Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2022/03/23 8:15 p.m.167 views

CVE-2021-4150

A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk.

5.5CVSS5.3AI score0.00043EPSS
CVE
CVE
added 2022/08/31 4:15 p.m.167 views

CVE-2022-1205

A NULL pointer dereference flaw was found in the Linux kernel’s Amateur Radio AX.25 protocol functionality in the way a user connects with the protocol. This flaw allows a local user to crash the system.

4.7CVSS5.5AI score0.00024EPSS
CVE
CVE
added 2022/09/30 6:15 a.m.167 views

CVE-2022-41849

drivers/video/fbdev/smscufx.c in the Linux kernel through 5.19.12 has a race condition and resultant use-after-free if a physically proximate attacker removes a USB device while calling open(), aka a race condition between ufx_ops_open and ufx_usb_disconnect.

4.2CVSS6.2AI score0.00051EPSS
CVE
CVE
added 2024/05/30 4:15 p.m.167 views

CVE-2024-36886

In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro Zero Day Initiative reporteda UAF in the tipc_buf_append() error path: BUG: KASAN: slab-use-after-free in kfree_skb_list_reason+0x47e/0x4c0linux/net/core/skbuff....

8.1CVSS8.2AI score0.00961EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.167 views

CVE-2024-42223

In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: tda10048: Fix integer overflow state->xtal_hz can be up to 16M, so it can overflow a 32 bit integerwhen multiplied by pll_mfactor. Create a new 64 bit variable to hold the calculations.

5.5CVSS6.8AI score0.00064EPSS
CVE
CVE
added 2016/06/27 10:59 a.m.166 views

CVE-2016-5829

Multiple heap-based buffer overflows in the hiddev_ioctl_usage function in drivers/hid/usbhid/hiddev.c in the Linux kernel through 4.6.3 allow local users to cause a denial of service or possibly have unspecified other impact via a crafted (1) HIDIOCGUSAGES or (2) HIDIOCSUSAGES ioctl call.

7.8CVSS7.8AI score0.00053EPSS
CVE
CVE
added 2017/11/14 5:29 p.m.166 views

CVE-2017-6264

An elevation of privilege vulnerability exists in the NVIDIA GPU driver (gm20b_clk_throt_set_cdev_state), where an out of bound memory read is used as a function pointer could lead to code execution in the kernel.This issue is rated as high because it could allow a local malicious application to ex...

9.3CVSS7.2AI score0.00404EPSS
CVE
CVE
added 2017/04/10 2:59 p.m.166 views

CVE-2017-7616

Incorrect error handling in the set_mempolicy and mbind compat syscalls in mm/mempolicy.c in the Linux kernel through 4.10.9 allows local users to obtain sensitive information from uninitialized stack data by triggering failure of a certain bitmap operation.

5.5CVSS5.8AI score0.00082EPSS
CVE
CVE
added 2019/11/29 4:15 p.m.166 views

CVE-2019-19377

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.

7.8CVSS7.1AI score0.00386EPSS
CVE
CVE
added 2021/03/09 6:15 p.m.166 views

CVE-2021-20268

An out-of-bounds access flaw was found in the Linux kernel's implementation of the eBPF code verifier in the way a user running the eBPF script calls dev_map_init_map or sock_map_alloc. This flaw allows a local user to crash the system or possibly escalate their privileges. The highest threat from ...

7.8CVSS8.4AI score0.00179EPSS
CVE
CVE
added 2022/07/05 1:15 p.m.166 views

CVE-2022-33743

network backend may cause Linux netfront to use freed SKBs While adding logic to support XDP (eXpress Data Path), a code label was moved in a way allowing for SKBs having references (pointers) retained for further processing to nevertheless be freed.

7.8CVSS7.5AI score0.00024EPSS
CVE
CVE
added 2022/10/21 6:15 a.m.166 views

CVE-2022-3625

A vulnerability was found in Linux Kernel. It has been classified as critical. This affects the function devlink_param_set/devlink_param_get of the file net/core/devlink.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The ide...

7.8CVSS6.5AI score0.00015EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.166 views

CVE-2022-48655

In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scmi: Harden accesses to the reset domains Accessing reset domains descriptors by the index upon the SCMI driversrequests through the SCMI reset operations interface can potentiallylead to out-of-bound violations if t...

8.1CVSS6.4AI score0.00039EPSS
CVE
CVE
added 2023/03/01 7:15 p.m.166 views

CVE-2023-23000

In the Linux kernel before 5.17, drivers/phy/tegra/xusb.c mishandles the tegra_xusb_find_port_node return value. Callers expect NULL in the error case, but an error pointer is used.

5.5CVSS5.8AI score0.00011EPSS
CVE
CVE
added 2024/03/18 11:15 a.m.166 views

CVE-2023-52614

In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer overflow in trans_stat_show(). Convert simple snprintf to the more secure scnprintf with size ofPAGE_SIZE. Add condition checking if we are exceeding PAGE_SIZE and exi...

7.8CVSS6.7AI score0.00012EPSS
CVE
CVE
added 2013/11/20 1:19 p.m.165 views

CVE-2013-4563

The udp6_ufo_fragment function in net/ipv6/udp_offload.c in the Linux kernel through 3.12, when UDP Fragmentation Offload (UFO) is enabled, does not properly perform a certain size comparison before inserting a fragment header, which allows remote attackers to cause a denial of service (panic) via ...

7.1CVSS5.7AI score0.01558EPSS
CVE
CVE
added 2019/01/31 9:29 a.m.165 views

CVE-2017-18360

In change_port_settings in drivers/usb/serial/io_ti.c in the Linux kernel before 4.11.3, local users could cause a denial of service by division-by-zero in the serial device layer by trying to set very high baud rates.

5.5CVSS5.5AI score0.00082EPSS
CVE
CVE
added 2021/05/28 11:15 a.m.165 views

CVE-2021-20239

A flaw was found in the Linux kernel in versions before 5.4.92 in the BPF protocol. This flaw allows an attacker with a local account to leak information about kernel internal addresses. The highest threat from this vulnerability is to confidentiality.

3.3CVSS4.4AI score0.00087EPSS
CVE
CVE
added 2022/08/24 4:15 p.m.165 views

CVE-2021-4204

An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

7.1CVSS6.5AI score0.00719EPSS
CVE
CVE
added 2023/03/29 9:15 p.m.165 views

CVE-2023-1652

A use-after-free flaw was found in nfsd4_ssc_setup_dul in fs/nfsd/nfs4proc.c in the NFS filesystem in the Linux Kernel. This issue could allow a local attacker to crash the system or it may lead to a kernel information leak problem.

7.1CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2018/07/27 4:29 a.m.164 views

CVE-2018-14609

An issue was discovered in the Linux kernel through 4.17.10. There is an invalid pointer dereference in __del_reloc_root() in fs/btrfs/relocation.c when mounting a crafted btrfs image, related to removing reloc rb_trees when reloc control has not been initialized.

7.1CVSS5.8AI score0.00272EPSS
CVE
CVE
added 2018/03/09 3:29 p.m.164 views

CVE-2018-7995

Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a /sys/devices/system/machinecheck/machinecheck dir...

4.7CVSS5.7AI score0.00032EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.164 views

CVE-2024-26901

In the Linux kernel, the following vulnerability has been resolved: do_sys_name_to_handle(): use kzalloc() to fix kernel-infoleak syzbot identified a kernel information leak vulnerability indo_sys_name_to_handle() and issued the following report [1]. [1]"BUG: KMSAN: kernel-infoleak in instrument_co...

5.5CVSS5.8AI score0.0003EPSS
CVE
CVE
added 2016/02/08 3:59 a.m.163 views

CVE-2013-4312

The Linux kernel before 4.4.1 allows local users to bypass file-descriptor limits and cause a denial of service (memory consumption) by sending each descriptor over a UNIX socket before closing it, related to net/unix/af_unix.c and net/unix/garbage.c.

6.2CVSS5.7AI score0.00027EPSS
CVE
CVE
added 2015/08/31 10:59 a.m.163 views

CVE-2015-5364

The (1) udp_recvmsg and (2) udpv6_recvmsg functions in the Linux kernel before 4.0.6 do not properly consider yielding a processor, which allows remote attackers to cause a denial of service (system hang) via incorrect checksums within a UDP packet flood.

7.8CVSS5.7AI score0.21228EPSS
CVE
CVE
added 2016/11/16 5:59 a.m.163 views

CVE-2015-8964

The tty_set_termios_ldisc function in drivers/tty/tty_ldisc.c in the Linux kernel before 4.5 allows local users to obtain sensitive information from kernel memory by reading a tty data structure.

7.1CVSS6.1AI score0.00173EPSS
CVE
CVE
added 2017/03/23 4:59 p.m.163 views

CVE-2017-5897

The ip6gre_err function in net/ipv6/ip6_gre.c in the Linux kernel allows remote attackers to have unspecified impact via vectors involving GRE flags in an IPv6 packet, which trigger an out-of-bounds access.

9.8CVSS8.3AI score0.01998EPSS
CVE
CVE
added 2018/07/27 6:29 p.m.163 views

CVE-2018-10882

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bound write in in fs/jbd2/transaction.c code, a denial of service, and a system crash by unmounting a crafted ext4 filesystem image.

5.5CVSS5.9AI score0.00075EPSS
CVE
CVE
added 2019/06/03 10:29 p.m.163 views

CVE-2019-12615

An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow an attacker to cause a denial of service (NULL pointer dereference and system crash).

7.8CVSS7AI score0.02025EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.163 views

CVE-2019-19531

In the Linux kernel before 5.2.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/yurex.c driver, aka CID-fc05481b2fca.

6.8CVSS7.3AI score0.00098EPSS
CVE
CVE
added 2022/11/25 4:15 a.m.163 views

CVE-2022-45884

An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.

7CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/03/06 7:15 a.m.163 views

CVE-2023-52606

In the Linux kernel, the following vulnerability has been resolved: powerpc/lib: Validate size for vector operations Some of the fp/vmx code in sstep.c assume a certain maximum size for theinstructions being emulated. The size of those operations however isdetermined separately in analyse_instr(). ...

5.5CVSS6.1AI score0.00014EPSS
CVE
CVE
added 2024/11/19 6:15 p.m.163 views

CVE-2024-53055

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: fix 6 GHz scan construction If more than 255 colocated APs exist for the set of allAPs found during 2.4/5 GHz scanning, then the 6 GHz scanconstruction will loop forever since the loop variablehas type u8, which...

5.5CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2012/10/03 11:2 a.m.162 views

CVE-2011-1833

Race condition in the ecryptfs_mount function in fs/ecryptfs/main.c in the eCryptfs subsystem in the Linux kernel before 3.1 allows local users to bypass intended file permissions via a mount.ecryptfs_private mount with a mismatched uid.

3.3CVSS6.7AI score0.00031EPSS
CVE
CVE
added 2017/12/07 12:29 a.m.162 views

CVE-2017-17450

net/netfilter/xt_osf.c in the Linux kernel through 4.14.4 does not require the CAP_NET_ADMIN capability for add_callback and remove_callback operations, which allows local users to bypass intended access restrictions because the xt_osf_fingers data structure is shared across all net namespaces.

7.8CVSS6.7AI score0.00054EPSS
CVE
CVE
added 2017/02/14 6:59 a.m.162 views

CVE-2017-5967

The time subsystem in the Linux kernel through 4.9.9, when CONFIG_TIMER_STATS is enabled, allows local users to discover real PID values (as distinguished from PID values inside a PID namespace) by reading the /proc/timer_list file, related to the print_timer function in kernel/time/timer_list.c an...

4CVSS5AI score0.00048EPSS
CVE
CVE
added 2022/10/21 6:15 p.m.162 views

CVE-2022-3646

A vulnerability, which was classified as problematic, has been found in Linux Kernel. This issue affects the function nilfs_attach_log_writer of the file fs/nilfs2/segment.c of the component BPF. The manipulation leads to memory leak. The attack may be initiated remotely. It is recommended to apply...

4.3CVSS6.5AI score0.00356EPSS
CVE
CVE
added 2017/03/07 9:59 p.m.161 views

CVE-2016-10200

Race condition in the L2TPv3 IP Encapsulation feature in the Linux kernel before 4.8.14 allows local users to gain privileges or cause a denial of service (use-after-free) by making multiple bind system calls without properly ascertaining whether a socket has the SOCK_ZAPPED status, related to net/...

7CVSS6.8AI score0.00029EPSS
CVE
CVE
added 2016/10/16 9:59 p.m.161 views

CVE-2016-7039

The IP stack in the Linux kernel through 4.8.2 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for large crafted packets, as demonstrated by packets that contain only VLAN headers, a relat...

7.8CVSS7.8AI score0.0352EPSS
CVE
CVE
added 2018/01/11 7:29 a.m.161 views

CVE-2018-5332

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

7.8CVSS7.4AI score0.00079EPSS
CVE
CVE
added 2019/12/03 4:15 p.m.161 views

CVE-2019-19525

In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.

4.9CVSS6AI score0.00055EPSS
CVE
CVE
added 2021/08/08 8:15 p.m.161 views

CVE-2021-38206

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.

5.5CVSS6AI score0.00065EPSS
CVE
CVE
added 2023/02/22 5:15 p.m.161 views

CVE-2023-23039

An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() and vcc_remove().

5.7CVSS5.2AI score0.00018EPSS
CVE
CVE
added 2024/03/18 11:15 a.m.161 views

CVE-2023-52619

In the Linux kernel, the following vulnerability has been resolved: pstore/ram: Fix crash when setting number of cpus to an odd number When the number of cpu cores is adjusted to 7 or other odd numbers,the zone size will become an odd number.The address of the zone will become:addr of zone0 = BASEa...

5.5CVSS6.1AI score0.00013EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.161 views

CVE-2024-44995

In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix a deadlock problem when config TC during resetting When config TC during the reset process, may cause a deadlock, the flow isas below:pf reset start│▼......setup tc ││ ▼▼ DOWN: napi_disable()napi_disable()(skip) ││ │...

5.5CVSS5.7AI score0.00054EPSS
CVE
CVE
added 2024/12/06 10:15 a.m.161 views

CVE-2024-53142

In the Linux kernel, the following vulnerability has been resolved: initramfs: avoid filename buffer overrun The initramfs filename field is defined inDocumentation/driver-api/early-userspace/buffer-format.rst as: 37 cpio_file := ALGN(4) + cpio_header + filename + "\0" + ALGN(4) + data...55 =======...

7.8CVSS6.9AI score0.00035EPSS
CVE
CVE
added 2025/01/19 11:15 a.m.161 views

CVE-2025-21631

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix waker_bfqq UAF after bfq_split_bfqq() Our syzkaller report a following UAF for v6.6: BUG: KASAN: slab-use-after-free in bfq_init_rq+0x175d/0x17a0 block/bfq-iosched.c:6958Read of size 8 at addr ffff8881b57147d8 by ta...

7.8CVSS7AI score0.00025EPSS
CVE
CVE
added 2015/11/16 9:59 p.m.160 views

CVE-2015-8215

net/ipv6/addrconf.c in the IPv6 stack in the Linux kernel before 4.0 does not validate attempted changes to the MTU value, which allows context-dependent attackers to cause a denial of service (packet loss) via a value that is (1) smaller than the minimum compliant value or (2) larger than the MTU ...

5CVSS5.9AI score0.06239EPSS
CVE
CVE
added 2016/10/16 9:59 p.m.160 views

CVE-2016-7097

The filesystem implementation in the Linux kernel through 4.8.2 preserves the setgid bit during a setxattr call, which allows local users to gain group privileges by leveraging the existence of a setgid program with restrictions on execute permissions.

4.4CVSS6AI score0.00053EPSS
CVE
CVE
added 2017/06/19 4:29 p.m.160 views

CVE-2017-1000365

The Linux Kernel imposes a size restriction on the arguments and environmental strings passed through RLIMIT_STACK/RLIM_INFINITY (1/4 of the size), but does not take the argument and environment pointers into account, which allows attackers to bypass this limitation. This affects Linux Kernel versi...

7.8CVSS7.5AI score0.00082EPSS
Total number of security vulnerabilities10741