Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2026/05/27 12:59 p.m.29 views

CVE-2026-46101

CVE-2026-46101 — Linux kernel netfilter nft_bitwise : The issue arises in the carry-propagation for 32-bit words when a zero shift operand is used in nft_bitwise left/right shift expressions, causing undefined behaviour. The fix rejects zero shift operands during initialization and extends the ex...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.28 views

CVE-2023-53224

CVE-2023-53224 details (Linux kernel): The issue arises in ext4 where the release handler was set to kfree, which had an incompatible function prototype under clang KFIs. A wrapper with the correct prototype fixes the mismatch. The root cause is a function-prototype mismatch surfaced by Clang’s -...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.28 views

CVE-2026-43333

CVE-2026-43333 (Linux kernel BPF): The vulnerability arises from direct dereference of nullable PTR_TO_BUF pointers in check_mem_access(), where PTR_TO_BUF is matched via base_type() after PTR_MAYBE_NULL stripping, allowing NULL dereferences in map iterators ctx->key/value (NULL on stop callba...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 1:37 p.m.28 views

CVE-2026-43340

Summary (CVE-2026-43340): The Linux kernel COMEDI subsystem contains a spinlock (dev->spinlock) in struct comedi_device that can be reinitialized when a COMEDI device is reattached to different low-level drivers via COMEDI_DEVCONFIG. This race can occur if multiple drivers with different lockd...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.28 views

CVE-2026-43379

CVE-2026-43379 affects ksmbd (Linux kernel) with a use-after-free in smb_lazy_parent_lease_break_close. The opinfo pointer obtained via rcu_dereference(fp->f_opinfo) is accessed after rcu_read_unlock(), creating a race where the memory could be freed by a concurrent writer before subsequent de...

9.8CVSS5.7AI score0.00444EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.28 views

CVE-2026-43453

CVE-2026-43453 is a Linux kernel issue in the netfilter nft_set_pipapo path. The bug is a stack out-of-bounds read in pipapo_drop(), where rulemap[i+1].n is passed to pipapo_unmap() on every iteration, including the last when i == m->field_count-1. This reads past the end of the stack-allocate...

7.1CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/13 3:8 p.m.28 views

CVE-2026-43480

In CVE-2026-43480, the Linux kernel ASoC driver for the amd acp3x-rt5682-max9836 (acp3x_5682_init) failed to check the return value of clk_get(), risking dereferencing an error pointer in rt5682_clk_enable(). The fix is to switch to device-managed devm_clk_get() and add IS_ERR() checks for both c...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/05/13 3:8 p.m.28 views

CVE-2026-43484

CVE-2026-43484 – Linux kernel MMC core : The vulnerability stems from concurrent updates to bitfield flags (claimed and retune_now) sharing a word, enabling write–overwrite of other bits in async contexts and triggering spurious WARN_ON(!host->claimed). The fix moves claimed, can_retune, retun...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/05/27 12:15 p.m.28 views

CVE-2026-45853

The CVE-2026-45853 issue is in the Linux kernel drm/amdgpu component. The function amdgpu_discovery_get_nps_info() allocates memory for ranges with kvcalloc() (potentially vmalloc), but frees it with kfree(), which may corrupt vmalloc memory. The documented fix is to use kvfree() to safely handle...

7.8CVSS5.8AI score0.00163EPSS
CVE
CVE
added 2026/05/27 12:16 p.m.28 views

CVE-2026-45886

CVE-2026-45886: In the Linux kernel, a patch fixes the bpf_xdp_store_bytes prototype for read-only arguments. The issue caused the verifier to treat the third argument as a BPF_WRITE target when NATed map memory was read-only, resulting in a forbidden write to a read-only map. The patch adjusts t...

5.5CVSS5.8AI score0.0016EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.28 views

CVE-2026-45893

CVE-2026-45893 (Linux kernel/AppArmor issue) is addressed by patches in various OS branches. The vulnerability stems from creating tables from user-provided data that may be unaligned in memory, risking unaligned memory accesses when AppArmor builds tables. Connected OSV entries indicate patches ...

7.1CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.28 views

CVE-2026-45908

The CVE-2026-45908 issue affects the Linux kernel’s accel/amdxdna component, specifically amdxdna_ubuf_map. The function allocates memory for sg and internal sg table structures but does not free them if subsequent operations (sg_alloc_table_from_pages or dma_map_sgtable) fail, resulting in a mem...

5.5CVSS5.8AI score0.00153EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.28 views

CVE-2026-45911

CVE-2026-45911 affects the Linux kernel USB3 (cdns3) driver. When a USB role switch to host occurs during resume, the host path can dereference an uninitialized xhci-hcd device, causing a NULL pointer dereference. The fixed behavior is to skip the resume operation for the newly chosen role if a r...

5.5CVSS5.8AI score0.00156EPSS
CVE
CVE
added 2026/05/27 12:17 p.m.28 views

CVE-2026-45914

CVE-2026-45914 affects the Linux kernel hwmon ibmpex driver, where a race during sensor deletion can race with userspace access to a freed sensor data structure, causing a use-after-free and potential crash. The description notes that the patch reverting the previous fix (6946c726…) may introduce...

7.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.28 views

CVE-2026-45969

The CVE concerns the Linux kernel HID PlayStation driver. In ps_gamepad_create(), the call to input_ff_create_memless() is made without verifying its return value, which can cause incorrect behavior or crashes when Force Feedback effects are triggered. Multiple connected sources indicate the issu...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.28 views

CVE-2026-45985

CVE-2026-45985 affects the Linux kernel/ext4: during within-EOF direct I/O and writeback with dioread_nolock, unwritten extents could be converted incorrectly when splitting before submitting I/O, potentially exposing stale data. Root cause: EXT4_GET_BLOCKS_CONVERT was set during ext4_split_conve...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.28 views

CVE-2026-45994

The CVE-2026-45994 issue affects the Linux kernel ibmasm: command_file_write, where a kernel buffer is allocated with count bytes and user data copied without validating against the dot command header, enabling out-of-bounds reads via get_dot_command_size/timeout and memcpy_toio. Patches introduc...

7.1CVSS5.9AI score0.00139EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.28 views

CVE-2026-45996

The CVE-2026-45996 entry concerns a use-after-free in the Linux kernel SPI IMX driver (on unbind/deregistration). The root cause is that upon deregistering the SPI controller, driver data may be freed while still referenced, requiring an extra reference before deregistration to ensure data remain...

7.8CVSS5.8AI score0.00139EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.28 views

CVE-2026-45999

The CVE-2026-45999 issue affects the Linux kernel EROFS LZ4 inplace decompression path (z_erofs_lz4_handle_overlap). Crafted extents can trigger an unsigned underflow (outpages

7.1CVSS5.7AI score0.00131EPSS
CVE
CVE
added 2026/05/27 12:56 p.m.28 views

CVE-2026-46006

The CVE-2026-46006 entry concerns the Linux kernel’s drm/nouveau driver. A 32‑bit overflow in nouveau_gem_pushbuf_reloc_apply() could cause incorrect relocation bounds checks: r->reloc_bo_offset + 4 is computed in 32‑bit space, wrapping before comparing to nvbo->bo.base.size. The fix casts ...

7.8CVSS5.8AI score0.00143EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.28 views

CVE-2026-46047

CVE-2026-46047: In the Linux kernel, net: qrtr: ns use-after-free in driver remove is fixed. The vulnerability arises if a packet arrives after destroy_workqueue() but before sock_release(), causing qrtr_ns_data_ready() to queue a work item that dereferences freed memory. Root and distro advisori...

7.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.28 views

CVE-2026-46053

CVE-2026-46053 affects the Linux kernel RDS memory-registration cleanup. In net/rds, __rds_rdma_map() transfers ownership of sg/pages after get_mr(); if copying the cookie back to user space fails, resources could be freed more than once. The fix removes a duplicate unpin/free in the put_user() f...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.28 views

CVE-2026-46062

In the Linux kernel ntfs3 driver, CVE-2026-46062 arises from an integer overflow in run_unpack() where the volume boundary check uses raw addition (lcn + len) against sbi->used.bitmap.nbits. This can wrap for large lcn/len values, bypassing validation. A fix uses check_add_overflow() (consiste...

7.8CVSS5.8AI score0.00142EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.28 views

CVE-2026-46066

CVE-2026-46066 pertains to a Linux kernel issue that surfaces as a panic in multi-folio encrypted writes when a bounce buffer allocation fails during fscrypt-enabled CephFS writes. The root cause, described in the CVE entry, is that move_dirty_folio_in_page_array() may fail after the batch has st...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/27 12:58 p.m.28 views

CVE-2026-46074

CVE-2026-46074 is addressed in openSUSE openSUSE Tumbleweed via kernel-devel-7.0.11-1.1. The issue is in the Linux kernel SPI ch341 driver, where memory leaks occur on probe failures due to improper cleanup. The patch requests deregistration of the controller, disabling pins, and killing/freeing ...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.28 views

CVE-2026-46106

CVE-2026-46106 concerns the Linux kernel eventfs remount race. The root cause is a race where eventfs_inodes are traversed while remounts are performed, due to mixing rcu_read_lock usage with SRCU and not holding eventfs_mutex during the critical walk. The fix (commit 340f0c7067a9) updates the ev...

5.5CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.28 views

CVE-2026-46128

The CVE-2026-46128 issue concerns the Linux kernel IPMI event message handling. The root cause is an insufficiently validated event message buffer/data size occurring when fetching events, with some BMCs returning an empty message instead of an error. This leads to a potential failure in processi...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.28 views

CVE-2026-46138

The CVE-2026-46138 issue affects the Linux kernel Bluetooth subsystem, specifically hci_le_create_big_complete_evt. A loop over BT_BOUND connections for a BIG handle may access ev->bis_handle[i++] without ensuring i

8.1CVSS5.7AI score0.00277EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.28 views

CVE-2026-46184

CVE-2026-46184 relates to the Linux kernel sound/ua101 driver. The root cause is a missing sanity check for bNrChannels in detect_usb_format(), which can lead to a division by zero in playback_urb_complete() and capture_urb_complete() when a device reports bNrChannels = 0. The USB core does not v...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/28 9:41 a.m.28 views

CVE-2026-46236

CVE-2026-46236 affects the Linux kernel media: rc Xbox remote driver, where the IO buffer was placed in the device structure, violating DMA coherency rules. This is a local, low-complexity issue with high availability impact. Publicly documented fixes are present in OSV entries for Root: Debian 1...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/06/03 3:50 p.m.28 views

CVE-2026-46264

CVE-2026-46264 addresses a Linux kernel flaw in drm/xe/pf where an error in devm_add_action_or_reset() can cause a cleanup action to run on an uninitialized kobject during sysfs initialization. This use-after-free and kobject_put() on an uninitialized object is mitigated by ensuring proper initia...

8.8CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/06/03 3:50 p.m.28 views

CVE-2026-46267

CVE-2026-46267 affects the Linux kernel NFC HCI SHDLC subsystem. The root cause is that timers and state-machine work can remain active during llc_shdlc_deinit(), which purges SHDLC skb queues and frees the llc_shdlc structure while callbacks may still access SHDLC state and queues. If teardown r...

7.8CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/06/09 12:36 p.m.28 views

CVE-2026-52907

The CVE-2026-52907 entry concerns the Linux kernel component media: rockchip: rkcif. The root cause is off-by-one errors in array handling, where comparisons were made with > instead of >=, risking reads beyond the end of arrays. The fix updates comparisons to use proper bounds checks and s...

7.8CVSS5.4AI score0.00112EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.28 views

CVE-2026-52914

In the Linux kernel, the batman-adv component is affected by CVE-2026-52914. The root cause is an accounting bug where the accumulated fragment length used for validating queued fragment chains can be truncated during updates. This allows malformed fragment chains to bypass validation and drive r...

9.8CVSS5.7AI score0.00519EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.28 views

CVE-2026-53205

The CVE-2026-53205 issue is in the Linux kernel Intel Versatile Processing Unit (IVPU) accelerator driver (accel/ivpu). It stems from insufficient validation of read/write indices in the firmware log buffer, allowing potential out-of-bounds access if firmware supplies invalid indices. Affected sy...

7.1CVSS6AI score0.00131EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.27 views

CVE-2022-50078

CVE-2022-50078 describes a resolved Linux kernel issue in the tracing subsystem (eprobes). The root cause is a NULL pointer dereference that occurs when event probes (eprobes) try to retrieve the instruction pointer (RIP) using registers, while eprobes do not use pt_regs. The fix, implemented in ...

5.5CVSS6.2AI score0.002EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.27 views

CVE-2022-50119

The CVE-2022-50119 issue concerns the Linux kernel and a refcount leak in rpmsg_register_device_override. The root cause is that put_device was not invoked to free the vchan on a driver_set_override error path, risking a leak. The fix adds a put_device() in the error path to ensure proper resourc...

5.5CVSS6.4AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.27 views

CVE-2022-50217

CVE-2022-50217 affects the Linux kernel’s fuse_release path. A race between write(2) and close(2) can cause pages to be dirtied after fuse_flush → write_inode_now(), potentially leaving writable pages unflushed and risking file state on release. The description across connected sources indicates ...

5.5CVSS6.2AI score0.00186EPSS
CVE
CVE
added 2025/09/15 2:2 p.m.27 views

CVE-2022-50244

CVE-2022-50244 affects the Linux kernel code path in cxl_pci_init_afu|adapter() where a failed device_register() leaves a not-added device and leads to a potential null pointer dereference if device_unregister() is called in the error path. The fix splits unregister logic into device_del() and pu...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.27 views

CVE-2022-50275

The CVE-2022-50275 issue affects the Linux kernel Radeon driver: the radeon_acpi_vfct_bios() path failed to call acpi_put_table() after ACPI BIOS parsing, causing an ACPI memory leak. The vulnerability is addressed by adding the missing acpi_put_table() call to release ACPI memory post-init, as d...

5.5CVSS5.9AI score0.00145EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.27 views

CVE-2022-50287

The CVE-2022-50287 entry pertains to the Linux kernel DRM/I915 path, where a memory leak/undefined behavior can occur in generate_lfp_data_ptrs. Specifically, ptrs is freed via kfree() when (size != 0 || ptrs->lvds_entries != 3) but ptrs was not allocated with kzmalloc(); it was obtained by po...

5.5CVSS6AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.27 views

CVE-2022-50327

CVE-2022-50327 in the Linux kernel concerns ACPI: processor: idle where acpi_fetch_acpi_dev() could return NULL, causing a NULL pointer dereference in acpi_device_hid(). The connected Nessus/SUSE advisories confirm this CVE is addressed in kernel live patches for SUSE SLES15 SP5 (multiple patches...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.27 views

CVE-2022-50372

CVE-2022-50372 pertains to the Linux kernel’s CIFS/SMB client: a memory leak occurs when building the ntlmssp negotiate blob during mount of CIFS shares. The issue manifests as an unreferenced object and can lead to a session setup leak if the negotiate blob construction fails. The vulnerability ...

5.5CVSS6.1AI score0.00168EPSS
CVE
CVE
added 2025/09/18 1:32 p.m.27 views

CVE-2022-50375

CVE-2022-50375 affects the Linux kernel: the fix ensures that in lpuart_dma_shutdown the flags for lpuart_dma_tx_use and lpuart_dma_rx_use are set to false. Without this, lpuart_flush_buffer could access DMA APIs after DMA teardown, causing aborts. The patch prevents DMA access after relinquishme...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.27 views

CVE-2022-50396

CVE-2022-50396 affects the Linux kernel’s net/sched tcindex code. The root cause is in tcindex_change when old_r is taken from p->perfect: the code allocates a new filter result via tcindex_alloc_perfect_hash() and then calls tcindex_filter_result_init() to clear the old result without destroy...

5.5CVSS5.9AI score0.00159EPSS
CVE
CVE
added 2025/09/18 4:3 p.m.27 views

CVE-2022-50414

CVE-2022-50414 concerns the Linux kernel: during SCSI over FCoE, fcoe_init() calls fcoe_transport_attach(&fcoe_sw_transport). If fcoe_if_init() fails, the transport is not detached, leaving a freed fcoe_sw_transport on the fcoe_transports list. This causes a kernel panic when the module is reinse...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:4 p.m.27 views

CVE-2023-53180

Technical specifics (affected versions, exploit details, patch) are not provided in the connected documents. Monitor for updates regarding CVE-2023-53180 and its kernel fix for ath12k NULL pointer handling in management transmit cleanup.

5.5CVSS6.1AI score0.00128EPSS
CVE
CVE
added 2025/09/15 2:6 p.m.27 views

CVE-2023-53196

CVE-2023-53196 affects the Linux kernel USB subsystem (dwc3 on Qualcomm platforms). The issue was a memory leak in dwc3_qcom_probe(), where allocated memory for the resource structure pointed to by parent_res was not freed. The fix replaces that dynamic allocation with stack-allocated memory to p...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.27 views

CVE-2023-53202

CVE-2023-53202 concerns the Linux kernel memory-leak issue from using debugfs_lookup() without releasing the acquired object. The mitigation implemented across connected advisories is to use debugfs_lookup_and_remove() (which handles the look-up and cleanup in one step) or to ensure dput() is cal...

5.5CVSS6.2AI score0.00151EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.27 views

CVE-2023-53211

The CVE-2023-53211 issue affects the Linux kernel’s driver core, where a struct acpi_pld_info *pld was not freed before returning on allocation failure, risking a memory leak. The fix adds ACPI_FREE() calls to release the allocated memory before the function exits. Connected documents confirm thi...

5.5CVSS6.1AI score0.00143EPSS
Total number of security vulnerabilities14330