Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2026/05/27 12:15 p.m.31 views

CVE-2026-45874

CVE-2026-45874 affects the Linux kernel component under the phosphate path for Freescale IMX8QM HSIO. The issue arises when the devicetree provides no fsl,refclk-pad-mode; during probe, refclk_pad is set to NULL, and imx_hsio_configure_clk_pad() uses this pointer unconditionally, risking a NULL p...

5.5CVSS5.8AI score0.00155EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.30 views

CVE-2026-43020

CVE-2026-43020 concerns the Linux kernel Bluetooth MGMT path: load-time Long Term Keys can overflow a fixed-size stack buffer if enc_size exceeds the 16-byte key buffer. The root cause is validation of enc_size not rejecting oversized values during management LTK record validation, allowing inval...

7.8CVSS5.9AI score0.00129EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.30 views

CVE-2026-43048

The CVE concerns the Linux kernel HID core. The issue arises in hid_report_raw_event() where a memset() intended to clear bogus data can trigger out-of-bounds reads/writes when the incoming event buffer is not large enough for the report. The fix removes the problematic memset() and instead retur...

8.8CVSS5.9AI score0.00241EPSS
CVE
CVE
added 2026/05/05 3:17 p.m.30 views

CVE-2026-43061

CVE-2026-43061 (Linux kernel): The serial8250 TX DMA deadlock was fixed. The root cause was that dmaengine_terminate_async did not guarantee the __dma_tx_complete callback would run, and that callback is the only place where dma->tx_running is cleared. If a TX DMA transaction is canceled and t...

5.5CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2026/05/05 3:29 p.m.30 views

CVE-2026-43073

CVE-2026-43073 stems from a misnamed x86-64 kernel routine __copy_user_nocache(), a non-temporal destination copy with exception handling that is not actually a pure user-kernel copy and has complex alignment behavior. The fix renames the function and normalizes the prototype so callers perform p...

5.5CVSS5.7AI score0.00117EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.30 views

CVE-2026-43088

CVE-2026-43088 (Linux kernel) affects PF_KEY export paths in the net: af_key code, where IPv6 sockaddr payloads were not fully initialized in certain export messages (SADB_ACQUIRE, SADB_X_NAT_T_NEW_MAPPING, SADB_X_MIGRATE). The issue arises because pfkey_sockaddr_size() reserves 32 bytes for IPv6...

5.5CVSS5.9AI score0.00122EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.30 views

CVE-2026-43288

Summary: CVE-2026-43288 relates to the Linux kernel ext4 filesystem. The root cause is a per-CPU counter accessed before it is initialized during block bitmap validation, which can cause a kernel panic and potential DoS when mounting a specially crafted ext4 filesystem with quota/project options....

5.5CVSS5.9AI score0.0013EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.30 views

CVE-2026-43305

CVE-2026-43305 details a Linux kernel DRM AMD display issue where the DMUB HW lock unlock path in the HWSS fast path could hang due to a mismatch between evaluating the need for the lock and unlocking. The fix introduces a flag to track whether the lock should be used and applies that flag to gov...

5.5CVSS5.8AI score0.00083EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.30 views

CVE-2026-43416

CVE-2026-43416 affects the Linux kernel: a NULL pointer dereference in perf stack tracing when current->mm is released, risking kernel panic during profiling with BPF. The root cause is a missing alive check before retrieving the user callchain for perf_callchain_user (and similar to a prior x...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43427

The CVE covers a Linux kernel issue in the usb: class: cdc-wdm read path. Due to compiler optimization or CPU out-of-order execution, desc->length could be updated after a memmove, causing wdm_read() to observe a new length and copy_to_user() from uninitialized memory, violating LKMM data race...

7.1CVSS5.8AI score0.00132EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43435

CVE-2026-43435 relates to the Linux kernel rust_binder component where the oneway spam-detection logic in TreeRange (and missing logic in ArrayRange) could allow large spamming transactions to go undetected. The fix moves the spam-check after the new range is inserted and adds an equivalent low_o...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.30 views

CVE-2026-43469

Summary: CVE-2026-43469 affects the Linux kernel xprtrdma component. The root cause is that rpcrdma_post_recvs() may exit early or fail to create a work request without decrementing ep->re_receiving. This miscount can cause rpcrdma_xprt_drain() to hang, leaving the completion blocked and poten...

7.5CVSS5.8AI score0.0038EPSS
CVE
CVE
added 2026/05/27 12:15 p.m.30 views

CVE-2026-45856

The CVE-2026-45856 issue affects the Linux kernel's RDMA/uverbs subsystem, specifically ib_uverbs_post_send. The vulnerability arises when cmd.wqe_size from userspace is not validated before kmalloc and using the allocated memory as struct ib_uverbs_send_wr, allowing an out-of-bounds read of kern...

7.1CVSS5.8AI score0.00164EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.30 views

CVE-2026-45983

In CVE-2026-45983, the Linux kernel NFS server (nfsd) vulnerability stems from idmap lookup upcalls during v4 request decoding: if upcall responses are delayed beyond the time limit, cache_check() postpones the request and it gets dropped, causing NFSD4_SLOT_INUSE to block subsequent SEQUENCE ope...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.30 views

CVE-2026-45993

CVE-2026-45993 concerns LoongArch: boundry protection for the syscall dispatch table in the Linux kernel. Public documentation in OSV and related advisories confirms patches across multiple Linux distributions/packages: Root:Ubuntu 22.04/24.04 (rootio-linux), Debian 11/12 (rootio-linux), openSUSE...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.30 views

CVE-2026-46014

CVE-2026-46014 is a Linux kernel vulnerability affecting KVM/SVM where save/restore of LBR and DEBUGCTL MSRs was incomplete. The issue arose because MSR_IA32_DEBUGCTLMSR and LBR MSRs were not included in the msrs_to_save_base list and could not be set/restored properly, breaking save/restore acro...

5.5CVSS5.8AI score0.00093EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.30 views

CVE-2026-46031

The CVE-2026-46031 entry describes a Linux kernel issue in the ks8851 network driver where a race/deadlock can occur between TX softirq handling and RX processing when BHs are enabled around IRQ handling. The root cause is a potential deadlock: ks8851_irq() holds a spinlock while ks8851_start_xmi...

7.5CVSS5.8AI score0.0037EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46151

CVE-2026-46151 affects the Linux kernel USB printer driver usblp, causing a heap leak in IEEE 1284 device ID handling due to short GET_DEVICE_ID responses. The issue stems from usblp_ctrl_msg() discarding actual bytes and usblp_cache_device_id_string() trusting a 2‑byte length prefix, exposing st...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.30 views

CVE-2026-46161

CVE-2026-46161 affects the Linux kernel md/raid10 code: setup_geo() may divide by zero when fc (far copies) is 0, since it derives geo->far_set_size from disks/fc without validating zero. The fix validates nc and fc after extraction and returns -1 if either is zero. Connected OSV entries show ...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.30 views

CVE-2026-46204

CVE-2026-46204 affects the Linux kernel DRM_AMDGPU driver (drm/amdgpu/vcn4). The root cause is an out-of-bounds read when parsing an Instruction Buffer (IB). The patch rewrites the IB parsing to use amdgpu_ib_get_value(), ensuring bounds checks are performed and preventing OOB reads. Public descr...

7.1CVSS5.8AI score0.00131EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.30 views

CVE-2026-46223

The CVE-2026-46223 issue concerns the Linux kernel cgroup subsystem: rmdir defers percpu_ref kill of CSS until the cgroup is depopulated. A chain of commits reworked rmdir behavior to ensure ->css_offline() does not run while tasks are still doing kernel work in the cgroup. The core problem wa...

5.5CVSS5.7AI score0.00083EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.30 views

CVE-2026-46229

The CVE-2026-46229 issue affects the Linux kernel’s DRM/AMDKFD path: KFD VRAM allocations could leave stale data because AMDGPU_GEM_CREATE_VRAM_CLEARED was not applied in the KFD code path, unlike the GEM/user paths which already set VRAM_CLEARED. This allowed stale page-table remnants to leak in...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/06/08 3:41 p.m.30 views

CVE-2026-46279

CVE-2026-46279 — In the Linux kernel, the issue lies in mm/alloc_tag where pages allocated before page_ext initialization may have an uninitialized codetag, potentially triggering KASAN warnings when later freed. The fix introduces a global array (8192 entries) to track such pages during boot and...

7.8CVSS5.4AI score0.00127EPSS
CVE
CVE
added 2026/06/08 3:41 p.m.30 views

CVE-2026-46282

CVE-2026-46282 affects the Linux kernel IIO frequency driver (admv1013). Root cause: if device_property_read_string() fails, str can remain uninitialized and later is dereferenced in strcmp, causing a NULL/garbage pointer dereference. Mitigation in the patch set: replace manual read/strcmp with d...

5.5CVSS5.5AI score0.00122EPSS
CVE
CVE
added 2026/06/08 3:46 p.m.30 views

CVE-2026-46298

CVE-2026-46298 affects the Linux kernel component pseries/papr-hvpipe. A race during ioctl or release handling can occur if an interrupt fires on the same CPU, potentially causing a deadlock. The patch fixes both handlers by using spin_lock_irqsave/spin_lock_irqrestore, preventing the deadlock. T...

4.7CVSS5.5AI score0.00074EPSS
CVE
CVE
added 2026/06/09 12:11 p.m.30 views

CVE-2026-46318

CVE-2026-46318 concerns a Linux kernel hugetlbfs issue: a revert of the mmap_prepare-related change due to a potential VMA lock leak after a failed allocation. The fix reverts the change to allow rework, while attempting to preserve VMA flag changes. Connected sources consistently describe the ro...

5.5CVSS5.4AI score0.001EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.30 views

CVE-2026-52934

The CVE-2026-52934 entry involves the Linux kernel’s batman-adv TVLV handling. The root cause is batadv_tvlv_container_list_size() using a 16-bit accumulator, which can wrap when the total size exceeds U16_MAX, causing an undersized allocation in batadv_tvlv_container_ogm_append() and a subsequen...

8.8CVSS5.7AI score0.00247EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.30 views

CVE-2026-53131

In CVE-2026-53131, multiple netfilter-related paths in the Linux kernel (including ip6t_eui64, xt_mac, and several ipset types) could access Ethernet MAC header data via eth_hdr(skb) without first verifying that the skb is associated with an Ethernet device or that the MAC header is present and l...

9.4CVSS5.7AI score0.00431EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.29 views

CVE-2022-49955

Summary of CVE-2022-49955 : This vulnerability concerns the Linux kernel’s powerpc/rtas code, where MSR[HV] handling for IBM Cell during RTAS entry could crash the system. The root cause, as described across sources, is a mismatch in how MSR[HV] is treated when RTAS is invoked (firmware/RTAS inte...

5.5CVSS6.4AI score0.00179EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.29 views

CVE-2022-50064

CVE-2022-50064 involves a use-after-free in the Linux kernel’s virtio-blk path. The issue arises because hctx->user_data is assigned to vq in virtblk_init_hctx(), but vq is freed during suspend and reallocated on resume, making hctx->user_data invalid after resume and capable of causing a k...

7.8CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/09/15 2:2 p.m.29 views

CVE-2022-50255

CVE-2022-50255 (Linux kernel tracing) : The issue affects the tracing subsystem where the synthetic event field, specifically the character array file[], could be read as a string without validating the user-space address. This caused crashes when reading from user memory during open/openat strin...

7.1CVSS6.4AI score0.00149EPSS
Web
CVE
CVE
added 2025/09/15 2:21 p.m.29 views

CVE-2022-50265

CVE-2022-50265 pertains to the Linux kernel and concerns data races in the kernel crypto/messaging flow involving kcm->rx_wait and kcm->rx_psock. The description states that kcm->rx_psock can be read locklessly in kcm_rfree(), and the issue was mitigated by annotating the corresponding r...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.29 views

CVE-2022-50302

CVE-2022-50302: Linux kernel vulnerability where lockd/vfs_lock_file() assumes a fully initialised struct file_lock; if fl_file is NULL (notably with re-exported NFSv3), the caller may Oops. Affected: Linux kernel (details describe the unlocking path in lockd and vfs_lock_file). Impact per source...

5.5CVSS6.1AI score0.00145EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.29 views

CVE-2022-50307

In CVE-2022-50307, the Linux kernel s390/cio subsystem had an out-of-bounds read during cio_ignore free scans. The bug arose from an optimization that excluded online devices from scans, incorrectly assuming I/O-subchannel drvdata pointed to a private struct, which is invalid for devices bound to...

7.1CVSS6.2AI score0.00147EPSS
Web
CVE
CVE
added 2025/09/17 2:56 p.m.29 views

CVE-2022-50369

In CVE-2022-50369, the Linux kernel’s drm/vkms driver is affected by a null pointer dereference in vkms_release() when destroying the workqueue: vkms->output.composer_workq is destroyed after an OOM path allocates it later in vkms_crtc_init. The issue arises because vkms_release() can call des...

5.5CVSS6.1AI score0.00184EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.29 views

CVE-2023-53228

Summary: CVE-2023-53228 corresponds to a Linux kernel regression in the AMDGPU driver where, on command submission failure due to userptr invalidation, legacy code would redundantly clean up a scheduler job. The cleanup was unnecessary because the job cleanup logic was integrated into the existin...

5.5CVSS6.4AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:22 p.m.29 views

CVE-2023-53232

CVE-2023-53232 affects the Linux kernel MT7921/MT76 stack. The vulnerability arises from a kernel panic due to accessing unallocated eeprom.data, leading to a NULL dereference in mt7921_mcu_parse_response. A fix is present: the MT7921 driver no longer uses eeprom.data, and the code referencing it...

7.1CVSS6.3AI score0.00149EPSS
CVE
CVE
added 2025/09/16 8:6 a.m.29 views

CVE-2023-53266

The CVE-2023-53266 issue affects the Linux kernel (arm64) ACPI path involving ffh_ctxt allocation. The vulnerability arises when SMCCC version and conduit checks fail and a -EOPNOTSUPP return occurs without freeing the allocated ffh_ctxt memory, creating a memory leak. The documented fix moves th...

5.5CVSS6.2AI score0.00128EPSS
CVE
CVE
added 2025/09/16 8:11 a.m.29 views

CVE-2023-53276

In CVE-2023-53276, the Linux kernel ubifs code leaks memory: fscrypt_setup_filename allocates memory for the tmpfile name, but this memory is not freed after the name is copied into the directory entry inode (ubifs_tmpfile → vfs_tmpfile → path_openat). The kmemleak report shows an unreferenced ob...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.29 views

CVE-2023-53322

CVE-2023-53322 in the Linux kernel affects the scsi qla2xxx driver. The issue arises when terminate_rport_io does not wait for all IOs to return, risking a use-after-free and potential resource leakage leading to a system crash. The connected advisories (EulerOS/RHEL) list this CVE among kernel f...

7.8CVSS6.2AI score0.0014EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.29 views

CVE-2023-53355

The CVE-2023-53355 entry concerns the Linux kernel (staging: pi433) where a memory leak occurs when using debugfs_lookup() because the returned object is not paired with dput(). The recommended fix is to use debugfs_lookup_and_remove(), which handles the necessary dput() logic and related cleanup...

5.5CVSS6.1AI score0.00174EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.29 views

CVE-2023-53360

CVE-2023-53360 affects the Linux kernel NFSv4.2 path for READ_PLUS and can cause a hole-decode oops and scratch buffer NULL/length mismatch due to reworked scratch handling that reused an nfs_pgio_header across multiple requests. The root cause is that multiple reads could be sent with a single n...

5.5CVSS6.5AI score0.00176EPSS
CVE
CVE
added 2025/09/18 1:58 p.m.29 views

CVE-2023-53416

CVE-2023-53416 affects the Linux kernel USB isp1362 driver. The issue is a memory leak caused by calling debugfs_lookup() without releasing the result with dput(), allowing leaked memory over time. The fix simplifies the handling by using debugfs_lookup_and_remove(), which performs the lookup and...

5.5CVSS6.2AI score0.00135EPSS
CVE
CVE
added 2025/09/18 4:4 p.m.29 views

CVE-2023-53431

The CVE-2023-53431 entry concerns Linux kernel SCSI SES: the fix ensures graceful handling when an enclosure has a primary component but no secondary components. Previously, devices with one primary enclosure and zero secondary enclosures could cause ses_intf_add() to bail, potentially triggering...

5.5CVSS5.8AI score0.00137EPSS
CVE
CVE
added 2025/10/04 3:17 p.m.29 views

CVE-2023-53569

The CVE-2023-53569 entry refers to the Linux kernel ext2 filesystem check during mount, where the log of the block size stored in the superblock must be validated to prevent an overflow in the block size calculation. This vulnerability can cause undefined behavior if the block size value is not s...

7.8CVSS6.2AI score0.00143EPSS
CVE
CVE
added 2025/07/09 10:42 a.m.29 views

CVE-2025-38243

The CVE-2025-38243 issue affects the Linux kernel’s Btrfs log replay path. In several locations that call read_one_inode(), a NULL inode pointer could be dereferenced (e.g., iput(&inode->vfs_inode) in __add_inode_ref()), causing an invalid memory access and a crash. The available connected doc...

5.5CVSS6.5AI score0.00136EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.29 views

CVE-2025-38309

CVE-2025-38309 affects the Linux kernel’s drm/xe/vm path. The root cause is that during vm creation, the code may call xe_svm_fini() on the error path before the SVM state is initialised, causing kernel splats and a fatal NPD. A fix moves xe_svm_init() earlier in xe_svm lifecycle to ensure proper...

5.5CVSS6.5AI score0.0012EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.29 views

CVE-2025-38370

CVE-2025-38370 concerns a Linux kernel issue in the BTRFS free-space-tree rebuild path. When rebuilding the free-space tree, allocating a new metadata block group could trigger multiple transactions; during the rebuild, btrfs_rebuild_free_space_tree() may encounter newly inserted block groups and...

5.5CVSS6.3AI score0.00129EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.29 views

CVE-2025-38394

The CVE-2025-38394 issue is in the Linux kernel HID path (appletkd/b appletb-kbd) where an input handler is registered to input core and then, if probe fails, freed memory remains in input_handler_list. This creates a use‑after‑free condition (UAF) in input_attach_handler during subsequent device...

7.8CVSS6.3AI score0.00144EPSS
CVE
CVE
added 2025/07/25 1:20 p.m.29 views

CVE-2025-38411

CVE-2025-38411 affects the Linux kernel netfs code. The issue is a double put of the netfs request during cleanup: when a request finishes in the pause loop, the ref for IN_PROGRESS is removed, but the final wait loop may also call the collector if IN_PROGRESS is clear. The fix makes netfs_collec...

7.8CVSS6.4AI score0.00153EPSS
Total number of security vulnerabilities14330