Lucene search
K
LinuxLinux Kernel

14139 matches found

CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-31779

The CVE-2026-31779 issue is in the Linux kernel’s wifi iw lwifi mvm path, specifically iwl_mvm_nd_match_info_handler(). A memcpy may copy more bytes than the dynamic notif->matches array can safely hold, enabling an out-of-bounds read and potential information disclosure. Debian and Red Hat ad...

8.1CVSS5.8AI score0.00271EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-31782

The CVE-2026-31782 entry describes a Linux kernel perf/x86 issue where an auto counter reload could group software events with the x86_hybrid_pmu inside intel_pmu_hw_config. A container_of operation in intel_pmu_set_acr_caused_constr (via the hybrid helper) could read memory out of bounds. The fi...

7.8CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-43014

Technical details for CVE-2026-43014 are not publicly available in the provided documents. The connected advisories mention generic kernel fixes but do not specify affected components, versions, or exploit conditions. Monitor for updates.

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-43022

The CVE-2026-43022 issue affects the Linux kernel Bluetooth HCI synchronization path: hci_cmd_sync_queue_once() did not indicate when a queue item already existed, risking resource leaks. The fix changes hci_cmd_sync_queue_once() to return -EEXIST when a queue item already exists and requires upd...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-43031

The CVE concerns the Linux kernel xilinx axienet driver. When a TX packet spans multiple buffer descriptors, the current accounting in axienet_free_tx_chain summing per-BD lengths into an accumulator can lose earlier bytes if the packet completes across different polls, causing BQL to overestimat...

7.5CVSS5.9AI score0.00426EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-43032

CVE-2026-43032 affects the Linux kernel NFC pn533/pn532 UART receive path. The root cause is that pn532_receive_buf() appends incoming bytes to dev->recv_skb and only clears the partial frame when a complete PN532 frame header is recognized, allowing a continuous invalid stream to grow the skb...

5.5CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.16 views

CVE-2026-43039

CVE-2026-43039 concerns the Linux kernel icssg-prueth driver. In ZC RX dispatch, emac_dispatch_skb_zc() allocates a new skb via napi_alloc_skb() but fails to copy the received packet data from the XDP buffer, causing uninitialized heap memory to be passed up the stack and potentially leaking kern...

9.8CVSS5.9AI score0.00308EPSS
CVE
CVE
added 2026/05/05 3:23 p.m.16 views

CVE-2026-43067

Summary of CVE-2026-43067 (Linux kernel, ext4): A wraparound issue in block allocation for indirect-mmapped files could permit referencing blocks beyond the 32-bit block-number limit. The described root cause involves how ext4 allocates blocks for indirect-based files and how grouping logic could...

9.8CVSS5.8AI score0.00403EPSS
CVE
CVE
added 2026/05/05 3:23 p.m.16 views

CVE-2026-43070

The CVE describes a Linux kernel BPF verifier flaw: after a BPF_END (byte swap), dst_reg->id is not reset to 0, which can cause the verifier to propagate learned bounds to a linked register, creating a risk of out-of-bounds memory accesses. The concrete impact is potential privilege/escalation...

7.8CVSS5.8AI score0.00118EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.16 views

CVE-2026-43079

CVE-2026-43079 affects the Linux kernel’s perf/x86/intel/uncore component. When NUMA is disabled and the system boots with fewer CPUs than those in die 0, the kernel continues to parse the discovery table for offline dies, which can trigger an array overflow at pmu->boxes[die] and may lead to ...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.16 views

CVE-2026-43095

In CVE-2026-43095, the Linux kernel ASoC SDCA subsystem fixes an IRQ cleanup flaw. IRQs are currently enabled via sdca_irq_populate() from component probe using devm_request_threaded_irq(), which can cause IRQs to persist after a sound card teardown. Some IRQ handlers hold references to the card ...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.16 views

CVE-2026-43098

Summary (concrete details from provided documents): CVE-2026-43098 affects the Linux kernel NFC subsystem, specifically the s3fwrn5 driver, where s3fwrn82_uart_read() may consume bytes into recv_skb and deliver a complete frame before a new receive buffer is allocated. If alloc_skb() fails, the c...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.16 views

CVE-2026-43124

The CVE-2026-43124 issue affects Linux kernel pstore ram_core, where persistent_ram_vmap() could return a non-NULL pointer after vmap() failed, causing persistent_ram_buffer_map() to incorrectly report success and potentially dereference an invalid address on access, leading to a crash (DoS). Roo...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.16 views

CVE-2026-43191

CVE-2026-43191 concerns the Linux kernel DRM/AMD display path, specifically the PHY FSM transition from TX_EN to PLL_ON for TMDS on DCN35. The issue stems from a backport from DCN401 intended to fix turning off the PHY PLL during TMDS disable, which could cause OTG to hang and affect DCHVM invali...

5.5CVSS5.8AI score0.00112EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.16 views

CVE-2026-43202

CVE-2026-43202 affects the Linux kernel fbdev vt8500lcdfb driver. The root cause is a memory leak: fbi->fb.screen_buffer is allocated with dma_alloc_coherent() but is not freed on error paths due to missing dma_free_coherent() cleanup. This can exhaust system memory and cause DoS. Multiple OSV...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.16 views

CVE-2026-43225

CVE-2026-43225 involves a memory leak in the Linux kernel RTL8723BS staging path. Specifically, cfg80211_inform_bss_frame() may return NULL on a failure path, and the allocated buffer buf was not freed before an early return. This could leak memory. The issue is resolved by ensuring buf is freed ...

5.5CVSS5.9AI score0.00128EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.16 views

CVE-2026-43262

CVE-2026-43262 stems from a Linux kernel gfs2 fiemap page fault: gfs2_fiemap() calls iomap_fiemap() while holding the inode glock, risking recursive glock taking if the fiemap buffer maps to the same inode. The fix disables page faults for iomap_fiemap() and faults in the buffer by hand when need...

5.5CVSS5.9AI score0.00114EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.16 views

CVE-2026-43313

CVE-2026-43313 relates to a NULL-pointer dereference in the ACPI processor driver (acpi_processor_errata_piix4) of the Linux kernel. The code first assigns an IDE device to dev, then overwrites it with an ISA device using two successive pci_get_subsys lookups. If the first lookup succeeds but the...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/05/08 1:41 p.m.16 views

CVE-2026-43350

In the Linux kernel, a vulnerability in the SMB client path can allow a malicious server to exploit an ACE with sid_unix_NFS_mode by providing an ACE with only two subauthorities. parse_dacl() would treat this as an NFS mode SID and read sub_auth[2], potentially reading four bytes past the end of...

7.6CVSS5.8AI score0.00224EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.16 views

CVE-2026-43359

The CVE-2026-43359 detail points to a Linux kernel Btrfs issue: when calling the set received ioctl, repeated use of the same received UUID on multiple subvolumes could overflow metadata and abort the transaction, forcing the filesystem into read-only mode. The root cause is an item overflow duri...

5.5CVSS5.9AI score0.00123EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.16 views

CVE-2026-43375

CVE-2026-43375 concerns the Linux kernel in the MCTP path. A leak occurs during probe failures because the driver saves a reference to the USB device but fails to release it on error paths. The fix drops the redundant device reference to prevent memory leaks when the probe fails, simplifying driv...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.16 views

CVE-2026-43395

In the Linux kernel, the vulnerability CVE-2026-43395 affects the drm/xe/sync subsystem. During xe_sync_entry_parse(), references (syncobj, fence, chain fence, or user fence) can be allocated before a later failure path is reached, leaving partially initialized state and leaking refs. The fix rou...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.16 views

CVE-2026-43426

The CVE pertains to the Linux kernel Renesas USBHS driver. A use-after-free occurs in usbhs_remove() when resources (including the pipe array) are freed while the interrupt handler (usbhs_interrupt) is still registered, allowing a potentially concurrent ISR to access freed memory. The documented ...

7.8CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43459

CVE-2026-43459 concerns the Linux kernel ASoC subsystem: when unbinding a sound card while a PCM stream is active, a use-after-free can occur due to teardown ordering. The fix adds a flush in soc_cleanup_card_resources() after snd_card_disconnect_sync() and before soc_remove_dais()/soc_remove_lin...

7.3CVSS5.8AI score0.00113EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43465

CVE-2026-43465: Linux kernel mlx5e XDP multi-buf frag counting flaw. When XDP programs modify the XDP buffer layout (via bpf_xdp_pull_data/bpf_xdp_adjust_tail), the driver failed to count dropped fragments, risking negative page fragment reference counting and potential instability. Public report...

9.8CVSS5.9AI score0.00414EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.16 views

CVE-2026-43470

CVE-2026-43470 affects the Linux kernel NFS implementation. When an alias found via nfs3_do_create/nfs_add_or_obtain /d_splice_alias corresponds to a directory, the code could forget the alias while keeping the original negative dentry, causing an oops in nfs_atomic_open_v23/finish_open. The issu...

5.5CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/06/03 3:50 p.m.16 views

CVE-2026-46269

CVE-2026-46269 affects the Linux kernel pinctrl driver for canaan k230. A NULL pointer dereference occurs during devicetree parsing when probing k230_pinctrl_parse_functions() accesses info->pctl_dev->dev before pctl_dev is initialized, causing a kernel crash (local DoS). The root cause is ...

5.5CVSS5.8AI score0.00113EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.16 views

CVE-2026-53168

The CVE-2026-53168 issue affects the Linux kernel FUSE implementation. It concerns fuse_notify() pagecache operations on directories, where FUSE_NOTIFY_STORE/RETRIEVE could allow the FUSE daemon to access pagecache contents in kernel-internal storage for directories using FOPEN_CACHE_DIR. The fix...

5.5CVSS5.8AI score0.00176EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.16 views

CVE-2026-53181

CVE-2026-53181 affects the Linux kernel vsock/vmci stack. On failing handshake, vmci_transport_recv_listen() could leave sk_ack_backlog incremented (due to missing sk_acceptq_removed() call), allowing backlog growth toward sk_max_ack_backlog and a possible listener denial of new connections (-ECO...

5.5CVSS5.8AI score0.00184EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.16 views

CVE-2026-53191

CVE-2026-53191 affects the Linux kernel io_uring/net path. In bundle recv retries (with incremental mode and provided buffer rings IOU_PBUF_RING_INC), a memory handling bug caused IORING_CQE_F_BUF_MORE to be dropped during flag merge, allowing the kernel to leave a stale BUF_MORE in carried flags...

7.8CVSS6AI score0.00138EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.15 views

CVE-2022-50426

CVE-2022-50426 affects the Linux kernel remoteproc path for imx_dsp_rproc. The issue arises from a workqueue that may run after rproc_stop_subdevices releases resources, allowing rproc_vq_interrupt to access freed rpmsg endpoints. The fix adds mutex protection in imx_dsp_rproc_vq_work to skip rpr...

5.5CVSS6.3AI score0.00143EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.15 views

CVE-2022-50459

CVE-2022-50459 affects the Linux kernel’s iSCSI TCP path (scsi: iscsi: iscsi_tcp) where a NULL pointer dereference can occur if a socket is freed while accessed via sysfs. Details describe the sequence: sock_hold() on struct sock, then sockfd_put() frees the socket, __sock_release() clears sock-&...

5.5CVSS6.3AI score0.00153EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.15 views

CVE-2022-50475

CVE-2022-50475 : In the Linux kernel, the RDMA/core path fixes an issue where the ib_port structure could be invalid when accessing a sysfs node. The vulnerability arises if ib_port is not properly set before adding the sysfs kobject and not reset after its removal, which could lead to a NULL poi...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/10/04 3:43 p.m.15 views

CVE-2022-50508

CVE-2022-50508 affects the Linux kernel wifi driver for MT76x0/MT76x02. After commit ba45841ca5eb, MT76x02 relies on ht[0-7] rate_power for vht mcs{0,7} but uses vth[0-1] rate_power for vht mcs{8,9}, which can cause a possible out-of-bounds access in the function mt76x0_phy_get_target_power. The ...

7.1CVSS6.1AI score0.00139EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2022-50512

CVE-2022-50512 affects the Linux kernel ext4 filesystem. The root cause is a potential memory leak in ext4_fc_record_regions(): krealloc may return NULL, leaving state->fc_regions NULL but not freeing the previous allocation, causing a memory leak. Multiple connected sources (NVD, OSV, OpenVAS...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2022-50533

CVE-2022-50533 concerns a Linux kernel issue in the wifi/mac80211 mlme handling where a failed association to an AP without a link 0 could trigger a null-pointer dereference in tracing. The observed root cause was that sdata->vif.valid_links is cleared and then ap_mld_addr or link 0 BSS may be...

5.5CVSS5.9AI score0.00145EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.15 views

CVE-2022-50549

CVE-2022-50549 describes an ABBA deadlock in the Linux kernel’s dm-thin path where concurrent drop_caches and dm thin worker activity can cause a deadlock between shrink_slab (holding shrinker_rwsem) and dm_pool_abort_metadata (holding dm_block/root locks). The result is a hung task as shown by t...

5.5CVSS6.2AI score0.00141EPSS
CVE
CVE
added 2025/09/15 2:4 p.m.15 views

CVE-2023-53184

The CVE-2023-53184 entry concerns a Linux kernel vulnerability in arm64 SME (SVE state handling). The root cause is that the vector length is updated after allocating the SVE state, causing allocation with the old length and potential memory corruption from an undersized buffer. The fix moves the...

7.8CVSS6.3AI score0.00151EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.15 views

CVE-2023-53478

CVE-2023-53478 concerns the Linux kernel’s tracing/synthetic subsystem. The vulnerability arises from races on freeing the last_cmd variable, which can be accessed concurrently by multiple processes manipulating the synthetic_events node, enabling use-after-free or double-free conditions. The con...

4.7CVSS6.1AI score0.001EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.15 views

CVE-2023-53498

In the provided documents, CVE-2023-53498 is described as a Linux kernel vulnerability in the AMD display driver (drm/amd/display). The issue arises when amdgpu_dm_fini() may dereference adev->dm.dc if the pointer is NULL, allowing a NULL pointer dereference. The remediation is a code fix that...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.15 views

CVE-2023-53503

In the Linux kernel, the vulnerability CVE-2023-53503 affects ext4: ext4_get_group_info() could underflow when computing a block group if s_first_data_block is set to an extremely large value due to a malicious attacker with write access to the block device while the filesystem is mounted. This c...

5.5CVSS6.2AI score0.00145EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.15 views

CVE-2023-53504

Technical details for CVE-2023-53504 are not publicly available in the provided documents; monitor for updates.

7.8CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2025/10/01 11:46 a.m.15 views

CVE-2023-53512

CVE-2023-53512 : Linux kernel scsi/mpt3sas memory leak fixed by adding a forgotten kfree() in the affected path. The vulnerability is resolved in kernel updates; the connected advisories (Unity Linux/EulerOS NASL entries) reference the same fix and confirm remediation via patch version. Cards emp...

5.5CVSS6.1AI score0.00135EPSS
CVE
CVE
added 2025/10/01 11:46 a.m.15 views

CVE-2023-53532

CVE-2023-53532 concerns the Linux kernel/ath11k on AHB WLAN hardware. The issue arises during deinitialization of firmware resources for chipsets with non-fixed firmware memory when TrustZone is not present. The code path unmapped memory that was never mapped during initialization, leading to a k...

5.5CVSS6AI score0.00135EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.15 views

CVE-2023-53533

CVE-2023-53533 is reported as resolved in the Linux kernel, addressing a refcount leak in the raspberrypi-ts driver during rpi_ts_probe. The root cause involves a reference taken by rpi_firmware_get() that is not released in error paths; the patch adds the use of devm_rpi_firmware_get() to manage...

5.5CVSS6.1AI score0.00146EPSS
CVE
CVE
added 2025/10/04 3:16 p.m.15 views

CVE-2023-53547

CVE-2023-53547 concerns the Linux kernel DRM/AMDGPU SDMA v4 component. The fixed issue is a sw_fini error in SDMA 4.2.2 that could trigger a general protection fault (likely address 0xd5e5a4ae79d24a32) during firmware release, as shown in the stack trace including release_firmware and amdgpu_ucod...

5.5CVSS6.2AI score0.00143EPSS
CVE
CVE
added 2025/10/04 3:44 p.m.15 views

CVE-2023-53599

CVE-2023-53599: In the Linux kernel, the af_alg crypto path for gcm-aes-s390 had a missing initialisation in af_alg_alloc_areq. The bug could cause an oops when gcm_walk_start() runs on req->dst because req->dst was incorrectly set from areq->first_rsgl.sgl.sgl by _aead_recvmsg() calling...

5.5CVSS6AI score0.0012EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2023-53629

CVE-2023-53629 concerns the Linux kernel, specifically a use-after-free in the DLM midcomms path (dlm_midcomms_commit_mhandle) while processing DLM messages in softirq context. The issue manifested as a KASAN use-after-free leading to a read of size 4 from a user-controlled address in a lock_tort...

7.8CVSS6.4AI score0.0019EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2023-53630

CVE-2023-53630 affects the Linux kernel iommufd path. The issue: batch_last_index could be computed incorrectly, causing an unmap to run past the end of pages and corrupt unmapped pages. This is mitigated by a kernel fix that uses start_index when calculating batch_last_index, preventing out-of-b...

5.5CVSS5.8AI score0.00164EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.15 views

CVE-2023-53633

CVE-2023-53633 pertains to the Linux kernel where the leak occurs in accel/qaic’s map_user_pages() path. If get_user_pages_fast() allocates some pages but not as many as requested, the current code fails to release the pages, causing a leak. The root cause is improper page accounting in the get_u...

5.5CVSS6.3AI score0.00168EPSS
Total number of security vulnerabilities14139