Lucene search
K
LinuxLinux Kernel

14062 matches found

CVE
CVE
added 2025/09/16 4:11 p.m.23 views

CVE-2023-53324

CVE-2023-53324 affects the Linux kernel DRM MSM MDP5: it fixes a leak of plane_state state (plane_state->commit refcount) that could degrade availability. The root cause was plane_state reference counting; the patch uses the correct helpers to prevent leakage. Affected component: drm/msm/mdp5....

5.5CVSS6.1AI score0.00136EPSS
CVE
CVE
added 2025/09/15 2:1 p.m.21 views

CVE-2022-50236

CVE-2022-50236 (Linux kernel, iommu/mediatek) : A crash occurs when rebooting via isr(), where the IRQ handler can fire before the IOMMU domain initialization, leading to an invalid memory access. The fix is in the kernel code path for mtk_iommu_isr, preventing handling before proper domain setup...

5.5CVSS6AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:1 p.m.21 views

CVE-2022-50243

CVE-2022-50243 – Linux kernel SCTP use-after-free (summary from connected advisories) The vulnerability arises in SCTP when an error is returned from sctp_auth_asoc_init_active_key(): the old sh_key could be freed while still in use as the active key, leading to a use-after-free during packet sen...

7.8CVSS6.1AI score0.0015EPSS
CVE
CVE
added 2025/09/15 2:2 p.m.21 views

CVE-2022-50257

The CVE-2022-50257 issue is in the Linux kernel Xen grant handling (xen/gntdev) where partial grant mapping failures could leak grants. In paravirtualized domains (use_ptemod = true), alloced was not updated for all successful map_ops or kmap_ops, risking incorrect live_grants and leaks. The fix ...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.21 views

CVE-2022-50279

CVE-2022-50279 affects the Linux kernel wifi rtlwifi driver (rtl8821ae/rtl8812ae). Root cause: _rtl8812ae_eq_n_byte() compared prate_section from tail to head, causing a global-out-of-bounds read when the value is HT, per KASAN. The fix: remove _rtl8812ae_eq_n_byte() and use strcmp() instead; thi...

7.1CVSS6AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.21 views

CVE-2022-50280

CVE-2022-50280: In the Linux kernel, propagate_mnt() bug allowed a NULL dereference when terminating peers of a source mount, triggered via mount propagation paths. The issue could be exploited by unprivileged users due to user namespaces. This CVE affects the Linux kernel’s mount propagation han...

5.5CVSS5.9AI score0.0015EPSS
CVE
CVE
added 2025/09/15 2:21 p.m.21 views

CVE-2022-50284

CVE-2022-50284 affects the Linux kernel (init_mqueue_fs). If setup_mq_sysctls() fails, the mqueue_inode_cachep was not released, causing a memory leak. The issue was fixed by reordering the release path in init_mqueue_fs; upstream kernel patches exist to address this, with no explicit exploit det...

5.5CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.21 views

CVE-2022-50291

CVE-2022-50291 pertains to the Linux kernel KCM subsystem. Connected advisories describe a data-race in kcm_rfree() related to kcm->rx_psock and an analogous race for kcm->rx_wait, fixed by annotating reads/writes around these fields. The patches address lockless reads in kcm_rfree and ensu...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.21 views

CVE-2022-50300

CVE-2022-50300 affects the Linux kernel's btrfs code, where an extent_map use-after-free can occur in read_one_chunk when handling a missing device and the degraded mount option is absent. The root cause is freeing the extent_map before storing the error code, despite the structure being referenc...

7.8CVSS6.1AI score0.00148EPSS
Web
CVE
CVE
added 2025/09/15 2:45 p.m.21 views

CVE-2022-50301

CVE-2022-50301: Linux kernel iommu/omap debugfs vulnerability causing a buffer overflow in omap2_iommu_dump_ctx when bytes

7.8CVSS6.6AI score0.00172EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.21 views

CVE-2022-50303

CVE-2022-50303 : The Linux kernel’s DRM AMDGPU/AMDKFD path fixes a double release of a compute pasid. When kfd_process_device_init_vm fails after the VM was converted to a compute VM and vm->pasid was set to the compute pasid, KFD could drop the drm_file reference, causing the close path to re...

7.8CVSS6AI score0.00151EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.21 views

CVE-2022-50304

CVE-2022-50304 affects the Linux kernel mtd/core with a resource leak in init_mtd() that could impact systems registering MTD devices. The issue was fixed in the kernel code (references include commits such as 26c304a3f136009c5a2a04e2bf3ac6aa25aabcb4 and 1aadf01e5076b9ab6bf294b9622335c651314895)....

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.21 views

CVE-2022-50306

CVE-2022-50306 concerns a Linux kernel issue in ext4 where ext4_fc_replay_scan() could perform an out-of-bounds read during journal scan if the remaining space is smaller than EXT4_FC_TAG_BASE_LEN. The root cause is insufficient bounds checking for the three journal scan tags (ADD_RANGE/HEAD/TAIL...

7.1CVSS6.1AI score0.00147EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.21 views

CVE-2022-50314

The CVE-2022-50314 issue affects the Linux kernel nbd subsystem. When a signal interrupts nbd_start_device_ioctl() while waiting for inflight I/Os to complete, a hung task could occur. The fix clears the queue (not just shutdown) on signal interruption to nbd_start_device_ioctl(), mitigating the ...

5.5CVSS6.1AI score0.00147EPSS
CVE
CVE
added 2025/09/15 2:48 p.m.21 views

CVE-2022-50323

CVE-2022-50323 (Linux kernel) : The vulnerability stems from skb_append_pagefrags() sensing pfmemalloc status for pages owned by user space, triggering a data race reported by KCSAN in the swap/LRU paths. The fix/mitigation is to stop sensing pfmemalloc status for these pages and to use skb_fill_...

5.5CVSS6AI score0.00143EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.21 views

CVE-2022-50324

CVE-2022-50324 — The Linux kernel contains a fix in the mtd: maps: pxa2xx-flash subsystem to address a memory leak during probe/remapping. The issue is triggered during probe when remapping an area and could leak memory if not handled properly; the fix frees the ‘info’ structure upon remapping er...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.21 views

CVE-2022-50337

The CVE-2022-50337 issue affects the Linux kernel OCXL path: get_function_0() calls pci_get_domain_bus_and_slot(), which returns a PCI device with an incremented refcount. If pci_dev_put() is not called, a refcount leak can occur. The fixes add device reference handling and ensure calls to pci_de...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.21 views

CVE-2022-50340

CVE-2022-50340 affects the vimc hardware-media driver in the Linux kernel. The issue arises in vimc_init(): if platform_driver_register(&vimc_pdrv) fails, the code incorrectly calls platform_driver_unregister(&vimc_pdrv) instead of platform_device_unregister(&vimc_pdev), causing a kernel warning ...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.21 views

CVE-2022-50343

CVE-2022-50343 is a Linux kernel vulnerability in the rapid io (rapidio) subsystem. The issue is a memory-leak in error handling: when rio_add_device() returns an error, the name allocated by dev_set_name() was not freed, potentially leaking memory. The patch series “rapidio: fix three possible m...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2022-50366

CVE-2022-50366 affects the Linux kernel powercap subsystem (intel_rapl). Root cause: UBSAN shift-out-of-bounds when ilog2() is computed with a value

7.1CVSS6.2AI score0.002EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.21 views

CVE-2022-50384

CVE-2022-50384 is a Linux kernel vulnerability in staging/vme_user (tsi148_dma_list_add) where an error path could free an entry without removing it from list->entries, risking use-after-free. The connected documents confirm the root cause is the failure to remove &entry->list from list-&gt...

7.8CVSS6.2AI score0.00156EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.21 views

CVE-2022-50385

CVE-2022-50385 affects the Linux kernel NFS automount path: when mounting from an NFSv4 referral, path->dentry can become a negative dentry, so the fix derives the struct nfs_server from the dentry itself. The vulnerability is an Oops (local impact) and is resolved in the kernel by this change...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/18 1:33 p.m.21 views

CVE-2022-50395

CVE-2022-50395 is a Linux kernel vulnerability where a memory leak occurs if keyring allocation fails in the integrity subsystem. The issue is triggered in integrity_init_keyring() when a keyring allocation error path is taken and the allocated key restriction is not freed. The connected advisori...

5.5CVSS6.2AI score0.00147EPSS
CVE
CVE
added 2025/10/01 11:41 a.m.21 views

CVE-2022-50423

CVE-2022-50423 affects the Linux kernel ACPICA code path where acpi_ut_copy_ipackage_to_ipackage() can free an acpi_operand_object and later reuse it due to a failed acpi_ut_walk_package_tree() path. The root cause is use-after-free from a memory-management sequence that repeatedly released the s...

7.8CVSS6AI score0.00153EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.21 views

CVE-2022-50425

CVE-2022-50425 is a Linux kernel vulnerability in the x86/fpu path. The issue occurs in copy_xstate_to_uabi() when an extended state component exists in init_fpstate but not fpstate, causing a NULL pointer dereference during XSAVE state handling in KVM/KVM-related ioctl paths. The mitigation desc...

5.5CVSS6.2AI score0.00128EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2022-50448

CVE-2022-50448 involves the Linux kernel mm/uffd path where PTE_MARKER_UFFD_WP was not guarded, allowing a reachable warning when PTE_MARKER_UFFD_WP was not configured. The fix adds CONFIG_PTE_MARKER_UFFD_WP specific ifdefs to ensure the code is not executed in builds without the option. Impact d...

5.5CVSS6.3AI score0.0015EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2022-50449

CVE-2022-50449 : In the Linux kernel, the Samsung clock driver fix addresses a memory leak in _samsung_clk_register_pll(). If clk_register() fails, pll->rate_table may be allocated by kmemdup() and is not freed, leaking memory. The patch adds proper cleanup to free the allocated memory on fail...

5.5CVSS6.1AI score0.00153EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2022-50454

CVE-2022-50454 affects the Linux kernel’s DRM Nouveau driver. The vulnerability arises in nouveau_gem_prime_import_sg_table() due to a use-after-free: on failure of nouveau_bo_init(), the associated gem object is released by ttm_bo_init(), but the code later calls nouveau_bo_ref() which dereferen...

7.8CVSS6.1AI score0.0015EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2022-50462

The CVE-2022-50462 issue affects the Linux kernel (MIPS vpe-mt) where a device name allocated dynamically during module exit could leak memory. root cause: after commit 1fa5ae…, vpe_device release removed kfree, freeing was needed at module exit; the static vpe_device now requires proper freeing ...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2022-50466

CVE-2022-50466 affects the Linux kernel, specifically the fs/binfmt_elf path in the load_elf_binary() function. The issue is a memory leak reported by kmemleak involving an unreferenced file object that can persist if memory allocation for the interpreter fails. The documented remediation in the ...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.21 views

CVE-2022-50480

CVE-2022-50480 pertains to the Linux kernel memory handling for pl353-smc, where a refcount leak in pl353_smc_probe() was fixed. The issue stems from the break path of for_each_available_child_of_node() not balancing a reference when the child is no longer used; the fix adds a corresponding of_no...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/10/04 3:43 p.m.21 views

CVE-2022-50492

CVE-2022-50492 affects the Linux kernel DRM MSM driver. The issue is a use-after-free during probe deferral, where the bridge counter isn’t reset on DRM device teardown, causing stale pointers to deallocated structures to be accessed on the next tear down (e.g., after a late bind deferral). With ...

7.8CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.21 views

CVE-2022-50513

CVE-2022-50513 affects Linux kernel staging/rtl8723bs: in the rtw_init_cmd_priv() error paths, pcmdpriv->cmd_allocated_buf was not freed when rsp_allocated_buf was allocated, causing a memory leak. The fix adds kfree(pcmdpriv->cmd_allocated_buf) on the error path and simplifies the return l...

5.5CVSS6.2AI score0.00147EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.21 views

CVE-2022-50541

CVE-2022-50541 affects the Linux kernel dmaengine: ti: k3-udma driver. The vulnerability arises from 32-bit UDMA_CHAN_RT real-time bytecount counters (BCNT_REG) overflowing when transferring more than 4GB, which corrupts completion status. The fix resets/decreases the per-transaction byte count a...

5.5CVSS6.3AI score0.00145EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.21 views

CVE-2022-50545

CVE-2022-50545 concerns the Linux kernel where kmemleak reported leaks during the r6040 driver probe/remove flow. The root cause was a phy_device not being disconnected when removing an r6040 device or during error handling after a successful r6040_mii_probe, causing reference counts to stay elev...

5.5CVSS6.1AI score0.00196EPSS
CVE
CVE
added 2025/09/15 2:3 p.m.21 views

CVE-2023-53148

In CVE-2023-53148, the Linux kernel igb driver had a task-hang vulnerability when a Thunderbolt hub is unplugged. The igb_down path could be invoked twice (via igb_io_error_detected and igb_remove), causing a hang at napi_synchronize and breaking Ethernet. The patch prevents the non-fatal PCIe er...

7.8CVSS6.1AI score0.00155EPSS
CVE
CVE
added 2025/09/15 2:4 p.m.21 views

CVE-2023-53174

CVE-2023-53174 is a Linux kernel local vulnerability affecting the SCSI core: memory leak on the error path from device_add() when allocation of the device name fails. The root cause is that the name allocated by dev_set_name() is not freed and reference counting is mishandled; the fix adds a put...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:5 p.m.21 views

CVE-2023-53189

CVE-2023-53189: Linux kernel IPv6 addrconf component had a potential refcount underflow for idev due to a race in rs_timer handling. The issue arises when rs_timer is activated while pending status changes, potentially causing addrconf_rs_timer() to run without the idev reference. The fix is in a...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2025/09/15 2:22 p.m.21 views

CVE-2023-53236

The CVE-2023-53236 entry pertains to the Linux kernel (iommufd) and is described as resolved. The root cause is improper ordering when batch carrying PFNs (batch->end == 0, setting npfns[0] before updating pfns leads to incorrect PFN adjustments). This can cause various page meta-data corrupti...

5.5CVSS6.1AI score0.00128EPSS
CVE
CVE
added 2025/09/16 8:7 a.m.21 views

CVE-2023-53272

CVE-2023-53272 relates to the Linux kernel ENA driver (net: ena) where a UBSAN shift-out-of-bounds in the exponential backoff was observed during device reset. The issue stems from exponent calculations that could overflow 32-bit types, causing UBSAN panics when backoff delays grow large. The adv...

7.1CVSS6.5AI score0.00149EPSS
CVE
CVE
added 2025/09/16 8:11 a.m.21 views

CVE-2023-53282

CVE-2023-53282 concerns the Linux kernel, specifically the lpfc SCSI driver path used during a sysfs firmware write. The issue is a use-after-free KFENCE violation in lpfc_wr_object() where a pointer referencing mailbox memory is recycled before the memory is no longer in use, causing a potential...

7.8CVSS6.2AI score0.0015EPSS
CVE
CVE
added 2025/09/16 8:11 a.m.21 views

CVE-2023-53284

The CVE-2023-53284 issue occurs in the Linux kernel DRM MSM DPU code path: if devm_kzalloc() fails during dpu_writeback_init(), dpu_wb_conn may become NULL and trigger a null pointer dereference later. The connected Astra Linux and SUSE advisories reproduce the same description and confirm the un...

5.5CVSS6.1AI score0.00134EPSS
CVE
CVE
added 2025/09/16 8:11 a.m.21 views

CVE-2023-53289

The CVE-2023-53289 issue affects the Linux kernel, specifically the media/bdisp component. The root cause is a missing check for the return value of create_workqueue, which could lead to a NULL pointer dereference. The publicly available connected documents confirm a fix that adds the necessary c...

5.5CVSS6.1AI score0.00139EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.21 views

CVE-2023-53310

CVE-2023-53310 concerns the Linux kernel power: supply: axp288_fuel_gauge code. The root cause is a race where external_power_changed can run after info->bat is not yet set during axp288_fuel_gauge_probe(), leading to a NULL dereference. The fix is to stop dereferencing info->bat and instea...

4.7CVSS5.9AI score0.00103EPSS
CVE
CVE
added 2025/09/16 4:11 p.m.21 views

CVE-2023-53316

Technical details about CVE-2023-53316 are not publicly available in the provided documents. Monitor for updates.

7.8CVSS6.4AI score0.00149EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2023-53338

CVE-2023-53338 affects the Linux kernel’s LWT/BPF path. The vulnerability arises from BPF encap ops returning various positive values (e.g., NET_RX_DROP, NET_XMIT_CN, NETDEV_TX_BUSY) from skb_do_redirect and bpf_lwt_xmit_reroute. At the xmit hook these values were implicitly treated as LWTUNNEL_X...

7.8CVSS5.9AI score0.00195EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2023-53339

CVE-2023-53339 : In the Linux kernel’s Btrfs code, a race between pausing and balancing can cause a BUG_ON panic in btrfs_cancel_balance due to an unaccounted race. The race has no other side effects, and a fix has been applied in the upstream patch set. The vulnerability affects local attackers ...

5.5CVSS6AI score0.00187EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2023-53341

CVE-2023-53341 refers to a Linux kernel memory initialization fix: the function early_init_dt_scan_memory now returns 1 when memory is found and 0 if none, allowing other memory setup paths to run. This changes the control flow after the ramips plat_mem_setup call, addressing scenarios where memo...

5.5CVSS6.3AI score0.00187EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2023-53342

In CVE-2023-53342, the Linux kernel vulnerable path is in net: marvell: prestera handling IPv4 routes that reference a nexthop via its id. The root cause is calling fib_info_nh() for nexthop lookups instead of fib_info_nhc(), which triggers warnings when adding routes that use nhid (for example: ...

5.5CVSS6.1AI score0.00182EPSS
CVE
CVE
added 2025/09/17 2:56 p.m.21 views

CVE-2023-53348

The CVE-2023-53348 issue affects the Linux kernel's Btrfs relocation workflow. Specifically, when relocating a block group, the scrub operation is paused during relocation and may deadlock if a transactional commit enters the critical section with a paused scrub. The vulnerability is resolved by ...

5.5CVSS6AI score0.00142EPSS
Total number of security vulnerabilities14062