Lucene search

K

4367 matches found

CVE
CVE
added 2024/10/21 8:15 p.m.73 views

CVE-2022-49022

In the Linux kernel, the following vulnerability has been resolved: wifi: mac8021: fix possible oob access in ieee80211_get_rate_duration Fix possible out-of-bound access in ieee80211_get_rate_duration routineas reported by the following UBSAN report: UBSAN: array-index-out-of-bounds in net/mac8021...

7.8CVSS7.3AI score0.00036EPSS
CVE
CVE
added 2024/03/02 10:15 p.m.73 views

CVE-2023-52499

In the Linux kernel, the following vulnerability has been resolved: powerpc/47x: Fix 47x syscall return crash Eddie reported that newer kernels were crashing during boot on his 476FSP2 system: kernel tried to execute user page (b7ee2000) - exploit attempt? (uid: 0)BUG: Unable to handle kernel instr...

5.5CVSS6.8AI score0.00018EPSS
CVE
CVE
added 2024/03/02 10:15 p.m.73 views

CVE-2023-52561

In the Linux kernel, the following vulnerability has been resolved: arm64: dts: qcom: sdm845-db845c: Mark cont splash memory region as reserved Adding a reserved memory region for the framebuffer memory(the splash memory region set up by the bootloader). It fixes a kernel panic (arm-smmu: Unhandled...

5.5CVSS6.1AI score0.00011EPSS
CVE
CVE
added 2024/03/18 11:15 a.m.73 views

CVE-2023-52611

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw88: sdio: Honor the host max_req_size in the RX path Lukas reports skb_over_panic errors on his Banana Pi BPI-CM4 which comeswith an Amlogic A311D (G12B) SoC and a RTL8822CS SDIO wifi/Bluetoothcombo card. The error he obse...

5.5CVSS6.8AI score0.00009EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.73 views

CVE-2023-52766

In the Linux kernel, the following vulnerability has been resolved: i3c: mipi-i3c-hci: Fix out of bounds access in hci_dma_irq_handler Do not loop over ring headers in hci_dma_irq_handler() that are notallocated and enabled in hci_dma_init(). Otherwise out of bounds accesswill occur from rings->...

7.1CVSS6.8AI score0.00038EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.73 views

CVE-2023-52846

In the Linux kernel, the following vulnerability has been resolved: hsr: Prevent use after free in prp_create_tagged_frame() The prp_fill_rct() function can fail. In that situation, it frees theskb and returns NULL. Meanwhile on the success path, it returns theoriginal skb. So it's straight forward...

7.8CVSS6.9AI score0.00013EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.73 views

CVE-2024-26699

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix array-index-out-of-bounds in dcn35_clkmgr [Why]There is a potential memory access violation whileiterating through array of dcn35 clks. [How]Limit iteration per array size.

7.8CVSS6.6AI score0.0004EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.73 views

CVE-2024-26705

In the Linux kernel, the following vulnerability has been resolved: parisc: BTLB: Fix crash when setting up BTLB at CPU bringup When using hotplug and bringing up a 32-bit CPU, ask the firmware about theBTLB information to set up the static (block) TLB entries. For that write access to the static b...

5.5CVSS6.4AI score0.00021EPSS
CVE
CVE
added 2024/04/04 9:15 a.m.73 views

CVE-2024-26745

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/iommu: IOMMU table is not initialized for kdump over SR-IOV When kdump kernel tries to copy dump data over SR-IOV, LPAR panics dueto NULL pointer exception: Kernel attempted to read user page (0) - exploit attempt? ...

4.4CVSS5.6AI score0.00009EPSS
CVE
CVE
added 2024/04/17 4:15 p.m.73 views

CVE-2024-26914

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: fix incorrect mpc_combine array size [why]MAX_SURFACES is per stream, while MAX_PLANES is per asic. Thempc_combine is an array that records all the planes per asic. ThereforeMAX_PLANES should be used as the array s...

7.1AI score0.00047EPSS
CVE
CVE
added 2024/05/17 12:15 p.m.73 views

CVE-2024-27405

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: ncm: Avoid dropping datagrams of properly parsed NTBs It is observed sometimes when tethering is used over NCM with Windows 11as host, at some instances, the gadget_giveback has one byte appended atthe end of a proper ...

7.5CVSS6.6AI score0.00148EPSS
CVE
CVE
added 2024/05/17 1:15 p.m.73 views

CVE-2024-27432

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: mtk_eth_soc: fix PPE hanging issue A patch to resolve an issue was found in MediaTek's GPL-licensed SDK:In the mtk_ppe_stop() function, the PPE scan mode is not disabled beforedisabling the PPE. This can potentially ...

6.5AI score0.00054EPSS
CVE
CVE
added 2024/05/17 2:15 p.m.73 views

CVE-2024-35813

In the Linux kernel, the following vulnerability has been resolved: mmc: core: Avoid negative index with array access Commit 4d0c8d0aef63 ("mmc: core: Use mrq.sbc in close-ended ffu") assignsprev_idata = idatas[i - 1], but doesn't check that the iterator i isgreater than zero. Let's fix this by add...

6.7AI score0.00037EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.73 views

CVE-2024-35851

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: fix NULL-deref on non-serdev suspend Qualcomm ROME controllers can be registered from the Bluetooth linediscipline and in this case the HCI UART serdev pointer is NULL. Add the missing sanity check to prevent a NULL...

5.5CVSS6.7AI score0.00021EPSS
CVE
CVE
added 2024/05/19 11:15 a.m.73 views

CVE-2024-35922

In the Linux kernel, the following vulnerability has been resolved: fbmon: prevent division by zero in fb_videomode_from_videomode() The expression htotal * vtotal can have a zero value onoverflow. It is necessary to prevent division by zero like infb_var_to_videomode(). Found by Linux Verification...

5.5CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/05/19 11:15 a.m.73 views

CVE-2024-35936

In the Linux kernel, the following vulnerability has been resolved: btrfs: handle chunk tree lookup error in btrfs_relocate_sys_chunks() The unhandled case in btrfs_relocate_sys_chunks() loop is a corruption,as it could be caused only by two impossible conditions: at first the search key is set up ...

6.6AI score0.00069EPSS
CVE
CVE
added 2024/05/20 10:15 a.m.73 views

CVE-2024-35972

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix possible memory leak in bnxt_rdma_aux_device_init() If ulp = kzalloc() fails, the allocated edev will leak because it isnot properly assigned and the cleanup path will not be able to free it.Fix it by assigning it prop...

5.5CVSS6.6AI score0.00009EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.73 views

CVE-2024-40928

In the Linux kernel, the following vulnerability has been resolved: net: ethtool: fix the error condition in ethtool_get_phy_stats_ethtool() Clang static checker (scan-build) warning:net/ethtool/ioctl.c:line 2233, column 2Called function pointer is null (null dereference). Return '-EOPNOTSUPP' when...

5.5CVSS6.5AI score0.00039EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.73 views

CVE-2024-40937

In the Linux kernel, the following vulnerability has been resolved: gve: Clear napi->skb before dev_kfree_skb_any() gve_rx_free_skb incorrectly leaves napi->skb referencing an skb after itis freed with dev_kfree_skb_any(). This can result in a subsequent callto napi_get_frags returning a dang...

6.5AI score0.00149EPSS
CVE
CVE
added 2024/07/29 6:15 p.m.73 views

CVE-2024-42092

In the Linux kernel, the following vulnerability has been resolved: gpio: davinci: Validate the obtained number of IRQs Value of pdata->gpio_unbanked is taken from Device Tree. In case of brokenDT due to any error this value can be any. Without this value validationthere can be out of chips->...

6.5AI score0.00145EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.73 views

CVE-2024-42102

In the Linux kernel, the following vulnerability has been resolved: Revert "mm/writeback: fix possible divide-by-zero in wb_dirty_limits(), again" Patch series "mm: Avoid possible overflows in dirty throttling". Dirty throttling logic assumes dirty limits in page units fit into32-bits. This patch s...

4.7CVSS6.7AI score0.00077EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.73 views

CVE-2024-42108

In the Linux kernel, the following vulnerability has been resolved: net: rswitch: Avoid use-after-free in rswitch_poll() The use-after-free is actually in rswitch_tx_free(), which is inlined inrswitch_poll(). Since skb and gq->skbs[gq->dirty] are in fact thesame pointer, the skb is first free...

5.5CVSS6.6AI score0.00046EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.73 views

CVE-2024-42288

In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix for possible memory corruption Init Control Block is dereferenced incorrectly. Correctly dereference ICB

5.5CVSS6.7AI score0.00065EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.73 views

CVE-2024-43855

In the Linux kernel, the following vulnerability has been resolved: md: fix deadlock between mddev_suspend and flush bio Deadlock occurs when mddev is being suspended while some flush bio is inprogress. It is a complex issue. T1. the first flush is at the ending stage, it clears 'mddev->flush_bi...

5.5CVSS6.6AI score0.00038EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.73 views

CVE-2024-44948

In the Linux kernel, the following vulnerability has been resolved: x86/mtrr: Check if fixed MTRRs exist before saving them MTRRs have an obsolete fixed variant for fine grained caching controlof the 640K-1MB region that uses separate MSRs. This fixed variant hasa separate capability bit in the MTR...

7AI score0.0021EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.73 views

CVE-2024-45008

In the Linux kernel, the following vulnerability has been resolved: Input: MT - limit max slots syzbot is reporting too large allocation at input_mt_init_slots(), fornum_slots is supplied from userspace using ioctl(UI_DEV_CREATE). Since nobody knows possible max slots, this patch chose 1024.

7AI score0.0021EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.73 views

CVE-2024-46737

In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix kernel crash if commands allocation fails If the commands allocation fails in nvmet_tcp_alloc_cmds()the kernel crashes in nvmet_tcp_release_queue_work() because ofa NULL pointer dereference. nvmet: failed to install ...

5.5CVSS6.3AI score0.00069EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.73 views

CVE-2024-46763

In the Linux kernel, the following vulnerability has been resolved: fou: Fix null-ptr-deref in GRO. We observed a null-ptr-deref in fou_gro_receive() while shutting downa host. [0] The NULL pointer is sk->sk_user_data, and the offset 8 is of protocolin struct fou. When fou_release() is called du...

5.5CVSS5.9AI score0.00047EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.73 views

CVE-2024-46765

In the Linux kernel, the following vulnerability has been resolved: ice: protect XDP configuration with a mutex The main threat to data consistency in ice_xdp() is a possible asynchronousPF reset. It can be triggered by a user or by TX timeout handler. XDP setup and PF reset code access the same re...

5.5CVSS5AI score0.00039EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.73 views

CVE-2024-46772

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check denominator crb_pipes before used [WHAT & HOW]A denominator cannot be 0, and is checked before used. This fixes 2 DIVIDE_BY_ZERO issues reported by Coverity.

5.5CVSS6.1AI score0.00064EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.73 views

CVE-2024-46861

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly (e.g. bad NCM framing) Lack of memory None of these should cause the driver to seize u...

5.5CVSS7AI score0.00033EPSS
CVE
CVE
added 2024/10/09 3:15 p.m.73 views

CVE-2024-47667

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Add workaround for Errata #i2037 (AM65x SR 1.0) Errata #i2037 in AM65x/DRA80xM Processors Silicon Revision 1.0(SPRZ452D_July 2018_Revised December 2019 [1]) mentions when aninbound PCIe TLP spans more than two intern...

5.5CVSS5.2AI score0.00035EPSS
CVE
CVE
added 2024/10/21 1:15 p.m.73 views

CVE-2024-47756

In the Linux kernel, the following vulnerability has been resolved: PCI: keystone: Fix if-statement expression in ks_pcie_quirk() This code accidentally uses && where || was intended. It potentiallyresults in a NULL dereference. Thus, fix the if-statement expression to use the correct condition. [k...

5.5CVSS6.9AI score0.00045EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.73 views

CVE-2024-49981

In the Linux kernel, the following vulnerability has been resolved: media: venus: fix use after free bug in venus_remove due to race condition in venus_probe, core->work is bound with venus_sys_error_handler, which isused to handle error. The code use core->sys_err_done to make sync work.The ...

7CVSS6.7AI score0.00034EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.73 views

CVE-2024-49987

In the Linux kernel, the following vulnerability has been resolved: bpftool: Fix undefined behavior in qsort(NULL, 0, ...) When netfilter has no entry to display, qsort is called withqsort(NULL, 0, ...). This results in undefined behavior, as UBSanreports: net.c:827:2: runtime error: null pointer p...

5.5CVSS5.2AI score0.00036EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.73 views

CVE-2024-50060

In the Linux kernel, the following vulnerability has been resolved: io_uring: check if we need to reschedule during overflow flush In terms of normal application usage, this list will always be empty.And if an application does overflow a bit, it'll have a few entries.However, nothing obviously prev...

5.5CVSS5.4AI score0.00035EPSS
CVE
CVE
added 2024/10/29 1:15 a.m.73 views

CVE-2024-50083

In the Linux kernel, the following vulnerability has been resolved: tcp: fix mptcp DSS corruption due to large pmtu xmit Syzkaller was able to trigger a DSS corruption: TCP: request_sock_subflow_v4: Possible SYN flooding on port [::]:20002. Sending cookies.------------[ cut here ]------------WARNIN...

7.5CVSS7.5AI score0.00345EPSS
CVE
CVE
added 2024/11/05 5:15 p.m.73 views

CVE-2024-50096

In the Linux kernel, the following vulnerability has been resolved: nouveau/dmem: Fix vulnerability in migrate_to_ram upon copy error The nouveau_dmem_copy_one function ensures that the copy push command issent to the device firmware but does not track whether it was executedsuccessfully. In the ca...

5.5CVSS5.3AI score0.0003EPSS
CVE
CVE
added 2024/11/07 10:15 a.m.73 views

CVE-2024-50156

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Avoid NULL dereference in msm_disp_state_print_regs() If the allocation in msm_disp_state_dump_regs() failed thenblock->state can be NULL. The msm_disp_state_print_regs() functiondoes have code to try to handle it with:...

5.5CVSS5.2AI score0.0003EPSS
CVE
CVE
added 2024/11/08 6:15 a.m.73 views

CVE-2024-50183

In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released beforean NPIV's resources can be torn down. Failure to release fabric ndlpsbeforehand ...

4.7CVSS6.5AI score0.00019EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.73 views

CVE-2024-50224

In the Linux kernel, the following vulnerability has been resolved: spi: spi-fsl-dspi: Fix crash when not using GPIO chip select Add check for the return value of spi_get_csgpiod() to avoid passing a NULLpointer to gpiod_direction_output(), preventing a crash when GPIO chipselect is not used. Fix b...

5.5CVSS5.4AI score0.00025EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.73 views

CVE-2024-53177

In the Linux kernel, the following vulnerability has been resolved: smb: prevent use-after-free due to open_cached_dir error paths If open_cached_dir() encounters an error parsing the lease from theserver, the error handling may race with receiving a lease break,resulting in open_cached_dir() freei...

7.8CVSS7AI score0.0003EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.73 views

CVE-2024-53223

In the Linux kernel, the following vulnerability has been resolved: clk: ralink: mtmips: fix clocks probe order in oldest ralink SoCs Base clocks are the first in being probed and are real dependencies of therest of fixed, factor and peripheral clocks. For old ralink SoCs RT2880,RT305x and RT3883 '...

6.9AI score0.00048EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.73 views

CVE-2024-56557

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7923: Fix buffer overflow for tx_buf and ring_xfer The AD7923 was updated to support devices with 8 channels, but the sizeof tx_buf and ring_xfer was not increased accordingly, leading to apotential buffer overflow in a...

5.5CVSS7.2AI score0.00029EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.73 views

CVE-2024-56577

In the Linux kernel, the following vulnerability has been resolved: media: mtk-jpeg: Fix null-ptr-deref during unload module The workqueue should be destroyed in mtk_jpeg_core.c since commit09aea13ecf6f ("media: mtk-jpeg: refactor some variables"), otherwisethe below calltrace can be easily trigger...

5.5CVSS6.4AI score0.00023EPSS
CVE
CVE
added 2024/12/28 10:15 a.m.73 views

CVE-2024-56708

In the Linux kernel, the following vulnerability has been resolved: EDAC/igen6: Avoid segmentation fault on module unload The segmentation fault happens because: During modprobe: In igen6_probe(), igen6_pvt will be allocated with kzalloc() In igen6_register_mci(), mci->pvt_info will point to&ige...

7.8CVSS6.5AI score0.00016EPSS
CVE
CVE
added 2024/12/29 9:15 a.m.73 views

CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leakedand pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of spars...

5.5CVSS6.4AI score0.00033EPSS
CVE
CVE
added 2024/12/29 12:15 p.m.73 views

CVE-2024-56723

In the Linux kernel, the following vulnerability has been resolved: mfd: intel_soc_pmic_bxtwc: Use IRQ domain for PMIC devices While design wise the idea of converting the driver to usethe hierarchy of the IRQ chips is correct, the implementationhas (inherited) flaws. This was unveiled when platfor...

5.5CVSS6.5AI score0.00037EPSS
CVE
CVE
added 2024/12/29 12:15 p.m.73 views

CVE-2024-56745

In the Linux kernel, the following vulnerability has been resolved: PCI: Fix reset_method_store() memory leak In reset_method_store(), a string is allocated via kstrndup() and assignedto the local "options". options is then used in with strsep() to findspaces: while ((name = strsep(&options, " ")) ...

5.5CVSS6.4AI score0.00031EPSS
CVE
CVE
added 2024/03/25 9:15 a.m.72 views

CVE-2021-47137

In the Linux kernel, the following vulnerability has been resolved: net: lantiq: fix memory corruption in RX ring In a situation where memory allocation or dma mapping fails, aninvalid address is programmed into the descriptor. This can leadto memory corruption. If the memory allocation fails, DMA ...

7.8CVSS7.6AI score0.00014EPSS
Total number of security vulnerabilities4367