Lucene search

K
LinuxLinux Kernel

8330 matches found

CVE
CVE
added 2024/07/29 7:15 a.m.6357 views

CVE-2024-41091

In the Linux kernel, the following vulnerability has been resolved: tun: add missing verification for short frame The cited commit missed to check against the validity of the frame lengthin the tun_xdp_one() path, which could cause a corrupted skb to be sentdownstack. Even before the skb is transmi...

7.1CVSS6.3AI score0.00101EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.6329 views

CVE-2023-52644

In the Linux kernel, the following vulnerability has been resolved: wifi: b43: Stop/wake correct queue in DMA Tx path when QoS is disabled When QoS is disabled, the queue priority value will not map to the correctieee80211 queue since there is only one queue. Stop/wake queue 0 when QoSis disabled t...

6.3CVSS5.8AI score0.00004EPSS
CVE
CVE
added 2024/02/20 1:15 p.m.6314 views

CVE-2023-52433

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transactionends. Skip sync GC for such elements otherwise commit path might walkover an already...

4.4CVSS5.7AI score0.00011EPSS
CVE
CVE
added 2024/03/06 7:15 a.m.6293 views

CVE-2023-52587

In the Linux kernel, the following vulnerability has been resolved: IB/ipoib: Fix mcast list locking Releasing the priv->lock while iterating the priv->multicast_list inipoib_mcast_join_task() opens a window for ipoib_mcast_dev_flush() toremove the items while in the middle of iteration. If t...

5.5CVSS6.2AI score0.00006EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.6277 views

CVE-2024-26861

In the Linux kernel, the following vulnerability has been resolved: wireguard: receive: annotate data-race around receiving_counter.counter Syzkaller with KCSAN identified a data-race issue when accessingkeypair->receiving_counter.counter. Use READ_ONCE() and WRITE_ONCE()annotations to mark the ...

4.7CVSS6.3AI score0.00006EPSS
CVE
CVE
added 2024/02/27 7:4 p.m.6273 views

CVE-2021-46956

In the Linux kernel, the following vulnerability has been resolved: virtiofs: fix memory leak in virtio_fs_probe() When accidentally passing twice the same tag to qemu, kmemleak ended upreporting a memory leak in virtiofs. Also, looking at the log I saw thefollowing error (that's when I realised th...

5.5CVSS6.4AI score0.00009EPSS
CVE
CVE
added 2024/04/10 2:15 p.m.6260 views

CVE-2024-26816

In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted intothe .notes section so that Xen can find the "startup_xen" entry point.This information is used prior to booting the...

5.5CVSS5.8AI score0.00013EPSS
CVE
CVE
added 2024/04/04 10:15 a.m.6158 views

CVE-2024-26809

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_pipapo: release elements in clone only from destroy path Clone already always provides a current view of the lookup table, use itto destroy the set, otherwise it is possible to destroy elements twice. This fix re...

5.5CVSS6.1AI score0.00014EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6140 views

CVE-2021-47013

In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In emac_mac_tx_buf_send, it calls emac_tx_fill_tpd(..,skb,..).If some error happens in emac_tx_fill_tpd(), the skb will be freed viadev_kfree_skb(skb) in error branch ...

7.8CVSS6.3AI score0.00012EPSS
CVE
CVE
added 2024/02/29 11:15 p.m.6127 views

CVE-2021-47068

In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d ("nfc: fix refcount leak in llcp_sock_connect()")and c33b1cc62 ("nfc: fix refcount leak in llcp_sock_bind()")fixed a refcount leak bug in bind/connect but introduc...

7.8CVSS7.1AI score0.00019EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6107 views

CVE-2021-47017

In the Linux kernel, the following vulnerability has been resolved: ath10k: Fix a use after free in ath10k_htc_send_bundle In ath10k_htc_send_bundle, the bundle_skb could be freed bydev_kfree_skb_any(bundle_skb). But the bundle_skb is used laterby bundle_skb->len. As skb_len = bundle_skb->len...

7.8CVSS6.8AI score0.00025EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6094 views

CVE-2021-47005

In the Linux kernel, the following vulnerability has been resolved: PCI: endpoint: Fix NULL pointer dereference for ->get_features() get_features ops of pci_epc_ops may return NULL, causing NULL pointerdereference in pci_epf_test_alloc_space function. Let us add a check forpci_epc_feature pointe...

5.5CVSS6.4AI score0.00015EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6074 views

CVE-2020-36787

In the Linux kernel, the following vulnerability has been resolved: media: aspeed: fix clock handling logic Video engine uses eclk and vclk for its clock sources and its resetcontrol is coupled with eclk so the current clock enabling sequence workslike below. Enable eclkDe-assert Video Engine reset...

5.5CVSS6.4AI score0.00019EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6051 views

CVE-2021-47009

In the Linux kernel, the following vulnerability has been resolved: KEYS: trusted: Fix memory leak on object td Two error return paths are neglecting to free allocated object td,causing a memory leak. Fix this by returning via the error returnpath that securely kfree's td. Fixes clang scan-build wa...

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6042 views

CVE-2021-47022

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix memleak when mt7615_unregister_device() mt7615_tx_token_put() should get call before mt76_free_pending_txwi().

5.5CVSS6.6AI score0.00021EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.6040 views

CVE-2024-26957

In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with hot-plugging crytpo cards on KVM guests with debugkernel build revealed an use after free for the load field ofthe struct zcrypt_card. The reason was an incorrec...

7.8CVSS6.4AI score0.00014EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6038 views

CVE-2021-47042

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Free local data after use Fixes the following memory leak in dc_link_construct(): unreferenced object 0xffffa03e81471400 (size 1024):comm "amd_module_load", pid 2486, jiffies 4294946026 (age 10.544s)hex dump (first...

5.5CVSS6.3AI score0.00041EPSS
CVE
CVE
added 2024/03/06 7:15 a.m.6035 views

CVE-2023-52583

In the Linux kernel, the following vulnerability has been resolved: ceph: fix deadlock or deadcode of misusing dget() The lock order is incorrect between denty and its parent, we shouldalways make sure that the parent get the lock first. But since this deadcode is never used and the parent dir will...

5.5CVSS6.2AI score0.0001EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6033 views

CVE-2021-46987

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix deadlock when cloning inline extents and using qgroups There are a few exceptional cases where cloning an inline extent needs tocopy the inline extent data into a page of the destination inode. When this happens, we end ...

5.5CVSS6.5AI score0.00015EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6032 views

CVE-2021-47003

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Fix potential null dereference on pointer status There are calls to idxd_cmd_exec that pass a null status pointer howevera recent commit has added an assignment to *status that can end upwith a null pointer derefer...

5.5CVSS6.5AI score0.00009EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6015 views

CVE-2021-47030

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7615: fix memory leak in mt7615_coredump_work Similar to the issue fixed in mt7921_coredump_work, fix a possible memoryleak in mt7615_coredump_work routine.

5.5CVSS6.4AI score0.00041EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6012 views

CVE-2021-46998

In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In enic_hard_start_xmit, it calls enic_queue_wq_skb(). Insideenic_queue_wq_skb, if some error happens, the skb will be freedby dev_kfree_skb(skb). But the freed skb is...

7.8CVSS6.4AI score0.00013EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6010 views

CVE-2021-47021

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix memleak when mt7915_unregister_device() mt7915_tx_token_put() should get call before mt76_free_pending_txwi().

5.5CVSS6.6AI score0.00041EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.6007 views

CVE-2021-46983

In the Linux kernel, the following vulnerability has been resolved: nvmet-rdma: Fix NULL deref when SEND is completed with error When running some traffic and taking down the link on peer, aretry counter exceeded error is received. This leads tonvmet_rdma_error_comp which tried accessing the cq_con...

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2024/02/29 11:15 p.m.6004 views

CVE-2021-46959

In the Linux kernel, the following vulnerability has been resolved: spi: Fix use-after-free with devm_spi_alloc_* We can't rely on the contents of the devres list duringspi_unregister_controller(), as the list is already torn down at thetime we perform devres_find() for devm_spi_release_controller....

7.8CVSS6.6AI score0.00012EPSS
CVE
CVE
added 2024/02/29 11:15 p.m.5992 views

CVE-2021-47058

In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream commit cffa4b2122f5("regmap:debugfs:Fix a memory leak when calling regmap_attach_dev") thatadds a if condition when create name for debugfs_name.With below func...

7.8CVSS6.5AI score0.00013EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.5969 views

CVE-2023-52461

In the Linux kernel, the following vulnerability has been resolved: drm/sched: Fix bounds limiting when given a malformed entity If we're given a malformed entity in drm_sched_entity_init()--shouldn'thappen, but we verify--with out-of-bounds priority value, we set it to anallowed value. Fix the exp...

5.3CVSS5.6AI score0.00044EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.5950 views

CVE-2021-46985

In the Linux kernel, the following vulnerability has been resolved: ACPI: scan: Fix a memory leak in an error handling path If 'acpi_device_set_name()' fails, we must free'acpi_device_bus_id->bus_id' or there is a (potential) memory leak.

5.5CVSS6.3AI score0.0003EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.5945 views

CVE-2021-47028

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7915: fix txrate reporting Properly check rate_info to fix unexpected reporting. [ 1215.161863] Call trace:[ 1215.164307] cfg80211_calculate_bitrate+0x124/0x200 [cfg80211][ 1215.170139] ieee80211s_update_metric+0x80/0xc0 [m...

7.8CVSS6.5AI score0.00022EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5938 views

CVE-2024-27008

In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or) value is assigned infabricate_dcb_output(), there may be out of bounds access todac_users array in case dcb->or is zero because ffs(dcb->or) isused as inde...

7.8CVSS6.2AI score0.00012EPSS
CVE
CVE
added 2024/03/11 6:15 p.m.5929 views

CVE-2024-26614

In the Linux kernel, the following vulnerability has been resolved: tcp: make sure init the accept_queue's spinlocks once When I run syz's reproduction C program locally, it causes the followingissue:pvqspinlock: lock 0xffff9d181cd5c660 has corrupted value 0x0!WARNING: CPU: 19 PID: 21160 at __pv_qu...

5.5CVSS6.4AI score0.00006EPSS
CVE
CVE
added 2024/03/11 6:15 p.m.5860 views

CVE-2023-52492

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fix NULL pointer in channel unregistration function __dma_async_device_channel_register() can fail. In case of failure,chan->local is freed (with free_percpu()), and chan->local is nullified.When dma_async_device_u...

4.4CVSS6AI score0.00006EPSS
CVE
CVE
added 2024/03/11 6:15 p.m.5856 views

CVE-2024-26612

In the Linux kernel, the following vulnerability has been resolved: netfs, fscache: Prevent Oops in fscache_put_cache() This function dereferences "cache" and then checks if it'sIS_ERR_OR_NULL(). Check first, then dereference.

5.5CVSS6.1AI score0.00009EPSS
CVE
CVE
added 2024/03/11 6:15 p.m.5843 views

CVE-2024-26608

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix global oob in ksmbd_nl_policy Similar to a reported issue (check the commit b33fb5b801c6 ("net:qualcomm: rmnet: fix global oob in rmnet_policy"), my local fuzzer findsanother global out-of-bounds read for policy ksmbd_nl...

7.8CVSS7.1AI score0.00039EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.5718 views

CVE-2024-26859

In the Linux kernel, the following vulnerability has been resolved: net/bnx2x: Prevent access to a freed page in page_pool Fix race condition leading to system crash during EEH error handling During EEH error recovery, the bnx2x driver's transmit timeout logiccould cause a race condition when handl...

4.7CVSS6.2AI score0.00005EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5709 views

CVE-2024-26982

In the Linux kernel, the following vulnerability has been resolved: Squashfs: check the inode number is not the invalid value of zero Syskiller has produced an out of bounds access in fill_meta_index(). That out of bounds access is ultimately caused because the inodehas an inode number with the inv...

7.1CVSS7.5AI score0.00029EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5703 views

CVE-2024-26973

In the Linux kernel, the following vulnerability has been resolved: fat: fix uninitialized field in nostale filehandles When fat_encode_fh_nostale() encodes file handle without a parent itstores only first 10 bytes of the file handle. However the length of thefile handle must be a multiple of 4 so ...

5.5CVSS6.1AI score0.00007EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.5695 views

CVE-2024-26862

In the Linux kernel, the following vulnerability has been resolved: packet: annotate data-races around ignore_outgoing ignore_outgoing is read locklessly from dev_queue_xmit_nit()and packet_getsockopt() Add appropriate READ_ONCE()/WRITE_ONCE() annotations. syzbot reported: BUG: KCSAN: data-race in ...

4.7CVSS6.1AI score0.00007EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5691 views

CVE-2024-26999

In the Linux kernel, the following vulnerability has been resolved: serial/pmac_zilog: Remove flawed mitigation for rx irq flood The mitigation was intended to stop the irq completely. That may bebetter than a hard lock-up but it turns out that you get a crash anywayif you're using pmac_zilog as a ...

5.5CVSS6.4AI score0.00011EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.5679 views

CVE-2022-48828

In the Linux kernel, the following vulnerability has been resolved: NFSD: Fix ia_size underflow iattr::ia_size is a loff_t, which is a signed 64-bit type. NFSv3 andNFSv4 both define file size as an unsigned 64-bit type. Thus thereis a range of valid file size values an NFS client can send that isal...

5.5CVSS6.6AI score0.00034EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5670 views

CVE-2024-26931

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix command flush on cable pull System crash due to command failed to flush back to SCSI layer. BUG: unable to handle kernel NULL pointer dereference at 0000000000000000PGD 0 P4D 0Oops: 0000 [#1] SMP NOPTICPU: 27 PID...

5.5CVSS6.5AI score0.00007EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.5637 views

CVE-2024-26872

In the Linux kernel, the following vulnerability has been resolved: RDMA/srpt: Do not register event handler until srpt device is fully setup Upon rare occasions, KASAN reports a use-after-free Writein srpt_refresh_port(). This seems to be because an event handler is registered before thesrpt devic...

7CVSS6.3AI score0.00012EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.5610 views

CVE-2024-26874

In the Linux kernel, the following vulnerability has been resolved: drm/mediatek: Fix a null pointer crash in mtk_drm_crtc_finish_page_flip It's possible that mtk_crtc->event is NULL inmtk_drm_crtc_finish_page_flip(). pending_needs_vblank value is set by mtk_crtc->event, but inmtk_drm_crtc_at...

4.7CVSS6.3AI score0.00013EPSS
CVE
CVE
added 2024/04/01 9:15 a.m.5558 views

CVE-2024-26653

In the Linux kernel, the following vulnerability has been resolved: usb: misc: ljca: Fix double free in error handling path When auxiliary_device_add() returns error and then callsauxiliary_device_uninit(), callback function ljca_auxdev_releasecalls kfree(auxdev->dev.platform_data) to free the p...

7.8CVSS6.8AI score0.00019EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.5524 views

CVE-2024-26876

In the Linux kernel, the following vulnerability has been resolved: drm/bridge: adv7511: fix crash on irq during probe Moved IRQ registration down to end of adv7511_probe(). If an IRQ already is pending during adv7511_probe(before adv7511_cec_init) then cec_received_msg_tscould crash using uninitia...

5.5CVSS6.3AI score0.00011EPSS
CVE
CVE
added 2024/05/01 6:15 a.m.5496 views

CVE-2024-26954

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix slab-out-of-bounds in smb_strndup_from_utf16() If ->NameOffset of smb2_create_req is smaller than Buffer offset ofsmb2_create_req, slab-out-of-bounds read can happen from smb2_open.This patch set the minimum value of ...

7.1CVSS6.7AI score0.00009EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.5485 views

CVE-2024-27079

In the Linux kernel, the following vulnerability has been resolved: iommu/vt-d: Fix NULL domain on device release In the kdump kernel, the IOMMU operates in deferred_attach mode. In thismode, info->domain may not yet be assigned by the time the release_devicefunction is called. It leads to the f...

5.5CVSS6.5AI score0.00008EPSS
CVE
CVE
added 2024/02/29 6:15 a.m.5480 views

CVE-2023-52480

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix race condition between session lookup and expire Thread A + Thread Bksmbd_session_lookup | smb2_sess_setupsess = xa_load ||| xa_erase(&conn->sessions, sess->id);|| ksmbd_session_destroy(sess) --> kfree(sess)|// ...

7CVSS6.3AI score0.00012EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.5475 views

CVE-2021-47031

In the Linux kernel, the following vulnerability has been resolved: mt76: mt7921: fix memory leak in mt7921_coredump_work Fix possible memory leak in mt7921_coredump_work.

4.3CVSS4.4AI score0.00116EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.5453 views

CVE-2021-47047

In the Linux kernel, the following vulnerability has been resolved: spi: spi-zynqmp-gqspi: return -ENOMEM if dma_map_single fails The spi controller supports 44-bit address space on AXI in DMA mode,so set dma_addr_t width to 44-bit to avoid using a swiotlb mapping.In addition, if dma_map_single fai...

5.5CVSS6.4AI score0.00018EPSS
Total number of security vulnerabilities8330