Lucene search

K

2811 matches found

CVE
CVE
added 2025/05/20 4:15 p.m.25 views

CVE-2025-37961

In the Linux kernel, the following vulnerability has been resolved: ipvs: fix uninit-value for saddr in do_output_route4 syzbot reports for uninit-value for the saddr argument [1].commit 4754957f04f5 ("ipvs: do not use random local source address fortunnels") already implies that the input value of...

6.5AI score0.00037EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.25 views

CVE-2025-37964

In the Linux kernel, the following vulnerability has been resolved: x86/mm: Eliminate window where TLB flushes may be inadvertently skipped tl;dr: There is a window in the mm switching code where the new CR3 isset and the CPU should be getting TLB flushes for the new mm. Butshould_flush_tlb() has a...

7AI score0.00051EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.25 views

CVE-2025-37975

In the Linux kernel, the following vulnerability has been resolved: riscv: module: Fix out-of-bounds relocation access The current code allows rel[j] to access one element past the end of therelocation section. Simplify to num_relocations which is equivalent tothe existing size expression.

6.7AI score0.00024EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.25 views

CVE-2025-37981

In the Linux kernel, the following vulnerability has been resolved: scsi: smartpqi: Use is_kdump_kernel() to check for kdump The smartpqi driver checks the reset_devices variable to determinewhether special adjustments need to be made for kdump. This has theeffect that after a regular kexec reboot,...

6.8AI score0.00024EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.24 views

CVE-2024-57992

In the Linux kernel, the following vulnerability has been resolved: wifi: wilc1000: unregister wiphy only if it has been registered There is a specific error path in probe functions in wilc drivers (bothsdio and spi) which can lead to kernel panic, as this one for examplewhen using SPI: Unable to h...

6.5AI score0.00036EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.24 views

CVE-2025-37946

In the Linux kernel, the following vulnerability has been resolved: s390/pci: Fix duplicate pci_dev_put() in disable_slot() when PF has child VFs With commit bcb5d6c76903 ("s390/pci: introduce lock to synchronize stateof zpci_dev's") the code to ignore power off of a PF that has child VFswas change...

6.7AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.24 views

CVE-2025-37958

In the Linux kernel, the following vulnerability has been resolved: mm/huge_memory: fix dereferencing invalid pmd migration entry When migrating a THP, concurrent access to the PMD migration entry duringa deferred split scan can lead to an invalid address access, asillustrated below. To prevent thi...

6.3AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.23 views

CVE-2022-50066

In the Linux kernel, the following vulnerability has been resolved: net: atlantic: fix aq_vec index out of range error The final update statement of the for loop exceeds the array range, thedereference of self->aq_vec[i] is not checked and then leads to theindex out of range error.Also fixed thi...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.23 views

CVE-2025-37897

In the Linux kernel, the following vulnerability has been resolved: wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release plfxlc_mac_release() asserts that mac->lock is held. This assertion isincorrect, because even if it was possible, it would not be the validbehaviour. The function is us...

6.4AI score0.00037EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.23 views

CVE-2025-37900

In the Linux kernel, the following vulnerability has been resolved: iommu: Fix two issues in iommu_copy_struct_from_user() In the review for iommu_copy_struct_to_user() helper, Matt pointed out thata NULL pointer should be rejected prior to dereferencing it:https://lore.kernel.org/all/86881827-8E2D...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.23 views

CVE-2025-37933

In the Linux kernel, the following vulnerability has been resolved: octeon_ep: Fix host hang issue during device reboot When the host loses heartbeat messages from the device,the driver calls the device-specific ndo_stop function,which frees the resources. If the driver is unloaded inthis scenario,...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.23 views

CVE-2025-37962

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix memory leak in parse_lease_state() The previous patch that added bounds check for create lease contextintroduced a memory leak. When the bounds check fails, the functionreturns NULL without freeing the previously allocat...

6.5AI score0.00037EPSS
CVE
CVE
added 2025/06/20 12:15 p.m.23 views

CVE-2025-38083

In the Linux kernel, the following vulnerability has been resolved: net_sched: prio: fix a race in prio_tune() Gerrard Tai reported a race condition in PRIO, whenever SFQ perturb timerfires at the wrong time. The race is as follows: CPU 0 CPU 1[1]: lock root[2]: qdisc_tree_flush_backlog()[3]: unloc...

6.5AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.22 views

CVE-2022-50100

In the Linux kernel, the following vulnerability has been resolved: sched/core: Do not requeue task on CPU excluded from cpus_mask The following warning was triggered on a large machine early in boot ona distribution kernel but the same problem should also affect mainline. WARNING: CPU: 439 PID: 10...

6.3AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.22 views

CVE-2025-37922

In the Linux kernel, the following vulnerability has been resolved: book3s64/radix : Align section vmemmap start address to PAGE_SIZE A vmemmap altmap is a device-provided region used to providebacking storage for struct pages. For each namespace, the altmapshould belong to that same namespace. If ...

6.2AI score0.00025EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.22 views

CVE-2025-37973

In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix out-of-bounds access during multi-link element defragmentation Currently during the multi-link element defragmentation process, themulti-link element length added to the total IEs length when calculatingthe leng...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.21 views

CVE-2022-49951

In the Linux kernel, the following vulnerability has been resolved: firmware_loader: Fix use-after-free during unregister In the following code within firmware_upload_unregister(), the call todevice_unregister() could result in the dev_release function freeing thefw_upload_priv structure before it ...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.21 views

CVE-2022-50088

In the Linux kernel, the following vulnerability has been resolved: mm/damon/reclaim: fix potential memory leak in damon_reclaim_init() damon_reclaim_init() allocates a memory chunk for ctx withdamon_new_ctx(). When damon_select_ops() fails, ctx is not released,which will lead to a memory leak. We ...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.21 views

CVE-2025-37916

In the Linux kernel, the following vulnerability has been resolved: pds_core: remove write-after-free of client_id A use-after-free error popped up in stress testing: [Mon Apr 21 21:21:33 2025] BUG: KFENCE: use-after-free write in pdsc_auxbus_dev_del+0xef/0x160 [pds_core][Mon Apr 21 21:21:33 2025] ...

6.7AI score0.00026EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.21 views

CVE-2025-37939

In the Linux kernel, the following vulnerability has been resolved: libbpf: Fix accessing BTF.ext core_relo header Update btf_ext_parse_info() to ensure the core_relo header is presentbefore reading its fields. This avoids a potential buffer read overflowreported by the OSS Fuzz project.

6.6AI score0.00024EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.21 views

CVE-2025-37965

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix invalid context error in dml helper [Why]"BUG: sleeping function called from invalid context" error.after:"drm/amd/display: Protect FPU in dml2_validate()/dml21_validate()" The populate_dml_plane_cfg_from_plane...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.20 views

CVE-2022-50020

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid resizing to a partial cluster size This patch avoids an attempt to resize the filesystem to anunaligned cluster boundary. An online resize to a size that is notintegral to cluster size results in the last iteration atte...

6.3AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.20 views

CVE-2022-50117

In the Linux kernel, the following vulnerability has been resolved: vfio: Split migration ops from main device ops vfio core checks whether the driver sets some migration op (e.g.set_state/get_state) and accordingly calls its op. However, currently mlx5 driver sets the above ops without regards to ...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.20 views

CVE-2025-37934

In the Linux kernel, the following vulnerability has been resolved: ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction Actually check if the passed pointers are valid, before writing to them.This also fixes a USBAN warning:UBSAN: invalid-load in ../sound/soc/fsl/imx-card....

6.5AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.20 views

CVE-2025-37935

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM If the mtk_poll_rx() function detects the MTK_RESETTING flag, it willjump to release_desc and refill the high word of the SDP on the 4GB RFB.Subsequently, mtk_rx_clean will pr...

6.6AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.20 views

CVE-2025-37942

In the Linux kernel, the following vulnerability has been resolved: HID: pidff: Make sure to fetch pool before checking SIMULTANEOUS_MAX As noted by Anssi some 20 years ago, pool report is sometimes messed up.This worked fine on many devices but casued oops on VRS DirectForce PRO. Here, we're makin...

6.7AI score0.00025EPSS
CVE
CVE
added 2025/06/30 8:15 a.m.20 views

CVE-2025-38089

In the Linux kernel, the following vulnerability has been resolved: sunrpc: handle SVC_GARBAGE during svc auth processing as auth error tianshuo han reported a remotely-triggerable crash if the client sends akernel RPC server a specially crafted packet. If decoding the RPC replyfails in such a way ...

6.4AI score0.00161EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-49991

In the Linux kernel, the following vulnerability has been resolved: mm/hugetlb: avoid corrupting page->mapping in hugetlb_mcopy_atomic_pte In MCOPY_ATOMIC_CONTINUE case with a non-shared VMA, pages in the pagecache are installed in the ptes. But hugepage_add_new_anon_rmap is calledfor them mista...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-49998

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix locking in rxrpc's sendmsg Fix three bugs in the rxrpc's sendmsg implementation: (1) rxrpc_new_client_call() should release the socket lock when returningan error from rxrpc_get_call_slot(). (2) rxrpc_wait_for_tx_window_...

6.8AI score0.00025EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50029

In the Linux kernel, the following vulnerability has been resolved: clk: qcom: ipq8074: dont disable gcc_sleep_clk_src Once the usb sleep clocks are disabled, clock framework is trying todisable the sleep clock source also. However, it seems that it cannot be disabled and trying to do so produces:[...

6.4AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50044

In the Linux kernel, the following vulnerability has been resolved: net: qrtr: start MHI channel after endpoit creation MHI channel may generates event/interrupt right after enabling.It may leads to 2 race conditions issues. Such event may be dropped by qcom_mhi_qrtr_dl_callback() at check: if (!qd...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50095

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: Cleanup CPU timers before freeing them during exec Commit 55e8c8eb2c7b ("posix-cpu-timers: Store a reference to a pid not atask") started looking up tasks by PID when deleting a CPU timer. When a non-leader thread...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50151

In the Linux kernel, the following vulnerability has been resolved: usb: cdns3: fix random warning message when driver load Warning log:[ 4.141392] Unexpected gfp: 0x4 (GFP_DMA32). Fixing up to gfp: 0xa20 (GFP_ATOMIC). Fix your code![ 4.150340] CPU: 1 PID: 175 Comm: 1-0050 Not tainted 5.15.5-00039-...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50200

In the Linux kernel, the following vulnerability has been resolved: selinux: Add boundary check in put_entry() Just like next_entry(), boundary check is necessary to prevent memoryout-of-bound access.

6.5AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.19 views

CVE-2022-50201

In the Linux kernel, the following vulnerability has been resolved: selinux: fix memleak in security_read_state_kernel() In this function, it directly returns the result of __security_read_policywithout freeing the allocated memory in *data, cause memory leak issue,so free the memory if __security_...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.19 views

CVE-2025-37895

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix error handling path in bnxt_init_chip() WARN_ON() is triggered in __flush_work() if bnxt_init_chip() failsbecause we call cancel_work_sync() on dim work that has not beeninitialized. WARNING: CPU: 37 PID: 5223 at kerne...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.19 views

CVE-2025-37910

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations On Adva boards, SMA sysfs store/get operations can call__handle_signal_outputs() or __handle_signal_inputs() while the irigand dcf pointers are uninitialized, leadin...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.19 views

CVE-2025-37919

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot Update chip data using dev_get_drvdata(dev->parent) to fixNULL pointer deref in acp_i2s_set_tdm_slot.

6.5AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.19 views

CVE-2025-37955

In the Linux kernel, the following vulnerability has been resolved: virtio-net: free xsk_buffs on error in virtnet_xsk_pool_enable() The selftests added to our CI by Bui Quang Minh recently revealsthat there is a mem leak on the error path of virtnet_xsk_pool_enable(): unreferenced object 0xffff888...

6.9AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.18 views

CVE-2022-49960

In the Linux kernel, the following vulnerability has been resolved: drm/i915: fix null pointer dereference Asus chromebook CX550 crashes during boot on v5.17-rc1 kernel.The root cause is null pointer defeference of bi_nextin tgl_get_bw_info() in drivers/gpu/drm/i915/display/intel_bw.c. BUG: kernel ...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.18 views

CVE-2022-50069

In the Linux kernel, the following vulnerability has been resolved: BPF: Fix potential bad pointer dereference in bpf_sys_bpf() The bpf_sys_bpf() helper function allows an eBPF program to load anothereBPF program from within the kernel. In this case the argument unionbpf_attr pointer (as well as th...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.18 views

CVE-2022-50190

In the Linux kernel, the following vulnerability has been resolved: spi: Fix simplification of devm_spi_register_controller This reverts commit 59ebbe40fb51 ("spi: simplifydevm_spi_register_controller"). If devm_add_action() fails in devm_add_action_or_reset(),devm_spi_unregister() will be called, ...

6.5AI score0.00025EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.18 views

CVE-2025-37894

In the Linux kernel, the following vulnerability has been resolved: net: use sock_gen_put() when sk_state is TCP_TIME_WAIT It is possible for a pointer of type struct inet_timewait_sock to bereturned from the functions __inet_lookup_established() and__inet6_lookup_established(). This can cause a cr...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/05/20 4:15 p.m.18 views

CVE-2025-37941

In the Linux kernel, the following vulnerability has been resolved: ASoC: codecs: wcd937x: fix a potential memory leak in wcd937x_soc_codec_probe() When snd_soc_dapm_new_controls() or snd_soc_dapm_add_routes() fails,wcd937x_soc_codec_probe() returns without releasing 'wcd937x->clsh_info',which i...

7AI score0.00025EPSS
CVE
CVE
added 2025/05/20 5:15 p.m.18 views

CVE-2025-37971

In the Linux kernel, the following vulnerability has been resolved: staging: bcm2835-camera: Initialise dev in v4l2_dev Commit 42a2f6664e18 ("staging: vc04_services: Move global g_state tovchiq_state") changed mmal_init to pass dev->v4l2_dev.dev tovchiq_mmal_init, however nothing iniitialised de...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.17 views

CVE-2022-49961

In the Linux kernel, the following vulnerability has been resolved: bpf: Do mark_chain_precision for ARG_CONST_ALLOC_SIZE_OR_ZERO Precision markers need to be propagated whenever we have an ARG_CONST_*style argument, as the verifier cannot consider imprecise scalars to beequivalent for the purposes...

6.4AI score0.00028EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.17 views

CVE-2022-49969

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: clear optc underflow before turn off odm clock [Why]After ODM clock off, optc underflow bit will be kept there always and clear not work.We need to clear that before clock off. [How]Clear that if have when clock of...

6.5AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.17 views

CVE-2022-50035

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Fix use-after-free on amdgpu_bo_list mutex If amdgpu_cs_vm_handling returns r != 0, then it will unlock thebo_list_mutex inside the function amdgpu_cs_vm_handling and again onamdgpu_cs_parser_fini. This problem results ...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.17 views

CVE-2022-50072

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pnfs: Fix a use-after-free bug in open If someone cancels the open RPC call, then we must not try to freeeither the open slot or the layoutget operation arguments, since theyare likely still in use by the hung RPC call.

6.5AI score0.00035EPSS
CVE
CVE
added 2025/06/18 11:15 a.m.17 views

CVE-2022-50115

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: ipc3-topology: Prevent double freeing of ipc_control_data via load_bytes We have sanity checks for byte controls and if any of the fail the locallyallocated scontrol->ipc_control_data is freed up, but not set to NULL....

6.9AI score0.00024EPSS
Total number of security vulnerabilities2811