Lucene search
K
LinuxLinux Kernel

14139 matches found

CVE
CVE
added 2025/09/11 4:56 p.m.17 views

CVE-2025-39769

The CVE refers to a Linux kernel issue in the bnxt_en driver where a lockdep warning could trigger during rmmod (bnxt_remove_one) due to an assertion on the netdev lock. The fix adds netdev_assert_locked_or_invisible() in bnxt_free_ntp_fltrs() so the assertion does not fire if the netdev is alrea...

5.5CVSS6AI score0.00093EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.17 views

CVE-2025-39777

The CVE-2025-39777 entry concerns the Linux kernel crypto: acomp component, where a control flow integrity (CFI) failure was caused by type punning. The issue could lead to a crash when CFG is enabled. The documented fix uses a consistent type for the workspace free function and ensures it is inv...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/09/15 12:36 p.m.17 views

CVE-2025-39802

CVE-2025-39802 affects the Linux kernel’s poly1305 implementation (lib/crypto: arm/poly1305). The root cause is register corruption when SIMD is unusable; the patch restores a cheap SIMD usability check (may_use_simd) that was removed by a prior commit and ensures poly1305 code behaves safely rat...

7.8CVSS6.5AI score0.00133EPSS
CVE
CVE
added 2025/09/15 12:36 p.m.17 views

CVE-2025-39803

CVE-2025-39803 affects the Linux kernel in the SCSI/UFShCD UFS path. The vulnerability arises from a warning path in the UIC command completion: when the UIC completion interrupt is re-enabled mid-processing, an interrupt could trigger and hit WARN_ON_ONCE(!cmd). The fix is a patch that removes t...

7.8CVSS6.2AI score0.00133EPSS
CVE
CVE
added 2025/09/16 1:0 p.m.17 views

CVE-2025-39814

In CVE-2025-39814, the Linux kernel ice driver contains a NULL pointer dereference when resetting a device without RDMA support. Specifically, ice_unplug_aux_dev() dereferences pf->cdev_info->adev, and pf->cdev_info may be NULL, leading to a crash during reset described in the trace. A f...

5.5CVSS6AI score0.0012EPSS
CVE
CVE
added 2025/09/19 3:26 p.m.17 views

CVE-2025-39837

The CVE-2025-39837 entry concerns the Linux kernel, specifically the platform/x86 asus-wmi subsystem. The issue stems from racey driver registrations where asus_wmi_register_driver() could be invoked concurrently by multiple drivers, causing unsafe list operations and potential memory corruption ...

7.8CVSS6.2AI score0.00143EPSS
CVE
CVE
added 2025/10/01 7:42 a.m.17 views

CVE-2025-39894

CVE-2025-39894 affects the Linux kernel netfilter bridge path (br_netfilter) specifically br_nf_local_in(). The issue arises when a broadcast packet to a tap device added to a bridge triggers br_nf_local_in() to confirm a conntrack; if another conntrack with the same hash is added, a warning may ...

5.5CVSS5.8AI score0.0014EPSS
CVE
CVE
added 2025/10/01 7:42 a.m.17 views

CVE-2025-39900

CVE-2025-39900: Linux kernel net_sched: gen_estimator est_timer vulnerability fixed. When CONFIG_PREEMPT_RT=y, timer callbacks could be preempted, risking seqcount/seqlock integrity. A fix in net/core/gen_estimator.c updates est_timer() by adopting preempt_disable_nested()/preempt_enable_nested()...

5.5CVSS6.1AI score0.00134EPSS
CVE
CVE
added 2025/10/01 7:44 a.m.17 views

CVE-2025-39917

Summary (CVE-2025-39917) : Linux kernel bug in bpf_crypto_crypt allowed an out-of-bounds write when the destination dynptr size was smaller than the source, due to missing validation before crypto backend calls with len = src_len. The issue arises in the bpf_dynptr_data usage for src and the writ...

7.8CVSS6.1AI score0.00142EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.17 views

CVE-2025-39947

Affected software: Linux kernel with mlx5e uplink netdev handling. Issue: mlx5_uplink_netdev_get() may return a NULL pointer when the uplink netdevice is removed during unbind, leading to a kernel panic. Root cause: the uplink netdev pointer can be cleared while in use. Impact: potential kernel p...

5.5CVSS6AI score0.00136EPSS
CVE
CVE
added 2025/10/09 9:47 a.m.17 views

CVE-2025-39954

The CVE-2025-39954 issue concerns the Linux kernel (clk: sunxi-ng: mp) where the P divider offset was omitted in the .recalc_rate readback for dual-divider clocks, causing the reported clock rate to be bogus or zero. The COMMITs in the connected sources indicate that the problem arises specifical...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/12/16 1:57 p.m.17 views

CVE-2025-68223

CVE-2025-68223 concerns the Linux kernel code path for DRM/Radeon fence handling. The fix removes an attempted forward progress on the queue inside is_signaled, preventing a potential self-deadlock when the fence lock also serves as the wait-queue lock. The underlying issue was that dma-fence_ops...

5.5CVSS6AI score0.00099EPSS
CVE
CVE
added 2026/01/13 3:31 p.m.17 views

CVE-2025-71074

The CVE-2025-71074 issue affects Linux kernel functionfs, where open/removal races can leave file->private_data as a freed object, causing UAF on read/write. Root cause: ffs->opened is misused; synchronization via atomic_dec_and_test() is insufficient. The fix approach, as documented, is to...

4.7CVSS6.1AI score0.00094EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.17 views

CVE-2025-71079

CVE-2025-71079 concerns a Linux kernel deadlock between nfc_unregister_device() and rfkill_fop_write() caused by lock-order inversion (device_lock vs rfkill_global_mutex). The fix moves rfkill_unregister() and rfkill_destroy() outside the device_lock section, storing the rfkill pointer in a local...

5.5CVSS5.6AI score0.00089EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.17 views

CVE-2025-71122

CVE-2025-71122 concerns Linux kernel iommufd/selftest: overflow in IOMMU_TEST_OP_ADD_RESERVED, discovered by syzkaller and fixed by validating the user input length in the test ioctl. Affects test kernels with CONFIG_IOMMUFD_TEST; no exploitation details provided in the available documents.

7.8CVSS6.3AI score0.00182EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.17 views

CVE-2025-71123

CVE-2025-71123 affects the Linux kernel Ext4 mount option parsing. The vulnerability stems from improper string copying in parse_apply_sb_mount_options(), where strscpy_pad() could copy a non-NUL-terminated string into a fixed-size destination, triggering fortify warnings (strnlen: detected buffe...

7.8CVSS6AI score0.00153EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.17 views

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

5.5CVSS6.2AI score0.00124EPSS
CVE
CVE
added 2026/01/23 3:23 p.m.17 views

CVE-2025-71159

CVE-2025-71159 relates to a Linux kernel vulnerability in the Btrfs filesystem. The issue is a memory-ordering/race condition in btrfs_get_or_create_delayed_node(), where the delayed_node refcount was set before acquiring the root->delayed_nodes lock, allowing stores to node->refs and btrfs...

7.8CVSS5.3AI score0.00113EPSS
CVE
CVE
added 2026/01/31 11:38 a.m.17 views

CVE-2025-71180

CVE-2025-71180 affects the Linux kernel’s interrupt handling: the IRQF_NO_THREAD flag should not be used with code that may take a spinlock, as warned by CONFIG_PROVE_RAW_LOCK_NESTING. The issue occurs when an IRQ handler may either use IRQF_NO_THREAD or acquire a spinlock_t, leading to a potenti...

5.5CVSS5.8AI score0.00149EPSS
CVE
CVE
added 2026/01/31 11:41 a.m.17 views

CVE-2025-71186

Technical details (affected component, root cause, impact, and patch information) for CVE-2025-71186 are not publicly provided in the supplied documents. Monitor for updates from official advisories and vendor/security bulletins.

5.5CVSS5.7AI score0.00183EPSS
CVE
CVE
added 2026/01/31 11:42 a.m.17 views

CVE-2025-71191

Technical details for CVE-2025-71191 are not publicly available in the provided documents; monitor for official advisories for affected products and fixes.

5.5CVSS5.7AI score0.00183EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.17 views

CVE-2025-71237

CVE-2025-71237 corresponds to a Linux kernel nilfs2 issue where an underflow during FITRIM end_block calculation can produce a negative nblocks, turning into a large positive value and causing the block layer to hang while processing a discard. The description and connected advisories confirm the...

5.5CVSS5.3AI score0.00118EPSS
CVE
CVE
added 2026/05/06 11:32 a.m.17 views

CVE-2025-71289

Summary: CVE-2025-71289 affects the Linux kernel NTFS3 driver. The issue occurs when truncating files: if attr_set_size() fails, the error is silently ignored and the inode may be left in an inconsistent state, potentially impacting data integrity. The NVD entry lists a local, low-complexity atta...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/05/06 11:32 a.m.17 views

CVE-2025-71293

CVE-2025-71293 concerns the Linux kernel amdgpu ras issue where, if eeprom contained only invalid addresses, allocation could be skipped and lead to a NULL pointer dereference when reading bad pages. The fix moves the ras data allocation before the bad-page check, resolving a NULL pointer derefer...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.17 views

CVE-2025-71299

CVE-2025-71299 affects the Linux kernel driver spi_cadence_quadspi. The root cause is a runtime PM interaction during probe: a pm_runtime_disable in error paths could lead to duplicate clock disables when PM is active, especially with missing/broken DT descriptions for flash devices. The document...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.17 views

CVE-2026-22989

CVE-2026-22989 affects the Linux kernel NFS server (nfsd). The issue occurs when unlocking the filesystem via an administrative interface while nfsd is not running, causing nfsd4_revoke_states() to access freed state structures (eg conf_id_hashtbl) during server shutdown and potentially crash. Th...

5.5CVSS5.2AI score0.00115EPSS
CVE
CVE
added 2026/01/23 3:24 p.m.17 views

CVE-2026-22995

The CVE concerns a Linux kernel race in ublk_partition_scan_work that can cause a use-after-free of ub->ub_disk due to a race between async partition scanning and device teardown. The vulnerability occurs when ublk_ctrl_start_dev() schedules partition_scan_work after add_disk(), and ublk_stop_...

7.8CVSS5.2AI score0.00115EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.17 views

CVE-2026-23018

CVE-2026-23018 describes a Linux kernel vulnerability in the btrfs code path. In btrfs_read_locked_inode(), a path with a read-locked leaf from a subvolume tree is used while calling btrfs_init_file_extent_tree(), which may perform GFP_KERNEL allocations and trigger memory reclaim. This can creat...

5.5CVSS5.8AI score0.001EPSS
CVE
CVE
added 2026/02/04 4:7 p.m.17 views

CVE-2026-23065

CVE-2026-23065 is a Linux kernel issue affecting the x86/amd platform where a tmp buffer allocated in wbrf_record() is leaked on error in acpi_evaluate_dsm(). The vulnerability’s root cause is a memory leak in the error path, fixed by explicitly freeing the tmp buffer in the error handling path o...

5.5CVSS5.3AI score0.00121EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.17 views

CVE-2026-23081

Summary: CVE-2026-23081 affects the Linux kernel intel-xway PHY driver, where an OF node reference-count leakage could occur. The root cause is improper management of Open Firmware (OF) node refcounts when checking the presence of the 'leds' child node. The fix adds a correct refcount maintenance...

5.5CVSS5.2AI score0.00107EPSS
CVE
CVE
added 2026/02/14 3:36 p.m.17 views

CVE-2026-23143

CVE-2026-23143 affects the Linux kernel virtio_net driver. The root cause is a misalignment between struct virtio_net_rss_config_trailer and rss_hash_key_data in struct virtnet_info, causing the RSS key to be shifted by one byte (last byte truncated and an possibly uninitialized byte prepended). ...

5.5CVSS5.2AI score0.00107EPSS
CVE
CVE
added 2026/02/14 3:36 p.m.17 views

CVE-2026-23144

CVE-2026-23144 affects the Linux kernel in mm/damon/sysfs where, on context dir setup failure, subdirectories under attrs/ aren’t cleaned up. This leaves the DAMON sysfs interface effectively broken until reboot and leaks memory from unremoved directories. The issue is fixed by cleaning up those ...

5.5CVSS5.2AI score0.00122EPSS
CVE
CVE
added 2026/02/14 4:1 p.m.17 views

CVE-2026-23156

CVE-2026-23156 affects Linux kernel efivarfs: efivar_entry_get() may return success even if __efivar_entry_get() fails, potentially enabling uninitialized heap data to be copied to userspace via efivarfs_file_read(). The root cause is error propagation being suppressed; the fix is to return the e...

7.8CVSS5.2AI score0.0012EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.17 views

CVE-2026-23186

CVE-2026-23186 pertains to the Linux kernel hwmon driver for the ACPI power meter. The issue arises when acpi_power_meter_notify() calls hwmon_device_unregister() while holding a lock also acquired by sysfs callbacks, creating potential deadlocks between sysfs access and device removal. Fixes inc...

5.5CVSS5.4AI score0.00088EPSS
CVE
CVE
added 2026/03/18 5:1 p.m.17 views

CVE-2026-23249

Summary (CVE-2026-23249) : In Linux kernel XFS, during free-space and inode btree repair, revalidation calls xchk_allocbt for BNOBT and CNTBT can race: the first call nullifies the CNTBT cursor, causing a NULL dereference on the second revalidation. The fix changes the control flow so CNTBT curso...

5.5CVSS5.7AI score0.00141EPSS
CVE
CVE
added 2026/03/18 5:41 p.m.17 views

CVE-2026-23258

CVE-2026-23258 is acknowledged in OSV entries as a vulnerability present in the Linux kernel context via the Root:Ubuntu rootio-linux package. Ubuntu security advisories indicate patches are available for Ubuntu 22.04 LTS and 24.04 LTS (Root:Ubuntu:22.04 and Root:Ubuntu:24.04) with multiple fixed...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.17 views

CVE-2026-23282

CVE-2026-23282 affects the Linux kernel SMB client (smb2_unlink). The root cause is uninitialised iov structures when SMB2_open_init() or SMB2_close_init() fails (e.g., on reconnect), which can cause oopses when SMB2_open_free(), SMB2_close_free(), or smb2_set_related() are invoked. The fix initi...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.17 views

CVE-2026-23300

The CVE-2026-23300 issue is a Linux kernel vulnerability in IPv6 routing where creating a standalone nexthop object (e.g., ip -6 nexthop add id 100 dev lo) caused a crash when later referenced by an IPv4 route. Root cause: fib6_nh_init() incorrectly treated such nexthops as rejects due to an abse...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23308

CVE-2026-23308 concerns a Linux kernel pinctrl equilibrium warning trace on load. The issue arises because eqbr_irq_mask() calls gpiochip_disable_irq() and eqbr_irq_ack() is also invoked, causing a warning for every GPIO during load. A fix was implemented by not using eqbr_irq_mask() and eqbr_irq...

5.5CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23310

Summary: CVE-2026-23310 affects the Linux kernel bonding/kern XDP path. If a bond is in 802.3ad or balance-xor mode and an XDP program is loaded, changing xmit_hash_policy to vlan+srcmac can escape the existing guard, leaving bond->xdp_prog set and causing an incompatible state during tear-dow...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23328

CVE-2026-23328 – Linux kernel (accel/amdxdna): The vulnerability is a NULL pointer dereference in mgmt_chann when the firmware returns an unexpected error in aie2_send_mgmt_msg_wait(), which may set mgmt_chann to NULL and cause a later NULL dereference in aie2_hw_stop(). The fixed patch introduce...

5.5CVSS5.6AI score0.00107EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23347

CVE-2026-23347 : Linux kernel vulnerability where the read bulk callback in the USB can driver (f81604) failed to anchor the urb before submitting in the anchor pattern. This could lead to urb leakage if usb_kill_anchored_urbs() is invoked. The issue is addressed by anchoring the urb in the read ...

5.5CVSS5.6AI score0.00127EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23367

CVE-2026-23367 – Linux kernel (wifi: radiotap: reject radiotap with unknown bits) The issue arises in the radiotap parser used for the radiotap namespace. If an undefined field (field 18) is present, the alignment/size is unknown and iterator->_next_ns_data is not initialized for non-visible v...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.17 views

CVE-2026-23374

CVE-2026-23374 affects the Linux kernel blktrace path. The root cause is tracing_record_cmdline() using __this_cpu_read()/__this_cpu_write() on a per-CPU variable while preemption is enabled, which is unsafe and triggers a kernel BUG in preemptible code through __blk_add_trace() paths. Public wri...

5.5CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.17 views

CVE-2026-23382

The CVE-2026-23382 entry concerns the Linux kernel HID subsystem. The issue arises when raw HID event callbacks can fire for a device that has not been claimed, potentially leading to a crash due to a missing HID_CLAIMED_INPUT guard. The fix, described in the upstream commit 2ff5baa9b527, adds th...

5.5CVSS5.6AI score0.00114EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.17 views

CVE-2026-23384

CVE-2026-23384 : In the Linux kernel's RDMA/ionic component, a kernel stack leak was fixed in the function ionic_create_cq(). The resp structure leaks 7 bytes from rsvd[7], and up to 4 additional bytes in cqid[2] (potentially 11 bytes total) if udma_mask only has bit 0 set and cqid[1] is not writ...

5.5CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2026/03/25 10:33 a.m.17 views

CVE-2026-23395

CVE-2026-23395 affects the Linux kernel Bluetooth L2CAP handling of ECRED connection requests. The issue stems from accepting multiple L2CAP_ECRED_CONN_REQs regardless of the command identifier, which can cause multiple requests to be marked pending (FLAG_DEFER_SETUP) and may lead to allocating m...

8.8CVSS5.7AI score0.00249EPSS
CVE
CVE
added 2026/04/02 11:40 a.m.17 views

CVE-2026-23414

CVE-2026-23414 is addressed in the Linux kernel TLS code. The vulnerability involved the async_hold queue that pins encrypted input skbs while AEAD operations reference scatterlist data. The fix centralizes purge of async_hold in tls_decrypt_async_wait(), ensuring all callers (recvmsg drain path,...

7.5CVSS5.6AI score0.00238EPSS
CVE
CVE
added 2026/04/03 1:24 p.m.17 views

CVE-2026-23422

CVE-2026-23422 concerns the Linux kernel’s dpaa2-switch component. An out-of-bounds if_id detected in the IRQ handler could leave the interrupt status uncleared, potentially causing an interrupt storm and a DoS-like condition. The technical details in connected documents show the root cause as mi...

7.8CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/04/03 1:24 p.m.17 views

CVE-2026-23425

CVE-2026-23425 (Linux kernel KVM arm64) — The issue stems from non-protected pKVM guests where the hypervisor copies only the KVM_ARCH_FLAG_ID_REGS_INITIALIZED flag from the host to the hypervisor during pkvm_init_features_from_host, while the actual id_regs data are not initialized. This can cau...

8.8CVSS5.8AI score0.00119EPSS
Total number of security vulnerabilities14139