Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/09/18 4:4 p.m.24 views

CVE-2023-53426

Technical details for CVE-2023-53426 are not provided in the connected documents. No affected product/version or remediation details are disclosed here. Monitor official advisories from vendors/sources for updates.

7.8CVSS6.3AI score0.00141EPSS
CVE
CVE
added 2025/09/18 4:4 p.m.24 views

CVE-2023-53447

CVE-2023-53447 affects the Linux kernel's f2fs: remount() may reset the READ_EXTENT_CACHE mount option, creating a race with fallocate() that can trigger a NULL pointer dereference under extent_cache locks. Root cause is a race between remount and fallocate due to default_options panel updating o...

4.7CVSS6.1AI score0.00086EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.24 views

CVE-2023-53449

CVE-2023-53449 affects the Linux kernel in the s390/dasd area. The root cause was a potential memory leak in dasd_eckd_init() where dasd_reserve_req was allocated before dasd_vol_info_req and could not be freed on error. The fix ensures dasd_reserve_req is freed before error returns, matching the...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.24 views

CVE-2023-53487

CVE-2023-53487 concerns the Linux kernel under POWERPC: the powerpc/rtas_flash path allowed a user to copy memory into flash_block_cache objects when hardened usercopy is enabled (CONFIG_HARDENED_USERCOPY=y). The flaw is triggered via the /proc/powerpc/rtas/firmware_update interface, causing a ke...

7.8CVSS6.1AI score0.00153EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.24 views

CVE-2023-53489

CVE-2023-53489 affects the Linux kernel memory handling for UDP sockets with TX timestamps and zerocopy skbs. The issue is a memory leak: clones of skbs and their ubuf references can keep a socket refcnt and skb references in the error/clock path, causing leaked sk, sock and skb when close() is c...

5.5CVSS6AI score0.00149EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.24 views

CVE-2023-53497

Mode C: The CVE-2023-53497 issue affects the Linux kernel’s vsp1 driver where vb2_is_streaming() is checked in .buf_queue(); a change (commit a10b21532574) to set the vb2_queue .streaming flag in vb2_core_streamon() before enqueuing buffers caused the driver to believe .start_streaming() had been...

5.5CVSS6.2AI score0.0015EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.24 views

CVE-2023-53510

CVE-2023-53510 : Linux kernel SCSI UFS core vulnerability. The issue is that ufshcd_queuecommand() could be invoked twice for a SCSI command before completion, caused by improper handling of lrbp->cmd in command submission paths. The fix, per the description, disables checking/clearing of the ...

7.8CVSS6.3AI score0.00144EPSS
CVE
CVE
added 2025/10/01 11:46 a.m.24 views

CVE-2023-53519

CVE-2023-53519 affects the Linux kernel media/v4l2-mem2mem path. The issue is a data race in v4l2_m2m_buf_queue when reading the parameter num_rdy, mitigated by introducing a lock to protect that parameter (as described in the OSV and SUSE advisories). Affected component: media: v4l2-mem2mem. Roo...

5.5CVSS6AI score0.00107EPSS
CVE
CVE
added 2025/10/01 11:46 a.m.24 views

CVE-2023-53524

CVE-2023-53524 involves an integer overflow in the Linux kernel’s iwl_write_to_user_buf() used by iwl_dbgfs_monitor_data_read() in iwlwifi PCIe. The bug computes buf_size_left from count and *bytes_copied, then reduces it and may pass a negative value to copy_to_user, causing a heap overflow. It ...

7.8CVSS6.4AI score0.00158EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.24 views

CVE-2023-53552

CVE-2023-53552 affects the Linux kernel DRM i915 component, specifically marking requests for GuC virtual engines to prevent use-after-free across sync_file/dma-buf handling. The underlying issue is that i915_requests could be trapped by userspace and held across processes, creating a memory-leak...

7.8CVSS6.1AI score0.00155EPSS
CVE
CVE
added 2025/10/04 3:17 p.m.24 views

CVE-2023-53562

CVE-2023-53562 affects the Linux kernel DRM MSM driver. The issue is a VRAM leak that occurs when a subcomponent fails to bind, and the fix releases the VRAM buffer on bind errors. The vulnerability is mitigated by applying the patch that adds VRAM release on error paths (patch reference: patchwo...

5.5CVSS6.2AI score0.00136EPSS
CVE
CVE
added 2025/10/04 3:44 p.m.24 views

CVE-2023-53612

CVE-2023-53612 affects the Linux kernel hwmon subsystem, specifically the coretemp platform driver. The vulnerability arises from unconventional platform-device handling where work is done globally by initcalls and CPU hotplugnotifiers, while the driver mainly wraps allocation and hwmon interface...

5.5CVSS6.2AI score0.00136EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.24 views

CVE-2023-53658

CVE-2023-53658 affects the Linux kernel BCM-QSPI SPI driver (spi/bcm-qspi). If neither hif_mspi nor mspi resources exist, probe may succeed while doing nothing, then removal dereferences a NULL drvdata pointer. The fix unconditionally calls devm_ioremap_resource(), which handles NULL resources an...

5.5CVSS6AI score0.00141EPSS
CVE
CVE
added 2025/12/30 12:23 p.m.24 views

CVE-2023-54285

CVE-2023-54285 : In the Linux kernel, a vulnerability in iomap_write_delalloc_scan could overflow when folio_next_index() (unsigned long) is left shifted by PAGE_SHIFT on 32-bit systems. The fix replaces the overflow-prone calculation with folio_pos(folio) + folio_size(folio), ensuring correct ov...

7.8CVSS6.4AI score0.00161EPSS
CVE
CVE
added 2025/12/30 12:34 p.m.24 views

CVE-2023-54321

CVE-2023-54321: Linux kernel driver core path (device_add) fix for a null pointer dereference in the error path. If dev->driver is set and bus_remove_device() is invoked before the device is bound, access to dev->p->knode_driver can dereference a NULL pointer. The fix is to clear dev-&gt...

5.5CVSS6.3AI score0.00129EPSS
CVE
CVE
added 2025/09/24 11:2 a.m.24 views

CVE-2024-58241

CVE-2024-58241 is a Linux kernel vulnerability affecting the Bluetooth stack. The issue arises in Bluetooth: hci_core where, on hci_unregister_dev, submissions using disable_work_* are not disablable because the associated hci_dev is about to be freed. The provided connected documents confirm the...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/06/18 9:28 a.m.24 views

CVE-2025-38017

CVE-2025-38017 affects the Linux kernel, specifically the fs/eventpoll path used by epoll_pwait2. After the fix in the commit described as setting epoll timeout when in the future, a non-zero timeout (e.g., 1 ns) could cause an endless busy loop if the timeout expires before ep_poll() is entered,...

5.5CVSS6.5AI score0.0014EPSS
CVE
CVE
added 2025/07/10 7:41 a.m.24 views

CVE-2025-38271

CVE-2025-38271 affects the Linux kernel where a NULL dereference could occur in rtnl_create_link() when dev->netdev_ops is NULL. The fix removes usage of netdev_lock_ops() and replaces dev_set_group() with netif_set_group() to avoid the dereference during rtnl_create_link() execution. The issu...

5.5CVSS6.6AI score0.00137EPSS
CVE
CVE
added 2025/07/25 2:32 p.m.24 views

CVE-2025-38433

CVE-2025-38433 concerns a Linux kernel issue on riscv nommu kernels where the function __runtime_fixup_32 fails to handle a zero-valued upper 32 bits during patching, potentially producing garbage in the pointer’s upper half and causing a kernel panic when accessed. The fixed logic adjusts the co...

5.5CVSS6.2AI score0.00137EPSS
CVE
CVE
added 2025/09/05 5:21 p.m.24 views

CVE-2025-39712

The CVE-2025-39712 issue affects the Linux kernel media/mt9m114 driver. The deadlock occurred when using V4L2 subdev pad ops get_frame_interval/set_frame_interval due to locking in the subdev state plus the driver. The fix removes the redundant lock operations from mt9m114_ifp_get_frame_interval(...

5.5CVSS5.8AI score0.00105EPSS
CVE
CVE
added 2025/09/05 5:27 p.m.24 views

CVE-2025-39725

CVE-2025-39725 affects the Linux kernel, specifically the hwpoison handling path in mm/vmscan shrink_folio_list. The issue occurs when a hwpoisoned large folio (THP) cannot be mapped/unmapped properly; without TTU_SPLIT_HUGE_PMD, a null-ptr dereference can occur in pvmw.pte, and even with the fla...

5.5CVSS5.6AI score0.00135EPSS
CVE
CVE
added 2025/09/07 3:16 p.m.24 views

CVE-2025-39729

CVE-2025-39729 affects the Linux kernel crypto CCP implementation. The issue arises from dereferencing an uninitialized error pointer in sev-dev.c:1312, previously allowing an assumption that the variable could be NULL and leading to a potential crash or instability. The vulnerability was address...

5.5CVSS6AI score0.00119EPSS
CVE
CVE
added 2025/09/07 3:16 p.m.24 views

CVE-2025-39732

CVE-2025-39732: In the Linux kernel, the ath11k driver slept in an atomic context during ieee80211_iterate_stations_atomic() via ath11k_mac_disable_peer_fixed_rate(), triggering a BUG: sleeping function called from invalid context. The issue is fixed by switching the iteration to ieee80211_iterat...

5.5CVSS5.9AI score0.00135EPSS
CVE
CVE
added 2025/09/11 4:52 p.m.24 views

CVE-2025-39748

CVE-2025-39748 - Linux kernel BPF verifier issue (JSET) patched Root cause: A verifier range refinement bug after JSET could produce inconsistent register bounds on an unreachable path, due to not forgetting ranges after narrowing tnums post-JSET. Impact: Local access to kernel may be affected; C...

5.5CVSS6AI score0.00147EPSS
CVE
CVE
added 2025/09/11 4:52 p.m.24 views

CVE-2025-39759

CVE-2025-39759 affects the Linux kernel’s btrfs quota subsystem. A race between disabling quotas and running btrfs_ioctl_quota_rescan() can lead to a use-after-free of qgroup records in fs_info->qgroup_tree due to Task B freeing qgroups without holding fs_info->qgroup_lock while Task A iter...

7CVSS6AI score0.00108EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.24 views

CVE-2025-39765

CVE-2025-39765 affects Linux kernel ALSA timer handling. The issue is in snd_utimer_create() where, if kasprintf() returns NULL, snd_utimer_put_id() frees an ID that was never allocated, leading to ida_free() being called on id=0. The root cause is that utimer->id is not guaranteed to be valid...

5.5CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.24 views

CVE-2025-39780

The CVE-2025-39780 entry concerns the Linux kernel sched_ext scheduler. The issue was an invalid task state transition during class switch, caused by skipping initialization for tasks that are already dead (usage counter zero) and not excluding them during the scheduling class transition. The res...

5.5CVSS6.1AI score0.00134EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.24 views

CVE-2025-39791

The vulnerability CVE-2025-39791 affects Linux kernel dm-crypt targets (zoned devices) where BIOs can be split to respect max_read_size/max_write_size. For zoned targets, splitting could cause a deadlock or data corruption if a splitBIO reminder re-enters the queue or if zone-append processing is...

5.5CVSS6.1AI score0.00113EPSS
CVE
CVE
added 2025/09/19 3:26 p.m.24 views

CVE-2025-39855

Summary: CVE-2025-39855 concerns the Linux kernel ICE driver (notably the E810’s low-latency TX timestamp interface). The bug occurs in ice_ptp_ts_irq() where the Tx timestamp tracker ice_ptp_tx is used before being initialized, risking NULL dereference or use-after-free if a TX timestamp interru...

7.8CVSS5.9AI score0.00151EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.24 views

CVE-2025-39872

Summary (CVE-2025-39872) : The vulnerability affects the Linux kernel’s hsr code path. The bug arises in hsr_get_port_ndev, where hsr_for_each_port requires an RCU lock while the caller later needs a valid device reference, creating a UaF risk. Documents from Red Hat, Debian, and OSS/OSV portals ...

5.5CVSS6.1AI score0.00134EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.24 views

CVE-2025-39875

CVE-2025-39875: Linux kernel igb driver NULL pointer dereference during ethtool loopback test due to missing q_vector for test ring. The fix adjusts the __xdp_rxq_info_reg() call by using 0 as napi_id (since napi_id isn't needed after commit 5ef44b3cb43b), preventing NULL dereferences when ethtoo...

5.5CVSS6AI score0.00119EPSS
CVE
CVE
added 2025/09/24 11:2 a.m.24 views

CVE-2025-39890

CVE-2025-39890 fixes a memory leak in the Linux kernel’s ath12k driver. In ath12k_service_ready_ext_event(), the code path that handles a failure does not free svc_rdy_ext.mac_phy_caps, leading to a leaked 1024-byte object reported by kmemleak. The patch ensures that mac_phy_caps is freed in erro...

5.5CVSS6.1AI score0.00137EPSS
CVE
CVE
added 2025/10/01 7:44 a.m.24 views

CVE-2025-39916

CVE-2025-39916 affects the Linux kernel DAMON subsystem (mm/damon/reclaim). The issue is a divide-by-zero in the calculation of min_age_region when creating a new DAMON_RECLAIM scheme, where aggr_interval is used as the divisor. The documented fix directly returns -EINVAL in this case, preventing...

5.5CVSS6.1AI score0.00137EPSS
CVE
CVE
added 2025/10/04 7:30 a.m.24 views

CVE-2025-39933

CVE-2025-39933 affects the Linux kernel SMB client: recv_done verification of data_offset, data_length and remaining_data_length (a local‑vector issue). The vulnerability is acknowledged in multiple advisories (e.g., RHSA-2026:1727, ALSA-2026:0793, RLSA advisories) and is linked to kernel fixes i...

5.5CVSS6.2AI score0.0012EPSS
CVE
CVE
added 2025/10/04 7:30 a.m.24 views

CVE-2025-39934

CVE-2025-39934: Linux kernel drm: bridge: anx7625 fixes a NULL pointer dereference when an IRQ fires before resource initialization, potentially accessing uninitialized I2C tcpc_client data. The NVD entry notes a MEDIUM base score (5.5) with LOCAL attack vector and LOW PR, HIGH impact on availabi...

5.5CVSS6.1AI score0.00137EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.24 views

CVE-2025-39942

CVE-2025-39942 is a Linux kernel vulnerability affecting the ksmbd smbdirect component. The issue, described as: “verify remaining_data_length respects max_fragmented_recv_size,” is a refinement inspired by the existing check for data_offset + data_length. The connected sources identify this CVE ...

5.5CVSS6.2AI score0.00136EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.24 views

CVE-2025-39948

The CVE-2025-39948 issue is in the Linux kernel ice driver’s RX path for multi-buffer/XDP frames. A zero-size descriptor could cause ice_put_rx_mbuf() to skip a buffer, preventing ice_put_rx_buf() and leaving a stale page in the RX ring. This could break page reuse/free logic (ice_reuse_rx_page) ...

5.5CVSS5.9AI score0.00135EPSS
CVE
CVE
added 2025/10/09 12:13 p.m.24 views

CVE-2025-39961

Summary. CVE-2025-39961 covers a race in the AMD IOMMU pgtable path where unmap may read pgtable->[root/mode] without a lock while the driver increases address space. This can lead to reading a mismatched page-table level, causing iommu_unmap to fail and upper layers to log WARN_ON. The fix, i...

4.7CVSS5.8AI score0.00101EPSS
CVE
CVE
added 2026/01/13 3:31 p.m.24 views

CVE-2025-71076

Technical details for CVE-2025-71076 are not publicly provided in the supplied documents. Monitor for updates for affected products, versions, exploitability, and remediation specifics.

5.5CVSS6.1AI score0.00121EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.24 views

CVE-2025-71080

CVE-2025-71080 involves a race in the Linux kernel on PREEMPT_RT where rt6_get_pcpu_route() may return NULL and allow another task on the same CPU to install a pcpu_rt entry, causing a later cmpxchg() failure and a BUG_ON(prev). The fix makes the cmpxchg() failure graceful by freeing the allocati...

5.5CVSS6.2AI score0.00119EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.24 views

CVE-2025-71090

CVE-2025-71090 describes a Linux kernel NFS daemon leak in nfsd4_add_rdaccess_to_wrdeleg(). The function overwrites fp->fi_fds[O_RDONLY] with a new nfsd_file even when a SHARE_ACCESS_READ is already open, thereby orphaning the prior reference. It previously stored the same nfsd_file pointer in...

5.5CVSS5.9AI score0.001EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.24 views

CVE-2025-71092

Summary : The CVE-2025-71092 entry corresponds to a Linux kernel issue in RDMA/bnxt_re where an OOB write occurred during hw_stats allocation in bnxt_re_copy_err_stats(). The root cause was that three counters (BNXT_RE_REQ_CQE_ERROR, BNXT_RE_RESP_CQE_ERROR, BNXT_RE_RESP_REMOTE_ACCESS_ERRS) were a...

7.8CVSS6.3AI score0.00112EPSS
CVE
CVE
added 2026/02/18 2:21 p.m.24 views

CVE-2025-71225

CVE-2025-71225: Linux kernel vulnerability in RAID update path. When updating raid_disks via sysfs, freeze_array may unblock before queued r1bio structures are released, causing free_r1bio() to access memory with the old raid_disks/mempool configuration. This can lead to out-of-bounds access and ...

5.3CVSS5.3AI score0.00084EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.24 views

CVE-2025-71235

CVE-2025-71235 : Linux kernel, scsi: qla2xxx driver. The issue arises when a module unload is issued while a fabric scan is in progress, causing a crash due to freeing memory in interrupt context (dma_free_attrs) after the UNLOADING flag is set and a scheduled work item cannot be allocated. Root ...

5.5CVSS5.2AI score0.00118EPSS
CVE
CVE
added 2026/06/08 2:30 p.m.24 views

CVE-2025-71315

The CVE-2025-71315 vulnerability concerns the Linux kernel’s drm/vkms path. Connected sources confirm a concrete fix: vkms’ vblank timer was replaced with DRM’s vblank timer implementation, removing the hrtimer from vkms_output and delegating to the DRM vblank timeout path via handle_vblank_timeo...

5.5CVSS5.5AI score0.00112EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.24 views

CVE-2026-22980

The CVE-2026-22980 issue is confirmed to affect the Linux kernel and is addressed by a patch that fixes a race between v4_end_grace writes and server shutdown. The fix introduces two new fields in the nfsd network context: client_tracking_active (protected by nn->client_lock) and grace_end_for...

7.8CVSS5.2AI score0.0013EPSS
CVE
CVE
added 2026/01/28 2:24 p.m.24 views

CVE-2026-23014

The CVE-2026-23014 issue concerns the Linux kernel perf subsystem, specifically the swevent hrtimer. The root cause is that after changing hrtimer_try_to_cancel() in perf_swevent_cancel_hrtimer(), the hrtimer could remain active when the event is freed. The fix adds a full hrtimer_cancel() on the...

7.8CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/01/31 11:38 a.m.24 views

CVE-2026-23016

The CVE concerns the Linux kernel’s conntrack/frag handling (inet: frags: drop fraglist conntrack references). A bug allows reassembled skb fragments to retain nf_conn references via frag_list, causing conntrack cleanup to block (hangs up to ~60s) when fragmentation/reassembly occurs (UDP/TCP pat...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.24 views

CVE-2026-23080

Technical details for CVE-2026-23080 are not provided in the connected documents. The sources reference the CVE in advisories (e.g., USN entries) but do not include product/vendor/component/version, root cause, impact, or fix specifics. Monitor for updates.

5.5CVSS5.2AI score0.00123EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.24 views

CVE-2026-23088

CVE-2026-23088 affects the Linux kernel tracing subsystem. The issue arises when a synthetic event reuses an existing synthetic event’s stacktrace field, leading to a kernel crash (crash/NULL pointer dereference) when enabling linked synthetic events. The root cause is how the stacktrace field is...

5.5CVSS5.2AI score0.00122EPSS
Total number of security vulnerabilities14330