Lucene search
K
LinuxLinux Kernel

14330 matches found

CVE
CVE
added 2025/10/01 7:44 a.m.12 views

CVE-2025-39906

The CVE-2025-39906 issue affects the Linux kernel drm/amd/display code. A fix removes the OEM I2C adapter on finish, addressing a bug where unbinding the GPU left the OEM I2C adapter registered, which could lead to a NULL pointer dereference when applications access the invalid device. The fix is...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/10/09 12:13 p.m.12 views

CVE-2025-39960

Concrete details from connected sources show CVE-2025-39960 affecting the Linux kernel gpiolib/acpi path. The root cause is uninitialized acpi_gpio_info passed to __acpi_find_gpio(), leading to info->quirks usage in acpi_populate_gpio_lookup and breaking i2c_hid_cpi HID over I2C probes. The fi...

7.8CVSS6.1AI score0.00143EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.12 views

CVE-2025-71106

CVE-2025-71106 - Linux kernel fix . The vulnerability concerns the filesystems_freeze_callback() check (freeze_all_ptr) introduced by the commit “power: always freeze efivarfs.” The check was inverted, causing all file systems to be frozen when filesystem_freeze_enabled is false. This could trigg...

5.5CVSS6.1AI score0.00107EPSS
CVE
CVE
added 2026/01/14 3:5 p.m.12 views

CVE-2025-71109

CVE-2025-71109 covers a Linux kernel issue in MIPS ftrace involving memory corruption when the kernel is located beyond 32 bits. The root cause is the UASM_i_LA_mostly macro (and now UASM_i_LA) generating more than two instructions, while ftrace code stores only an int[2], risking overflow that c...

5.5CVSS6.6AI score0.00171EPSS
CVE
CVE
added 2026/01/23 3:23 p.m.12 views

CVE-2025-71158

The CVE-2025-71158 issue is in the Linux kernel gpio: mpsse driver, where an IRQ worker running during device unplug could crash. The root cause is insufficient teardown of the worker list on disconnect; a spinlock was introduced to protect the worker list and ensure tear-down during hot-unplug. ...

5.5CVSS5.3AI score0.00137EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.12 views

CVE-2025-71271

CVE-2025-71271 affects the Linux kernel hfsplus filesystem driver. A bug introduced during the move to the new mount API could leak filesystem-specific data (sb->s_fs_info) if setup_bdev_super() fails after a new superblock is allocated but before hfsplus_fill_super() takes ownership. The leak...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.12 views

CVE-2026-23287

The CVE-2026-23287 issue affects the Linux kernel’s PLIC interrupt handling for SiFive irqchip, where a race between affinity changes and interrupt enable bits could freeze an interrupt. Root cause: completion handling could ignore or mis-handle an interrupt if the hart affinity change left the e...

5.5CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.12 views

CVE-2026-23294

The CVE describes a race in the Linux kernel’s PREEMPT_RT path for the per-CPU xdp_dev_bulk_queue (bq). The vulnerability arises because bq_enqueue() and __dev_flush() were believed to run atomically on the same CPU, but PREEMPT_RT can preempt, leading to concurrent access to bq->count and bq-...

7CVSS5.7AI score0.0009EPSS
CVE
CVE
added 2026/03/25 10:26 a.m.12 views

CVE-2026-23297

CVE-2026-23297 affects the Linux kernel’s NFS daemon (nfsd). The issue is a memory leak of struct cred caused by how nfsd_nl_threads_set_doit() passes current credentials to nfsd_svc() and later to _svc_xprt_create() without transferring ownership, leaving a refcount leak. SYZBOT identified a lea...

5.5CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.12 views

CVE-2026-23337

The CVE-2026-23337 entry concerns the Linux kernel, specifically the pinconf-generic driver in the pinctrl subsystem. The root cause is a memory leak in pinconf_generic_parse_dt_config() when parse_dt_cfg() fails and exits early, bypassing cleanup. The resulting leak is of the cfg buffer. The fix...

5.5CVSS5.7AI score0.00117EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.12 views

CVE-2026-23341

CVE-2026-23341 affects the Linux kernel accel/amdxdna path. The issue occurs when userspace issues an ioctl to destroy a hardware context that has already been automatically suspended, which may crash due to a NULL mailbox channel pointer accessed in aie2_destroy_context(). The fix adds a mailbox...

5.5CVSS5.7AI score0.00107EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.12 views

CVE-2026-23353

Summary (CVE-2026-23353) A bug in the Linux kernel ice network driver causes a kernel NULL pointer dereference during the ethtool offline loopback test after ICE conversion to page pool. The root cause is not initializing libeth for the receive (RX) ring, leading to a crash when the loopback test...

5.5CVSS5.7AI score0.00112EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.12 views

CVE-2026-23377

CVE-2026-23377 affects the Linux kernel in the ice network driver under XDP. The root cause is an incorrect use of frag_size in XDP RxQ info, which should reflect the whole buffer size but was treated as a DMA write length, causing negative tailroom and potential kernel panic when crafting packet...

5.5CVSS5.8AI score0.001EPSS
CVE
CVE
added 2026/03/25 10:33 a.m.12 views

CVE-2026-23391

CVE-2026-23391 affects the Linux kernel netfilter xt_CT feature. The issue arises when templates reference nfqueue objects (e.g., helper, nfnetlink_cttimeout) that can be removed while packets are queued, potentially leaving pending packets. The vulnerability has been resolved by flushing enqueue...

7.8CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.12 views

CVE-2026-23453

CVE-2026-23453 affects the Linux kernel net:ti icssg-prueth XDP_DROP in non-zero-copy mode, causing a memory leak where pages aren’t returned to the page pool, potentially leading to OOM. The documented fix updates the caller path: when emac_run_xdp() returns ICSSG_XDP_CONSUMED for XDP_DROP, emac...

7.5CVSS5.8AI score0.00343EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.12 views

CVE-2026-31443

CVE-2026-31443 : Linux kernel, dmaengine: idxd driver fix. When hardware does not support event logging and a Function Level Reset (FLR) occurs, the driver previously attempted to restore the event log even if it was never allocated, and may crash. The fix ensures the event log is only freed if i...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.12 views

CVE-2026-31477

In CVE-2026-31477, the Linux kernel ksmbd component smb2_lock() had three error-handling issues after detaching smb_lock from lock_list: (1) non-UNLOCK path leaks smb_lock and its flock when vfs_lock_file() returns an unexpected error, (2) UNLOCK path leaks on -ENOENT with stale error code, and (...

7.5CVSS5.6AI score0.00479EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.12 views

CVE-2026-31490

CVE-2026-31490 affects the Linux kernel drm/xe/pf component. A use-after-free vulnerability occurs when xe_sriov_pf_migration_restore_produce() returns an error and the data pointer is not cleared, potentially enabling memory corruption or a crash. The fix sets the data pointer to NULL on error t...

7.8CVSS5.6AI score0.0012EPSS
CVE
CVE
added 2026/04/24 2:33 p.m.12 views

CVE-2026-31545

The CVE-2026-31545 issue affects the Linux kernel NFC subsystem (nxp-nci driver), where GPIOs could sleep due to a sleep path regression that triggered a WARN_ON and affected GPIOs connected to I2C GPIO expanders. The vulnerability is resolved by enabling the firmware-driven sleep behavior for th...

5.5CVSS5.4AI score0.00123EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.12 views

CVE-2026-31653

Summary : CVE-2026-31653 impacts the Linux kernel DAMON subsystem (DAMON_SYSFS). When a monitored process terminates before damon_call() runs, a dynamically allocated repeat_call_control is not deallocated, causing a memory leak. The connected sources document the root cause and confirm the fix: ...

5.5CVSS5.3AI score0.00112EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.12 views

CVE-2026-31740

CVE-2026-31740 : In the Linux kernel, a race condition can occur in the rz-mtu3-cnt counter driver where the shared rz_mtu3_channel.dev pointer is overwritten by the counter and PWM sub-drivers when assigning device pointers for channels 1 and 2. This can lead the counter sub-driver to perform ru...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.12 views

CVE-2026-31745

CVE-2026-31745 affects the Linux kernel GPIO reset path. The double-free occurs in reset_add_gpio_aux_device(): if __auxiliary_device_add() fails, the code calls auxiliary_device_uninit(adev), the device release callback frees adev, but the error path then frees adev again with kfree(adev). The f...

7.8CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/05/01 2:14 p.m.12 views

CVE-2026-31761

CVE-2026-31761 concerns the Linux kernel IIO gyro driver for mpu3050. The issue is a race condition caused by calling iio_device_register() in an incorrect location during probe. The fix places iio_device_register() at the end of the probe function and aligns iio_device_unregister() accordingly. ...

7.8CVSS5.7AI score0.001EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.12 views

CVE-2026-31774

The CVE-2026-31774 issue affects the Linux kernel io_uring/net path. A 32-bit length value (sqe->len) is stored into sr->len (int), allowing values above INT_MAX (e.g., 0xFFFFFFFF) to overflow and propagate through the bundle recv/send path. This can cause a slab-out-of-bounds read in io_bu...

7.1CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.12 views

CVE-2026-31776

CVE-2026-31776 affects the Linux kernel via ALSA ctxfi SPDIF1 handling. The issue occurs in daio_device_index() for SPDIF1 (hw20k2) where the index is not properly handled, leading to an out-of-bounds access. Affected code path is fixed upstream by returning the correct index, mirroring the hw20k...

7.8CVSS5.7AI score0.0012EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.12 views

CVE-2026-43164

CVE-2026-43164 affects the Linux kernel UDP-Lite implementation. The issue is a null-pointer dereference in __udp_enqueue_schedule_skb() triggered during UDP-Lite socket initialization, as reported by syzbot. Post-commit changes allow udp_lib_init_sock(), udp_init_sock(), and udpv6_init_sock() to...

7.5CVSS5.8AI score0.00451EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.12 views

CVE-2026-43172

CVE-2026-43172 affects the Linux kernel iwlwifi driver. If the firmware reports three LMACs (which hardware does not have), the code can overrun the array fwrt->smem_cfg.lmac[2]. The fix rejects such configurations and uses IWL_FW_CHECK instead of WARN_ON, mitigating a potential instability/Do...

8.8CVSS5.8AI score0.00256EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.12 views

CVE-2026-43188

CVE-2026-43188 affects the Linux kernel in the Ceph writeback path when fscrypt is enabled. The issue arises in move_dirty_folio_in_page_array() failing to allocate bounce buffers for encrypted folios and the shared rc variable being overwritten by ceph_process_folio_batch(); this could propagate...

5.5CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/06/24 7:14 a.m.12 views

CVE-2026-52941

Summary: CVE-2026-52941 affects the Linux kernel net/smc stack. The smc_msg_event tracepoint used by smc_tx_sendmsg/smc_rx_recvmsg dereferenced conn.lnk unconditionally, causing a NULL pointer dereference when conn.lnk is NULL on SMC-D, leading to a crash. The fix guards against !conn->lnk and...

5.5CVSS5.8AI score0.00116EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53133

The CVE-2026-53133 entry concerns the Linux kernel RDMA/umem component where an IOMMU-assisted mapping can split a very large block across multiple SG entries. During reassembly in __rdma_block_iter_next(), 32-bit stack values can overflow, causing incorrect DMA addresses for blocks at or beyond ...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53136

The CVE-2026-53136 issue affects the Linux kernel in the DRM AMD display driver. It arises from VBIOS info fields HdmiRegNum and Hdmi6GRegNum being used as loop bounds to copy retimer I2C settings into fixed-size arrays without validation, enabling an out-of-bounds heap write during driver probe....

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53149

CVE-2026-53149 affects the Linux kernel Thunderbolt code path, where __tb_property_parse_dir() may read beyond the root directory block due to missing bounds checks on content_offset/content_len. The issue could allow reading past a directory block, with high impact to confidentiality and availab...

7.1CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53158

The CVE-2026-53158 issue affects the Linux kernel misc: fastrpc subsystem, where a NULL pointer dereference could occur in rpmsg callback if fastrpc_rpmsg_probe() hasn’t completed or if the callback fires before dev_set_drvdata(). The fault trace points to a NULL cctx in fastrpc_channel_ctx when ...

5.5CVSS5.7AI score0.00122EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53165

CVE-2026-53165 describes a race in the Linux kernel iomap subsystem where, during buffered read error reporting, a separate in-flight read can detach a folio and set folio->mapping to NULL before an error is reported, leading to a NULL dereference of folio->mapping in fserror_report_io(). T...

7.5CVSS5.8AI score0.00359EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53169

In the Linux kernel, accel/ethosu has been fixed to reject NPU_OP_RESIZE commands from userspace. The driver previously used an unconditional WARN_ON(1) in DRM_IOCTL_ETHOSU_GEM_CREATE, enabling kernel log spam and, if panic_on_warn was set, potential DoS via a local unprivileged user. The patch r...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53170

Concrete details confirm a vulnerability in the Linux kernel accel/ethosu driver: cmd_state_init() leaves dma->len at U64_MAX to signal uninitialized length, and dma_length() can wrap a positive stride to a small value, causing a bypass of region checks in ethosu_job.c when userspace omits the...

8.8CVSS5.9AI score0.00137EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53174

CVE-2026-53174 affects the Linux kernel overlay filesystem (ovl). The bug in ovl_iterate_merged() stores PTR_ERR(cache) in err before validating the cache with IS_ERR(cache), so on success err may hold a truncated cache pointer and be returned as a bogus non-zero error. The repro path goes throug...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:38 a.m.12 views

CVE-2026-53185

CVE-2026-53185 concerns the Linux kernel zram subsystem. The issue is a use-after-free in zram_bvec_write_partial(), where zram_read_page() can dispatch reads asynchronously for ZRAM_WB slots and return before the backing read completes. The caller may then operate on a buffer that is freed, risk...

7.8CVSS5.8AI score0.00102EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53190

CVE-2026-53190 concerns a Linux kernel vulnerability in the drm/virtio path where a refcount leak could occur in error handling of virtio_gpu_dma_fence_wait(). The root cause is that dma_fence_unwrap_for_each() calls dma_fence_unwrap_first(), which assigns cursor->chain = dma_fence_get(head) (...

5.5CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53200

The CVE refers to the Linux kernel KVM on ARM64 where the XN bit handling was broken when FEAT_XNX is not enabled. Specifically, a FIELD_PREP() mask used to clear XN[0] manipulated the wrong bit, unconditionally granting execute permissions. The issue is resolved by correcting the bit manipulatio...

8.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53217

The CVE-2026-53217 issue affects the Linux kernel MVPP2 driver: RX data was synchronized at the hardware packet offset, leaving end-of-frame data possibly stale on non‑coherent DMA. Root cause is incorrect DMA sync range (starting at dma_addr and not covering the actual written packet tail). The ...

8.6CVSS5.7AI score0.00401EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53230

CVE-2026-53230 describes a slab-out-of-bounds vulnerability in the Linux kernel mlx5 driver: mlx5_query_nic_vport_mac_list sizes its firmware command buffer using the PF’s log_max_current_uc/mc_list, risking an overflow when querying a VF vport with a larger max. The resulting memory access is a ...

8.7CVSS6AI score0.00131EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53231

CVE-2026-53231 (Linux kernel) : The issue affects the PHY subsystem where PHY-driven SFP cages are not supported with the genphy code. Investigations show that sfp_bus_add_upstream() for genphy can deadlock because PHY probing runs under RTNL for genphy while non-genphy drivers do not. The root c...

5.5CVSS5.8AI score0.00087EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53235

Summary of technical details (CVE-2026-53235) : The Linux kernel GRO receive path had a bug in skb_gro_receive_list() where skb_pull(skb, skb_gro_offset(skb)) could run without ensuring the data is linear (missing pskb_may_pull() guard). When packets arrive via napi_gro_frags(), skb_headlen can b...

7.5CVSS5.7AI score0.00466EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53238

CVE-2026-53238 affects the Linux kernel netlabel/privacy path in netlbl_unlabel_addrinfo_get, where the address attribute length was used to infer IPv4/IPv6 data but the corresponding mask length was not independently validated. A crafted Generic Netlink request could supply a valid IPv4/IPv6 add...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53241

Summary: CVE-2026-53241 affects the Linux kernel ALSA sequencer dummy port. A local attacker could trigger a stack overread when handling Universal MIDI Packet (UMP) events due to copying a UMP-sized packet into legacy stack storage, leaving the UMP data truncated. The root cause is the dummy cli...

5.5CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53244

CVE-2026-53244 concerns the Linux kernel NFSD component. When exporting a filesystem with the atomic_create hook, an error from atomic_create() could cause nfsd4_create_file() to fail unlocking the parent directory, risking resource exhaustion and potential DoS. The root cause is that dentry hand...

7.5CVSS5.7AI score0.00359EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.12 views

CVE-2026-53262

CVE-2026-53262 affects the Linux kernel ioctl path for the pppol2tp module (l2tp) where pppol2tp_ioctl() dereferenced sock->sk->sk_user_data without proper locking while a sleep could occur during copy_from_user(). If a concurrent socket close happened, l2tp_session_close() could free the s...

7.8CVSS5.8AI score0.00125EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.12 views

CVE-2026-53292

Summary (CVE-2026-53292): The Linux kernel phonet subsystem contains a flaw in pn_socket_autobind() where, if pn_socket_bind() returns -EINVAL while the socket was never bound (pn_port() == 0) and sk states are not TCP_CLOSE, a BUG_ON() triggers a kernel panic from a user-triggerable path. The pa...

5.5CVSS5.8AI score0.00107EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.12 views

CVE-2026-53299

CVE-2026-53299 affects the Linux kernel net:airoha component. The vulnerability stems from premature initialization of ndesc in airoha_qdma_init_tx_queue; if queue entry list allocation fails, airoha_qdma_cleanup_tx_queue() may dereference a NULL queue entry array, potentially causing a DoS/syste...

5.5CVSS5.8AI score0.00121EPSS
Total number of security vulnerabilities14330