the Linux kernel relates to a locking issue triggered when bpf_map_kmalloc_node() is called from __bpf_async_init(), potentially affecting memcg accounting and causing MEMCG_MAX events. The documented fix changes the bpf_timer_init() path to use allow_spinning=false and, per ups...

5.5CVSS6.4AI score0.00139EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.35 views

CVE-2025-71131

The CVE-2025-71131 in the Linux kernel is resolved. The issue was in crypto: seqiv where a request’s iv could be dereferenced after async completion of crypto_aead_encrypt, because the underlying request may be freed. The fix creates a new variable unaligned_info and uses it for the iv check, pre...

5.5CVSS6.2AI score0.00114EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.35 views

CVE-2026-22981

CVE-2026-22981 pertains to the Linux kernel driver for IDPF (Intel Ethernet 800/900-series? context in the doc refers to idpf) where, during reset handling, netdev interfaces are detached/closed to protect the reset path. The vulnerability description states that if reset handling succeeds, netde...

5.5CVSS5.3AI score0.00115EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.35 views

CVE-2026-23001

CVE-2026-23001 – Linux kernel macvlan UAF fix Multiple connected advisories reference this CVE as a fix in the macvlan subsystem. The vulnerability is described as a use-after-free (UAF) in macvlan_forward_source(), with the fix adding RC (read-copy-update) protection on (struct macvlan_source_en...

7.8CVSS5.2AI score0.00188EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.35 views

CVE-2026-23105

CVE-2026-23105 (Linux kernel) : A fix in the net/sched/qfq code changes the activation check of a class from relying on the child qdisc’s qlen to using cl_is_active in qfq_rm_from_ag. This patch makes activation determination more consistent and aims to prevent exploits that could manipulate chil...

7.8CVSS5.3AI score0.0012EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.35 views

CVE-2026-23204

CVE-2026-23204 affects the Linux kernel net/sched cls_u32. The root cause is that skb_header_pointer() does not fully validate negative @offset values, enabling a slab-out-of-bounds condition in u32_classify() (reported as BUG: KASAN). The fix replaces skb_header_pointer() with skb_header_pointer...

7.1CVSS5.2AI score0.00117EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.35 views

CVE-2026-23220

CVE-2026-23220 – Linux kernel ksmbd infinite loop fix : In ksmbd, when a signed SMB2 request fails verification, __process_request() triggers an error path that calls set_smb2_rsp_status() and resets next_smb2_rcv_hdr_off to zero. This loses the pointer to the next command in the chain, so is_cha...

5.5CVSS5.2AI score0.00118EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.35 views

CVE-2026-23229

CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...

5.5CVSS5.2AI score0.00121EPSS
CVE
CVE
added 2026/03/04 2:36 p.m.35 views

CVE-2026-23233

CVE-2026-23233 covers a Linux kernel f2fs bug where swapfile mapping can go wrong when the first extent is unaligned and the swapfile is small (

7.8CVSS5.6AI score0.0016EPSS
CVE
CVE
added 2026/03/18 10:5 a.m.35 views

CVE-2026-23242

CVE-2026-23242 affects the Linux kernel RDMA/siw header processing: siw_tcp_rx_data may dereference a NULL qp->rx_fpdu if siw_get_hdr() returns -EINVAL before set_rx_fpdu_context(). The fix adds a NULL check for rx_fpdu before accessing more_ddp_segs, preventing the NULL pointer dereference. P...

7.5CVSS5.7AI score0.00389EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.35 views

CVE-2026-43121

CVE-2026-43121 involves the Linux kernel io_uring/zcrx race between scrub and refill paths. The non-atomic read-then-decrement of the user_refs can race with io_zcrx_scrub() using atomic_xchg, causing a double-free of a niov and an out-of-bounds write past the freelist array. The fix replaces the...

4.7CVSS5.8AI score0.00088EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.35 views

CVE-2026-43125

CVE-2026-43125 affects the Linux kernel dlm module. The vulnerability stems from unvalidated length in dlm_dump_rsb_name() coming from network messages, allowing an out-of-bounds write in dlm_search_rsb_tree() when the length exceeds DLM_RESNAME_MAXLEN. This could enable denial of service and, in...

9.8CVSS6.1AI score0.00426EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.35 views

CVE-2026-43190

The CVE-2026-43190 issue affects the Linux kernel netfilter xt_tcpmss TCP option parser. The root cause is reading op[i+1] without validating the remaining option length, which can cause an out-of-bounds read when i+1 == optlen. This could access memory past the option boundary (stack buffer _opt...

8.2CVSS6AI score0.00463EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.35 views

CVE-2026-43467

CVE-2026-43467 affects the Linux kernel mlx5_core/mlx5_eswitch stack. Root cause: when moving a device to switchdev mode on a system that does not support IPsec, the code erroneously cleans up IPsec resources, triggering a local crash/DoS. With concrete details from multiple vendors (Red Hat, SUS...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.35 views

CVE-2026-45959

The CVE-2026-45959 issue affects the Linux kernel crypto: CCP driver. A local pointer annotated with __cleanup(kfree) could cause kfree to receive the local stack address instead of the allocated memory, leading to a crash. The underlying cause is incorrect cleanup usage; the repository indicates...

7.8CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.35 views

CVE-2026-45997

CVE-2026-45997 concerns the Linux kernel SCSI disk driver (sd). The issue arises when device_add(&sdkp->disk_dev) fails during sd_probe; as a result, put_device() calls lead to scsi_disk_release() freeing the scsi_disk but leaving the gendisk referenced. The fix adds a missing put_disk(gd) in ...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.35 views

CVE-2026-46033

The CVE-2026-46033 issue in the Linux kernel crypto/authencesn was fixed: authenc ESN paths require either a zero authsize or an authsize of at least 4 bytes, but a later path could copy digestsize into inst->alg.maxauthsize without validation, allowing ahash digests of 1–3 bytes (e.g., cbcmac...

7.1CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.35 views

CVE-2026-46059

CVE-2026-46059 : In the Linux kernel, KVM/nSVM handling of NRIPS and NextRIP after the first L2 VMRUN could miscompute NextRIP if NRIPS is disabled and a soft interrupt is injected, leading to a correctness issue after save/restore. The vulnerability arises because L1 may provide an incorrect Nex...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/05/27 12:58 p.m.35 views

CVE-2026-46072

CVE-2026-46072 describes a vulnerability in ntfs3 within the Linux kernel where run_unpack() can perform an out-of-bounds read. Specifically, after checking run_buf

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:59 p.m.35 views

CVE-2026-46098

CVE-2026-46098 affects the Linux kernel caif driver. The vulnerability arises when, after remote shutdown, caif_connect() tears down a client by calling caif_disconnect_client() and caif_free_client(), where caif_free_client() releases the service layer pointer but leaves adap_layer->dn dangli...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.35 views

CVE-2026-46153

CVE-2026-46153 affects the Linux kernel 8021q VLAN code. The vulnerability arises because vlan_dev_set_egress_priority() kept cleared egress priority mappings as tombstones in a hash, allowing repeated set/clear cycles with different skb priorities to accumulate nodes and cause memory leakage. Th...

5.5CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.35 views

CVE-2026-46205

Summary (grounded from provided sources): CVE-2026-46205 affects the Linux kernel atomisp driver (staging: media). The root cause is unsafe handling of private IOCTLs; the change disallows all private IOCTLs and returns early when cmd is non-zero to satisfy static checkers. This vulnerability is ...

7.8CVSS5.8AI score0.00141EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.35 views

CVE-2026-46234

CVE-2026-46234 affects the Linux kernel vsock code, specifically the vsock_update_buffer_size path. The bug arises from clamping the buffer size: it first enforces the maximum, then the minimum, which allows vsk->buffer_size to exceed vsk->buffer_max_size when a larger minimum is configured...

7.8CVSS5.9AI score0.00129EPSS
CVE
CVE
added 2026/06/08 3:50 p.m.35 views

CVE-2026-46310

CVE-2026-46310 affects the Linux kernel component media: renesas: vsp1. The vulnerability is a NULL pointer dereference during module unload on Gen 4, caused by cleanup calling vsp1_drm_cleanup() instead of vsp1_vspx_cleanup(). The fix implements an IP version check to call the appropriate DRM or...

5.5CVSS5.5AI score0.00112EPSS
CVE
CVE
added 2026/06/09 12:11 p.m.35 views

CVE-2026-46320

The CVE-2026-46320 vulnerability affects the Linux kernel tap driver where memory pages allocated for frames in vhost_net_xdp() are not freed on error paths. Specifically, tap_get_user_xdp() may reject frames shorter than ETH_HLEN (-EINVAL) or fail build_skb() (-ENOMEM), but both error paths jump...

7.4CVSS5.4AI score0.00235EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.34 views

CVE-2022-50017

CVE-2022-50017 affects the Linux kernel’s mips cavium-octeon implementation, specifically the octeon2_usb_clocks_start path. The root cause is a missing of_node_put() on the reference returned by of_get_parent(), which increments the devicetree reference count and leads to a refcount leak. The fi...

5.5CVSS6.5AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.34 views

CVE-2022-50057

CVE-2022-50057 affects the Linux kernel ntfs3 file system. The vulnerability is a NULL dereference in ntfs_update_mftmirr where, if ntfs_fill_super() wasn’t called, sbi->sb could be NULL and dereferenced. The failure path is triggered by certain mount parameters (e.g., an invalid or unexpected...

5.5CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/09/16 4:12 p.m.34 views

CVE-2023-53331

Summary (CVE-2023-53331) : In the Linux kernel, the pstore/ram path could treat an empty prz as valid during init, allowing a start value equal to zero to bypass bounds checks and trigger out-of-bounds writes, potentially causing panics in multiple code paths (e.g., sysdump_panic_event, panic, do...

7.8CVSS6.3AI score0.00147EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.34 views

CVE-2023-53354

CVE-2023-53354 concerns the Linux kernel skb_segment path used for zero-copy of SKBs. The bug occurs when skb_orphan_frags() updates nr_frags, leaving the local nrfrags stale and causing a panic while iterating frags during GSO/zero-copy processing. The fix moves the call to zero-copy functions b...

5.5CVSS6.3AI score0.00177EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.34 views

CVE-2023-53397

Technical details about CVE-2023-53397 (Linux kernel modpost off-by-one in is_executable_section) are not publicly available in the provided connected documents. Monitor for updates from vendors/security advisories.

5.5CVSS6.1AI score0.00136EPSS
Total number of security vulnerabilities14330