Lucene search
K
LinuxLinux Kernel

14097 matches found

CVE
CVE
added 2025/10/01 7:44 a.m.20 views

CVE-2025-39910

CVE-2025-39910 affects the Linux kernel (mm/vmalloc, mm/kasan) where kasan_populate_vmalloc() and helpers ignore the caller’s GFP mask and always allocate with GFP_KERNEL, diverging from vmalloc() which supports GFP_NOFS/GFP_NOIO. Page table allocations during shadow population also ignore the ex...

5.5CVSS6AI score0.00093EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.20 views

CVE-2026-23358

CVE-2026-23358 affects the Linux kernel drm/amdgpu driver. The issue arises during slot reset error handling where an uninitialized hive pointer could be used to decide flow at the error path, potentially leading to accessing an uninitialized list. The fix initializes the list and hive properly a...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.19 views

CVE-2025-39771

The CVE-2025-39771 entry concerns the Linux kernel regulator driver pca9450. The issue arises in the pca9450_restart handling during module probe, where a notifier callback is already registered, leading to a kernel dump if not managed. The documented remediation is to use devm_register_sys_off_h...

5.5CVSS6AI score0.00119EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.19 views

CVE-2025-39774

CVE-2025-39774 affects the Linux kernel driver iio: adc: rzg2l_adc. The issue arises when a loop unbinds/binds the ADC (which may serve another device like a thermal block) and the ADC is resumed by runtime PM before drvdata is set, causing a crash in runtime PM callbacks that rely on drvdata. Th...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.19 views

CVE-2025-39785

CVE-2025-39785 is a Linux kernel vulnerability affecting the drm/hisilicon/hibmc path. The issue arises from using a local irq name variable in irq_request(); it is passed to request_irq() and can lead to a use-after-free, causing request_irq to fail. The fixes switch to using a global irq name i...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.19 views

CVE-2025-39786

The CVE-2025-39786 issue affects the Linux kernel IIO ADC driver for ad7173. The root cause is an index mismatch when accessing the syscalib_mode channel: the address field is 0-based (same as scan_index) used to locate entries in ad7173_channels, while the channels field may not match the addres...

7.1CVSS6.1AI score0.0013EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.19 views

CVE-2025-39879

CVE-2025-39879 pertains to the Linux kernel Ceph code path. The issue revolves around ceph_process_folio_batch() leaving folio_batch entries as NULL, an illegal state that could lead to crashes if folio_batch_release() dereferences them. The documented root cause describes that earlier code inten...

5.5CVSS6AI score0.00119EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.19 views

CVE-2025-39887

CVE-2025-39887 concerns a Linux kernel issue in tracing/osnoise where bitmap_parselist() could dereference a NULL pointer when handling a cpulist input in osnoise_cpus_write() (e.g., writing "0-2" to /sys/kernel/debug/tracing/osnoise/cpus with count=0). The vulnerability affected the kernel path ...

5.5CVSS6AI score0.00119EPSS
CVE
CVE
added 2025/10/01 7:42 a.m.19 views

CVE-2025-39897

The CVE-2025-39897 issue affects the Linux kernel net: xilinx: axienet driver. It arises when retrieving the RX metadata pointer via dmaengine_desc_get_metadata_ptr(), which can return an error pointer. The vulnerability is mitigated by adding proper error checking, unmapping the DMA buffer, free...

5.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/10/01 8:7 a.m.19 views

CVE-2025-39926

CVE-2025-39926 in the Linux kernel fixes a logic error in genetlink: in genl_bind(), bind() could be invoked after a failed capability check (-EPERM), letting callbacks run for unauthorized callers. The patch ensures bind() is called only after successful permission checks (after the “if (ret) br...

5.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.19 views

CVE-2025-39937

CVE-2025-39937 affects the Linux kernel, specifically the rfkill GPIO code. A potential crash could occur on x86 when rfkill-gpio binds to BCM4752/LNV4752 ACPI devices because rfkill_find_type() used an uninitialized local pointer (type_name) if device_property_read_string() failed. The fix initi...

5.5CVSS5.8AI score0.00137EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.19 views

CVE-2025-39940

CVE-2025-39940 concerns the Linux kernel’s dm-stripe component. A potential integer overflow can occur in stripe_io_hints when the chunk size is too large. The fix tests for an overflow and, if detected, avoids setting limits->io_min and limits->io_opt. This mitigates a local-privilege vect...

5.5CVSS6.4AI score0.00135EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.19 views

CVE-2025-39944

CVE-2025-39944 affects the Linux kernel OcteonTX2 PCI device driver (octeontx2-pf). It fixes a use-after-free in otx2_sync_tstamp() caused by a race with a running delayed work item; cancel_delayed_work() could leave synctstamp_work dereferencing a freed otx2_ptp. The mitigation in the fix is to ...

7.8CVSS6.1AI score0.00138EPSS
CVE
CVE
added 2025/10/30 9:47 a.m.19 views

CVE-2025-40090

CVE-2025-40090 concerns ksmbd in the Linux kernel. The vulnerability stems from a recursive locking issue: ksmbd_session_rpc_method() attempts to lock sess->rpc_lock, while a caller may already hold it for a write, causing a deadlock with ksmbd_rpc_open and related paths when a client opens a ...

5.5CVSS6AI score0.00138EPSS
CVE
CVE
added 2026/01/13 3:31 p.m.19 views

CVE-2025-71071

In CVE-2025-71071, the Linux kernel iommu/mediatek driver had a use-after-free risk during probe deferral when larb devices were not yet bound. The issue arose from dropping references to larb devices taken during probe on success and on errors, potentially allowing a use-after-free if probe is d...

7.8CVSS6.1AI score0.00125EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.19 views

CVE-2025-71102

CVE-2025-71102 affects the Linux kernel with a bug in shadow call stack handling: __scs_magic() received a struct task_struct* instead of the required void*. This caused scs_check_usage to scan an incorrect memory range when CONFIG_DEBUG_STACK_USAGE is enabled, potentially yielding inaccurate sha...

5.5CVSS6AI score0.00123EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.19 views

CVE-2025-71133

The CVE-2025-71133 entry concerns the Linux kernel RDMA/irdma path, where irdma_net_event could dereference neigh (ptr) data before confirming NETEVENT_NEIGH_UPDATE. The code fix moves neigh->dev access under the NETEVENT_NEIGH_UPDATE case, preventing a potential out-of-bounds read reported by...

7.1CVSS6AI score0.00153EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.19 views

CVE-2025-71139

CVE-2025-71139 – Linux kernel kexec CMA/IMA handling : The issue arises when the kexec target address is allocated in CMA space. The kernel’s kimage_map_segment() path assumes IND_SOURCE pages exist and maps them via vmap(), but CMA-based allocation bypasses IND_SOURCE, leading to a warning and i...

5.5CVSS6.1AI score0.00102EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.19 views

CVE-2025-71162

CVE-2025-71162 describes a use-after-free in the Tegra ADMA driver within the Linux kernel, triggered when an audio DMA buffer is freed during XRUN handling before the vchan completion tasklet runs. The race occurs after a DMA transfer completes and schedules a completion tasklet, while tegra_adm...

7.8CVSS5.6AI score0.00189EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.19 views

CVE-2025-71203

CVE-2025-71203 concerns the Linux kernel where a user-controlled syscall number could be used to index the syscall table, enabling potential data leakage via cache side channels. The mitigation is to clamp the index with array_index_nospec() after the bounds check to prevent speculative out-of-bo...

7CVSS5.2AI score0.00126EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.19 views

CVE-2025-71232

CVE-2025-71232 details (Linux kernel, qla2xxx): The vulnerability stems from freeing an sp pointer in the error path of the qla2xxx SCSI driver, which could cause a system crash during load/unload loops. The provided evidence shows a crash trace and a fix in the kernel code path (free sp in the e...

5.5CVSS5.2AI score0.00118EPSS
CVE
CVE
added 2026/03/18 10:5 a.m.19 views

CVE-2025-71265

CVE-2025-71265 affects the Linux kernel ntfs3 attribute run parsing. A malformed NTFS image could trigger an infinite loop in attr_load_runs_range when an empty run list is claimed but data is expected, due to the code path leaving runs_tree uninitialized (runs NULL) after a successful return fro...

5.5CVSS5.6AI score0.00118EPSS
CVE
CVE
added 2026/03/18 5:40 p.m.19 views

CVE-2025-71268

The CVE-2025-71268 issue is a Linux kernel vulnerability in btrfs where a reservation leak can occur on some error paths when inserting an inline extent. The root cause is that __cow_file_range_inline() may exit without freeing reserved qgroup data if allocation of a path or join of a transaction...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/03/18 5:40 p.m.19 views

CVE-2025-71269

In CVE-2025-71269, the Linux kernel fixes a data-reservation handling bug in Btrfs: when inline extents fail due to -ENOSPC, the code previously freed the reserved qgroup data unconditionally. The fix updates __cow_file_range_inline() to free reserved qgroup data only if the fallback path is not ...

5.5CVSS5.7AI score0.00114EPSS
CVE
CVE
added 2026/05/06 11:32 a.m.19 views

CVE-2025-71295

The CVE targets the Linux kernel’s memory/file I/O path. In fs/buffer, try_to_free_buffers() could be invoked on folios with no attached buffers when filemap_release_folio() runs on a mapping with AS_RELEASE_ALWAYS but without a release_folio operation. This caused folio_needs_release() to return...

5.5CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.19 views

CVE-2026-23021

CVE-2026-23021 affects the Linux kernel component: net: usb: pegasus. The memory leak occurs in update_eth_regs_async() when usb_submit_urb() fails, failing to release resources allocated up to that point. Public advisories indicate upstream kernel fixes (e.g., 6.6.130 lineage and related patches...

5.5CVSS5.8AI score0.00149EPSS
CVE
CVE
added 2026/02/04 4:7 p.m.19 views

CVE-2026-23061

Summary (CVE-2026-23061) : The Linux kernel CAN subsystem can: kvaser_usb_read_bulk_callback() leak URBs in kvaser_usb, leading to a memory leak. Root cause: the URBs for USB-in transfers are anchored to dev->rx_submitted when created and submitted, but the USB framework unanchors URBs before ...

5.5CVSS5.2AI score0.00123EPSS
CVE
CVE
added 2026/02/04 4:7 p.m.19 views

CVE-2026-23064

CVE-2026-23064 affects the Linux kernel’s net/sched implementation, specifically the act_ife action. The vulnerability is a NULL pointer dereference in tcf_ife_encode()/ife_encode() that could trigger a general protection fault/oops when a NULL is encountered. The provided trace shows the fault p...

5.5CVSS5.1AI score0.00123EPSS
CVE
CVE
added 2026/02/04 4:7 p.m.19 views

CVE-2026-23071

CVE-2026-23071 (Linux kernel) resolves a race in regmap hwspinlock irqsave. The bug occurred when the shared member map->spinlock_flags was passed directly to hwspin_lock_timeout_irqsave, allowing concurrent contexts contending for the lock to overwrite the shared flags and corrupt the lock ow...

4.7CVSS5.2AI score0.001EPSS
CVE
CVE
added 2026/02/04 4:7 p.m.19 views

CVE-2026-23073

CVE-2026-23073 (Linux kernel) affects the wifi RSI driver. The root cause is memory corruption caused by not allocating space for the driver data in the trailing‑space field of struct ieee80211_vif. Specifically, RSI911x fails to set the vif driver data size, causing writes to vif->drv_priv to...

7.8CVSS5.3AI score0.0013EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.19 views

CVE-2026-23076

CVE-2026-23076 affects the Linux kernel ALSA ctxfi driver: a potential out-of-bounds access in the audio mixer handling due to using conj as a loop index and referencing it in amixer_index() and sum_index(). The issue stems from lack of proper re-initialization of conj, enabling OOB reads at ctam...

7.1CVSS5.3AI score0.00126EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.19 views

CVE-2026-23078

Technical details for CVE-2026-23078 are not provided in the connected documents. The initial description summarizes the buffer overflow fix in ALSA scarlett2 in Linux kernel; no vendor/product-specific impact or patch versions are specified here. Monitor for updates.

7.8CVSS5.6AI score0.00143EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.19 views

CVE-2026-23079

CVE-2026-23079 affects the Linux kernel, specifically the gpio cdev path. The issue is that on error handling paths, in lineinfo_changed_notify(), allocated resources are not freed, causing resource leaks. The publicly described fix is to free those resources on error paths. Metrics indicate a CV...

5.5CVSS5.1AI score0.00107EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.19 views

CVE-2026-23086

Technical details about CVE-2026-23086 are not publicly available in the provided connected documents; monitor vendor advisories and official CVE writeups for updates.

5.5CVSS5.7AI score0.00142EPSS
CVE
CVE
added 2026/02/14 3:9 p.m.19 views

CVE-2026-23118

The CVE-2026-23118 entry concerns a Linux kernel rxrpc data-race: rxrpc_peer_keepalive_worker and rxrpc_send_data_packet access peer->last_tx_at without synchronization, and the 64-bit last_tx_at risking 32-bit tearing. The fix changes last_tx_at to unsigned int and stores only the least-signi...

4.7CVSS5.3AI score0.00086EPSS
CVE
CVE
added 2026/02/14 3:14 p.m.19 views

CVE-2026-23135

CVE-2026-23135 affects the Linux kernel in the wifi ath12k driver. The issue arises in dma_free_coherent() pointer handling: dma_alloc_coherent() stores addresses in XXX_unaligned fields, but those addresses are not consistently reused when freeing the buffer. The vulnerability is resolved by pat...

5.5CVSS5.4AI score0.00122EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.19 views

CVE-2026-23170

CVE-2026-23170 affects the Linux kernel's DRM IMX TVE path; the root cause is a device reference leak to the DDC device during probe (including probe deferral) and on driver unbind. The trusted sources show the issue resolved in kernel updates, with Ubuntu/rootio-root packages (e.g., ROOT-OS-UBUN...

5.5CVSS5.2AI score0.00115EPSS
CVE
CVE
added 2026/03/18 5:1 p.m.19 views

CVE-2026-23250

CVE-2026-23250 is a Linux kernel vulnerability in the XFS code path. The issue arises from not checking the return value of xchk_scrub_create_subord, which could yield an ENOMEM mangling the flow. The fix updates xchk_scrub_create_subord to return NULL on allocation failure and adjusts callers to...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/03/18 5:41 p.m.19 views

CVE-2026-23256

CVE-2026-23256 relates to the Linux kernel and fixes an off-by-one error in the VF setup_nic_devices() cleanup (net: liquidio) that could leak memory. The Root:Ubuntu and Ubuntu OSV entries confirm patches in rootio-linux for Ubuntu 24.04 and 22.04 with multiple fixed kernel versions (e.g., kerne...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/03/20 8:8 a.m.19 views

CVE-2026-23272

CVE-2026-23272 affects the Linux kernel netfilter nf_tables component. The issue arises when inserting into a full set: the code increments set->nelems and publishes a new element before the RCU grace period, allowing an RCU reader to observe a partially updated element. The description notes ...

7.8CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.19 views

CVE-2026-23292

CVE-2026-23292 : Linux kernel scsi: target: Fix recursive locking in __configfs_open_file(). The root cause was target_core_item_dbroot_store() attempting to open the file path (which is the same configfs file already held) using filp_open(), leading to potential nested frag_sem locking. The fix ...

5.5CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.19 views

CVE-2026-23293

CVE-2026-23293 affects the Linux kernel net/vxlan code. Root cause: when IPv6 is disabled (ipv6.disable=1), nd_tbl is not initialized, leading to a NULL pointer dereference in neigh_lookup() invoked by route_shortcircuit() when an IPv6 packet is injected. Impact is local: a crafted, locally deliv...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.19 views

CVE-2026-23302

Summary (CVE-2026-23302): The Linux kernel patch resolves a data-race in data-path pointers sk->sk_data_ready and sk->sk_write_space, where skmsg and possibly other layers could modify these pointers while others may read them concurrently. The fix adds corresponding READ_ONCE()/WRITE_ONCE(...

4.7CVSS5.7AI score0.00089EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23317

The CVE-2026-23317 entry describes a Linux kernel vulnerability in drm/vmwgfx, specifically vmw_translate_ptr. The root cause was a previous change where a pointer-returning lookup was replaced by an error-code-returning lookup with the pointer as an out parameter; the error path was not updated,...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23327

The CVE-2026-23327 issue is a Linux kernel vulnerability in the CXL mailbox driver (cxl/mbox). The root cause is that cxl_payload_from_user_allowed() casts and dereferences the user payload without validating its size, allowing an undersized mailbox command to trigger a read past the allocated bu...

7.1CVSS5.6AI score0.00124EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23352

CVE-2026-23352 affects Linux kernel's x86 EFI code: efi_free_boot_services() defers freeing of EFI_BOOT_SERVICES memory, but memblock_free_late() is not suitable for reserved memory and may miss uninitialized memory maps when CONFIG_DEFERRED_STRUCT_PAGE_INIT=y. This can cause a RAM leak (~140 MB ...

5.5CVSS5.5AI score0.00125EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23354

CVE-2026-23354 concerns the Linux kernel x86/fred speculative safety. The fix removes the index variable and repositions array_index_nospec() so it’s calculated immediately before the array access, addressing the incorrect placement that allowed the result to be spilled to the stack across irqent...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23359

CVE-2026-23359 stems from a Linux kernel bug in BPF devmap handling. get_upper_ifindexes() could write upper-device indices beyond the allocated stack, because the code assumed MAX_NEST_DEV (8) bounds, but the number of upper devices (e.g., many macvlan) could exceed that. The result is a stack-o...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23370

CVE-2026-23370 concerns a Linux kernel vulnerability in platform/x86: dell-wmi-sysman where set_new_password() hex dumps the buffer containing plaintext passwords (including current/new passwords). The issue could leak credentials locally and is mitigated by removing the hex dump; upstream kernel...

5.5CVSS5.6AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23376

CVE-2026-23376 affects the Linux kernel nvmet-fcloop component. The vulnerability arises from not checking remoteport port_state before freeing resources in the fcloop_t2h_xmt_ls_rsp path, where lsrsp resources may be freed incorrectly if the remote port is not online. The fix updates fcloop_t2h_...

5.5CVSS5.7AI score0.00117EPSS
Total number of security vulnerabilities14097