Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2026/05/28 9:41 a.m.26 views

CVE-2026-46240

The CVE-2026-46240 issue affects the Linux kernel iris driver. A use-after-free occurs when iris_release_internal_buffers() accesses a buffer after session_release_buf() frees it, caused by a regression from a change that destroys internal buffers after FW releases. The documented fix sets BUF_AT...

7.8CVSS5.8AI score0.00124EPSS
CVE
CVE
added 2026/06/03 3:49 p.m.26 views

CVE-2026-46251

The CVE-2026-46251 issue is a Linux kernel Btrfs vulnerability where, when EXTENT_TREE_V2 is enabled, the block_group_tree may be added to switch_commits while still on the dirty_list, causing invalid list manipulation and corruption of block_group_root->dirty_list. This corruption can propaga...

8.4CVSS5.7AI score0.00132EPSS
CVE
CVE
added 2026/06/08 3:41 p.m.26 views

CVE-2026-46278

CVE-2026-46278 : In the Linux kernel, the drm/imagination driver fixes a segfault when updating the ftrace mask and corrects invalid data handling for a debugfs entry. The vulnerability manifested as a NULL pointer dereference leading to an Oops under kernel memory access, with a trace citing pvr...

5.5CVSS5.4AI score0.00107EPSS
CVE
CVE
added 2026/06/08 3:41 p.m.26 views

CVE-2026-46286

CVE-2026-46286 describes a Linux kernel issue in leds: qcom-lpg, where selecting high-resolution values from a 5-entry array uses FIELD_GET() to pull from a 3-bit register, risking out-of-bounds reads. The referenced fix adds a bounds check before indexing, preventing overflow and potential incor...

5.5CVSS5.4AI score0.00122EPSS
CVE
CVE
added 2026/06/08 3:46 p.m.26 views

CVE-2026-46297

CVE-2026-46297 corresponds to a Linux kernel issue in net: libwx regarding VF misc interrupts. The vulnerability arose from using request_threaded_irq() with a primary handler and a NULL threaded handler while setting IRQF_ONESHOT, which triggers a kernel warning (genirq: Warn about using IRQF_ON...

5.5CVSS5.4AI score0.00112EPSS
CVE
CVE
added 2026/06/08 3:50 p.m.26 views

CVE-2026-46309

The CVE-2026-46309 entry describes a Linux kernel issue in drm/xe/uapi where PAT indices with XE_COH_NONE coherency are rejected for CPU cached memory in madvise. The fix adds validation in xe_vm_madvise_ioctl() to prevent using coh_none on CPU cached buffers, as such usage could allow a GPU to b...

7CVSS5.4AI score0.00125EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.26 views

CVE-2026-53148

The CVE affects the Linux kernel Thunderbolt driver (tb_xdp_properties_request) where per-packet copy length is derived from the response header without bounds checking against the allocated data buffer, causing a potential out-of-bounds memcpy and memory corruption. The issue can lead to denial ...

7.8CVSS5.7AI score0.00145EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53193

CVE-2026-53193 concerns the Linux kernel ALSA timer component. When a snd_timer object is freed via snd_timer_free() while there are still pending snd_timer_instance entries linked to it, slave instances may continue to point at the freed timer, creating a use-after-free condition. The vulnerabil...

7.8CVSS5.7AI score0.00141EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53215

CVE-2026-53215 affects the Linux kernel mvpp2 driver: the RX path could return a descriptor buffer to the hardware Buffer Manager after it had been handed to XDP or an skb, allowing DMA into memory no longer owned by the RX ring. Root cause is improper handling of RX buffers in mvpp2_rx_refill() ...

9.8CVSS6AI score0.00546EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53253

CVE-2026-53253 affects the Linux kernel Bluetooth BNEP stack. The vulnerability arises when a BNEP peer sends a short SDU and the kernel bnep_rx_frame() reads the packet type, then bnep_rx_control() dereferences the control opcode or setup UUID-size byte before ensuring those bytes are present. T...

7.1CVSS5.7AI score0.00274EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.26 views

CVE-2026-53274

CVE-2026-53274 affects the Linux kernel net/smc code. A logic flaw in __smc_setsockopt() allowed a local unprivileged user to cause a Denial of Service by keeping the socket lock held during a copy_from_sockptr() operation. The vulnerability occurs because the copy is performed while holding lock...

5.5CVSS5.9AI score0.00126EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.26 views

CVE-2026-53281

The CVE-2026-53281 entries describe a Linux kernel IOMMU VT-d issue where NULL pointer dereference or refcount corruption could occur during teardown if dev_pasid was not found in the dev_pasids list or if domain was never attached. The root cause was improper teardown execution after potential N...

8.8CVSS5.7AI score0.00125EPSS
CVE
CVE
added 2026/06/26 7:41 p.m.26 views

CVE-2026-53322

CVE-2026-53322 affects the Linux kernel’s vfio/pci subsystem. The issue occurs during device shutdown when vfio_pci_core_close_device() disables a function before calling vfio_pci_dma_buf_cleanup(), allowing a small window where the function’s MSE is cleared while DMABUF-access to BARs may still ...

8.8CVSS5.8AI score0.00182EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.25 views

CVE-2022-49976

CVE-2022-49976 relates to Linux kernel code for x86 Android tablet handling, specifically the Chuwi Hi8 touchscreen issue. The vulnerability stems from the x86_android_tablets path calling x86_acpi_irq_helper_get() which may invoke acpi_unregister_gsi(), leading to touchscreen malfunctions and ke...

5.5CVSS6.5AI score0.00179EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.25 views

CVE-2022-50043

CVE-2022-50043 is a Linux kernel vulnerability in ndisc_router_discovery where, on certain paths after grabbing rt and neigh, a nonzero lifetime with a metric change causes the code to delete the route and potentially reacquire rt/neigh without decrementing the previous neigh reference count, lea...

5.5CVSS6.5AI score0.0016EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.25 views

CVE-2022-50089

CVE-2022-50089 affects the Linux kernel with the btrfs file system. The issue occurs when cow_file_range() fails mid-allocation (unlock=0) and may leave pages locked, potentially causing a hung task in zoned btrfs setups (as described in the provided reports). The included details show that the f...

5.5CVSS6.5AI score0.00159EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.25 views

CVE-2022-50113

The connected sources indicate CVE-2022-50113 affects the Linux kernel ASoc audio-graph-card2 component, where a refcount leak occurred in __graph_get_type() due to not calling of_node_put() before replacement and before return. The root cause is improper refcount management related to of_get_par...

5.5CVSS6.5AI score0.002EPSS
CVE
CVE
added 2025/06/18 11:3 a.m.25 views

CVE-2022-50182

CVE-2022-50182 concerns a Linux kernel issue in the media: imx-jpeg driver. The flaw involved aligning upwards the buffer size for both encoder and decoder, allowing arbitrary image dimensions (WxH) while leaving the picture resolution unchanged. The documented impact indicates the decoder risk o...

7.1CVSS6.9AI score0.00207EPSS
CVE
CVE
added 2025/09/15 2:20 p.m.25 views

CVE-2022-50263

CVE-2022-50263 concerns the Linux kernel component vdpasim. The vulnerability stems from a memory leak when freeing IOTLBs: after the commit that added control virtqueue support, vdpasim->iommu became an array of IOTLBs, and mappings must be cleaned for each free IOTLB rather than deleting onl...

5.5CVSS6.2AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.25 views

CVE-2022-50278

CVE-2022-50278 : In the Linux kernel, a memory leak was introduced in the PNP path by deferring the dynamic allocation of the device name until after pnp_add_id() (the fix was to move dev_set_name() after pnp_add_id()) following commit 1fa5ae857bb1. The vulnerability affects the PNP device naming...

5.5CVSS6.1AI score0.0015EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.25 views

CVE-2022-50288

The CVE-2022-50288 issue affects the Linux kernel qlcnic driver: under OOM, qlcnic_dcb_attach() can fail inside qlcnic_dcb_enable(), leading to adapter->dcb being freed while callers still use it via qlcnic_dcb_get_info(), causing a use-after-free. The fix propagates errors from qlcnic_dcb_ena...

5.5CVSS6.1AI score0.00148EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.25 views

CVE-2022-50295

CVE-2022-50295: In the Linux kernel io_uring/msg_ring path, a NULL pointer dereference occurs in io_msg_send_fd() when file_ptr is NULL, causing src_file to be NULL and get_file() to dereference a NULL pointer and trigger a crash. The issue was fixed by adding a NULL check in io_msg_send_fd(), pr...

5.5CVSS6AI score0.00127EPSS
CVE
CVE
added 2025/09/15 2:48 p.m.25 views

CVE-2022-50322

CVE-2022-50322 affects the Linux kernel RTC driver (msc313) where a function prototype mismatch in msc313_rtc_probe() was exposed under Clang with kCFI (CONFIG_CFI_CLANG). The indirect call validation failed when clk_disable_unprepare() did not match devm_add_action_or_reset() callback prototypes...

5.5CVSS5.9AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:48 p.m.25 views

CVE-2022-50323

CVE-2022-50323 (Linux kernel) : The vulnerability stems from skb_append_pagefrags() sensing pfmemalloc status for pages owned by user space, triggering a data race reported by KCSAN in the swap/LRU paths. The fix/mitigation is to stop sensing pfmemalloc status for these pages and to use skb_fill_...

5.5CVSS6AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.25 views

CVE-2022-50335

CVE-2022-50335 concerns the Linux kernel 9p client path where a new request’s refcount could remain uninitialized when allocated from slab and then added to idr, risking use-after-free/bad request data. The connected sources describe the root cause and a proposed fix: initialize the request’s ref...

5.5CVSS6.1AI score0.00141EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.25 views

CVE-2022-50336

CVE-2022-50336 – Linux kernel (fs/ntfs3) Root cause: a missing null pointer check in attr_load_runs_vcn when parsing certain NTFS metadata before MFT could permit a kernel NULL pointer dereference on malformed images. Impact: kernel crash/free crash (NPD) resulting from NULL dereference in ntfs-r...

5.5CVSS5.7AI score0.00145EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.25 views

CVE-2022-50387

The CVE-2022-50387 entry concerns a Linux kernel net: hinic issue where CMDQ memory leaks occur if hinic_set_cmdq_depth() fails during hinic_init_cmdqs(); the kernel patch fixes memory not being released. Affected component is the hinic CMDQ initialization path; remediation is the applied fix in ...

5.5CVSS6.2AI score0.00145EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.25 views

CVE-2022-50398

The CVE-2022-50398 entry affects the Linux kernel DRM MSM display path (drm/msm/dp). A race in commit_tail/drm_release could allow an extra frame to be pushed downstream when the display interface is down, causing dp_bridge_disable() to access the main link register with clocks disabled and trigg...

5.5CVSS6.3AI score0.00128EPSS
CVE
CVE
added 2025/09/18 4:3 p.m.25 views

CVE-2022-50409

CVE-2022-50409 is a Linux kernel vulnerability affecting networking code. The issue occurs when a socket is dead but code paths access the socket’s wait queue (sk_wq) during sk_stream_wait_memory, which can lead to a NULL dereference or use-after-free scenario when the socket is released while me...

5.5CVSS6.1AI score0.00147EPSS
CVE
CVE
added 2025/09/18 4:4 p.m.25 views

CVE-2022-50418

CVE-2022-50418 concerns the Linux kernel wifi path, specifically the ath11k MHI workflow. The issue: when mhi_alloc_controller() allocates mhi_ctrl and ath11k_mhi_read_addr_from_dt() fails, the code path returns without freeing the allocated controller, causing a memory leak. The documented fix a...

5.5CVSS6AI score0.00143EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.25 views

CVE-2022-50465

The CVE-2022-50465 issue is a Linux kernel ext4 fast-commit journal memory-leak: when the end of fast-commit journal blocks is unfinished, the unused tail space could leak uninitialized memory to disk. The published description states the fix is to zero out that unused space to prevent leakage. T...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/04 3:43 p.m.25 views

CVE-2022-50490

Summary: CVE-2022-50490 affects the Linux kernel bpf path in __htab_map_lookup_and_delete_batch, where a failed htab_lock_bucket() returning -EBUSY could cause silent bucket-skips, out-of-bounds memory access, or kernel memory exposure to userspace. Root cause: error from htab_lock_bucket() not p...

7.1CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.25 views

CVE-2022-50521

The CVE-2022-50521 issue affects the Linux kernel (platform/x86 mxm-wmi) with a memleak in mxm_wmi_call_mx[ds|mx]. The ACPI buffer (out.pointer) returned by wmi_evaluate_method() was not freed after the call, causing a memory leak. The patch fixes this by passing NULL to wmi_evaluate_method(), pr...

5.5CVSS6.3AI score0.00147EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.25 views

CVE-2022-50531

The CVE-2022-50531 issue is in the Linux kernel Tipc subsystem where an 4-byte portion of sub.usr_handle remained uninitialized when handling setsockopt for SOL_TIPC, causing a kernel infoleak detected by KMSAN. The fixed version initializes sub.usr_handle with an 8-byte write in tipc_topsrv_kern...

5.5CVSS5.8AI score0.00147EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.25 views

CVE-2022-50537

CVE-2022-50537 affects the Linux kernel through a memory-leak in the Raspberry Pi firmware path. The flaw occurs in rpi_firmware_probe(): when mbox_request_channel() fails, the allocated fw was not freed, leading to a leak. The fix, as described in the vulnerability notes, frees the fw via kfree(...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.25 views

CVE-2022-50539

In the Linux kernel, CVE-2022-50539 concerns the ARM OMAP2+ platform, specifically omap4-common. The issue arises in omap4_sram_init() where of_find_compatible_node() can return a node pointer with its refcount already incremented. The underlying root cause is a refcount leak related to node hand...

5.5CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.25 views

CVE-2022-50551

CVE-2022-50551 refers to a Linux kernel vulnerability in the brcmfmac wireless driver where a shift-out-of-bounds could occur during firmware allocation due to an oversized chiprev value used in BIT(chiprev). The patch adds a guard so the function brcmf_fw_alloc_request() returns NULL if chiprev ...

7.1CVSS6AI score0.00205EPSS
CVE
CVE
added 2025/09/15 2:3 p.m.25 views

CVE-2023-53149

CVE-2023-53149 concerns the Linux kernel ext4 filesystem. The issue arises from a filesystem-wide lock protecting ext4_writepages() that can deadlock during fs reclaim initiated by page writeback, due to a recursion scenario where ext4_writepages() attempts to acquire sbi->s_writepages_rwsem w...

5.5CVSS6AI score0.00109EPSS
CVE
CVE
added 2025/09/15 2:4 p.m.25 views

CVE-2023-53176

CVE-2023-53176 affects the Linux kernel serial subsystem (8250) where unbinding a port-specific 8250 driver leaves port->pm in use; serial8250_pm() then calls the now-gone driver, causing a hang/oops roughly 10 seconds later. The fix implements serial8250_set_defaults() in serial8250_unregiste...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.25 views

CVE-2023-53199

CVE-2023-53199 – Linux kernel, wifi: ath9k: hif_usb memory leak in rx stream . Syzkaller reported that when processing skbs in ath9k_hif_usb_rx_stream(), allocated skbs in skb_pool could be leaked if the function fails (e.g., due to an incorrect pkt_len or pkt_tag causing an input skb to be inval...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.25 views

CVE-2023-53220

CVE-2023-53220 affects the Linux kernel, specifically the media/az6007 driver. The vulnerability arises in az6007_i2c_xfer where user-controlled msg[i].buf could be dereferenced if msg[i].buf is null and msg[i].len is zero, bypassing previous checks and potentially crashing. The root cause is mis...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.25 views

CVE-2023-53222

CVE-2023-53222 pertains to the Linux kernel, specifically the JFS filesystem code (jfs_dmap). The issue is a mounting-time validation flaw in db_l2nbperpage: BLKTODMAP uses db_l2nbperpage to shift, and an unchecked large value can trigger a shift-out-of-bounds crash. The root cause is that db_l2n...

7.1CVSS6AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.25 views

CVE-2023-53253

CVE-2023-53253 affects the Linux kernel HID path for nvidia-shield. The underlying issue is a use-after-free caused by freeing the input_dev name during input_dev unregister, when the name is freed by devres cleanup via input_unregister_device. The mitigation described in the public records is to...

7.8CVSS6.1AI score0.00133EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.25 views

CVE-2023-53317

CVE-2023-53317 is a Linux kernel vulnerability in the ext4 subsystem, specifically the mb_find_extent path. The provided description shows a fix for a WARNING triggered in mb_find_extent and associated traces involving ext4_mb_complex_scan_group and ext4_ext_map_blocks, indicating a misbehavior i...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/16 4:12 p.m.25 views

CVE-2023-53327

CVE-2023-53327 concerns a Linux kernel iommufd selftest issue where an overflow of uptr and length near UINTPTR_MAX could trigger a WARN_ON in drivers/iommu/iommufd/selftest.c. The vulnerability is described as resolved, with the notable consequence being user memory range checks that must not ov...

5.5CVSS6.3AI score0.00134EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.25 views

CVE-2023-53347

CVE-2023-53347 (Linux kernel, net/mlx5e offloads): The issue arises from incorrect ordering between E-switch unpairing and uplink vport unload when switching modes or removing devices, causing a use-after-free during peer-flow cleanup and a kernel oops. The fix is to handle pairing of the E-switc...

5.5CVSS5.7AI score0.00187EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.25 views

CVE-2023-53353

The CVE concerns the Linux kernel in accel/habanalabs where the memory manager IDR destruction is postponed from the memory manager fini to hpriv_release(). The issue arises because destroying the IDR while a user context may still hold memory buffers could cause release calls to fail later, crea...

5.5CVSS6AI score0.00156EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.25 views

CVE-2023-53356

CVE-2023-53356 affects the Linux kernel’s USB gadget stack (usb: gadget: u_serial). The issue is a potential null pointer dereference in gserial_suspend if gserial_disconnect has cleared gser->ioport and suspend is invoked afterwards. The fix adds a null pointer check in gserial_suspend and in...

5.5CVSS6AI score0.00172EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.25 views

CVE-2023-53365

CVE-2023-53365 is documented across multiple advisories as a Linux kernel vulnerability affecting IPv6 multicast report handling. The issue arises in the ip6mr_cache_report path, where skb_push may move data backwards by a signed length (skb_network_offset(pkt) equals 4), leading to an invalid sk...

5.5CVSS5.9AI score0.00178EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.25 views

CVE-2023-53369

CVE-2023-53369 affects the Linux kernel’s DCB BCN parsing (net: dcb) where dcbnl_bcn_setcfg erroneously parsed tb[DCB_ATTR_BCN] attributes using the dcbnl_pfc_up_nest policy. This mismatch could cause parsing to overflow the intended policy bounds and read attributes (DCB_BCN_ATTR_BCNA_0..DCB_BCN...

5.5CVSS6.6AI score0.00161EPSS
Total number of security vulnerabilities14330