Lucene search

K
LinuxLinux Kernel

10745 matches found

CVE
CVE
added 2024/10/09 3:15 p.m.110 views

CVE-2024-47668

In the Linux kernel, the following vulnerability has been resolved: lib/generic-radix-tree.c: Fix rare race in __genradix_ptr_alloc() If we need to increase the tree depth, allocate a new node, and thenrace with another thread that increased the tree depth before us, we'llstill have a preallocated ...

4.7CVSS6.2AI score0.00037EPSS
CVE
CVE
added 2014/04/01 6:35 a.m.109 views

CVE-2014-2678

The rds_iw_laddr_check function in net/rds/iw.c in the Linux kernel through 3.14 allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact via a bind system call for an RDS socket on a system that lacks RDS transports.

4.7CVSS6.7AI score0.00092EPSS
CVE
CVE
added 2014/11/30 1:59 a.m.109 views

CVE-2014-3688

The SCTP implementation in the Linux kernel before 3.17.4 allows remote attackers to cause a denial of service (memory consumption) by triggering a large number of chunks in an association's output queue, as demonstrated by ASCONF probes, related to net/sctp/inqueue.c and net/sctp/sm_statefuns.c.

5CVSS7.1AI score0.02243EPSS
CVE
CVE
added 2014/07/03 4:22 a.m.109 views

CVE-2014-4653

sound/core/control.c in the ALSA control implementation in the Linux kernel before 3.15.2 does not ensure possession of a read/write lock, which allows local users to cause a denial of service (use-after-free) and obtain sensitive information from kernel memory by leveraging /dev/snd/controlCX acce...

4.6CVSS5.1AI score0.00066EPSS
CVE
CVE
added 2016/11/16 5:59 a.m.109 views

CVE-2016-7917

The nfnetlink_rcv_batch function in net/netfilter/nfnetlink.c in the Linux kernel before 4.5 does not check whether a batch message's length field is large enough, which allows local users to obtain sensitive information from kernel memory or cause a denial of service (infinite loop or out-of-bound...

5CVSS6.1AI score0.00162EPSS
CVE
CVE
added 2017/10/04 1:29 a.m.109 views

CVE-2017-14991

The sg_ioctl function in drivers/scsi/sg.c in the Linux kernel before 4.13.4 allows local users to obtain sensitive information from uninitialized kernel heap-memory locations via an SG_GET_REQUEST_TABLE ioctl call for /dev/sg0.

5.5CVSS5.5AI score0.00056EPSS
CVE
CVE
added 2017/12/27 5:8 p.m.109 views

CVE-2017-17863

kernel/bpf/verifier.c in the Linux kernel 4.9.x through 4.9.71 does not check the relationship between pointer values and the BPF stack, which allows local users to cause a denial of service (integer overflow or invalid memory access) or possibly have unspecified other impact.

7.8CVSS7.5AI score0.00086EPSS
CVE
CVE
added 2018/03/07 8:29 a.m.109 views

CVE-2017-18221

The __munlock_pagevec function in mm/mlock.c in the Linux kernel before 4.11.4 allows local users to cause a denial of service (NR_MLOCK accounting corruption) via crafted use of mlockall and munlockall system calls.

5.5CVSS5.6AI score0.00028EPSS
CVE
CVE
added 2018/07/27 4:29 a.m.109 views

CVE-2018-14614

An issue was discovered in the Linux kernel through 4.17.10. There is an out-of-bounds access in __remove_dirty_segment() in fs/f2fs/segment.c when mounting an f2fs image.

7.1CVSS5.9AI score0.00274EPSS
CVE
CVE
added 2019/03/27 6:29 a.m.109 views

CVE-2019-10125

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and this will cause a use-after-free.

10CVSS8.9AI score0.04265EPSS
CVE
CVE
added 2019/05/02 5:29 p.m.109 views

CVE-2019-11683

udp_gro_receive_segment in net/ipv4/udp_offload.c in the Linux kernel 5.x before 5.0.13 allows remote attackers to cause a denial of service (slab-out-of-bounds memory corruption) or possibly have unspecified other impact via UDP packets with a 0 payload, because of mishandling of padded packets, a...

10CVSS9.3AI score0.21748EPSS
CVE
CVE
added 2021/07/22 5:15 p.m.109 views

CVE-2021-29657

arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_sv...

7.4CVSS7.1AI score0.00037EPSS
CVE
CVE
added 2022/09/09 3:15 p.m.109 views

CVE-2022-2905

An out-of-bounds memory read flaw was found in the Linux kernel's BPF subsystem in how a user calls the bpf_tail_call function with a key larger than the max_entries of the map. This flaw allows a local user to gain unauthorized access to data.

5.5CVSS5.9AI score0.00018EPSS
CVE
CVE
added 2022/12/14 9:15 p.m.109 views

CVE-2022-3106

An issue was discovered in the Linux kernel through 5.16-rc6. ef100_update_stats in drivers/net/ethernet/sfc/ef100_nic.c lacks check of the return value of kmalloc().

5.5CVSS5.8AI score0.00016EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.109 views

CVE-2022-48632

In the Linux kernel, the following vulnerability has been resolved: i2c: mlxbf: prevent stack overflow in mlxbf_i2c_smbus_start_transaction() memcpy() is called in a loop while 'operation->length' upper boundis not checked and 'data_idx' also increments.

7.8CVSS7AI score0.00016EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.109 views

CVE-2022-48786

In the Linux kernel, the following vulnerability has been resolved: vsock: remove vsock from connected table when connect is interrupted by a signal vsock_connect() expects that the socket could already be in theTCP_ESTABLISHED state when the connecting task wakes up with a signalpending. If this h...

6.6AI score0.00109EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.109 views

CVE-2022-49107

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_readdir when note_last_dentry returns error Reset the last_readdir at the same time, and add a comment explainingwhy we don't free last_readdir when dir_emit returns false.

5.5CVSS5.4AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.109 views

CVE-2022-49653

In the Linux kernel, the following vulnerability has been resolved: i2c: piix4: Fix a memory leak in the EFCH MMIO support The recently added support for EFCH MMIO regions introduced a memoryleak in that code path. The leak is caused by the fact thatrelease_resource() merely removes the resource fr...

5.5CVSS6.6AI score0.0004EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.109 views

CVE-2022-49928

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed There is a null-ptr-deref when xps sysfs alloc failed:BUG: KASAN: null-ptr-deref in sysfs_do_create_link_sd+0x40/0xd0Read of size 8 at addr 0000000000000030 by task gssproxy/45...

5.5CVSS6.5AI score0.00017EPSS
CVE
CVE
added 2023/04/16 4:15 a.m.109 views

CVE-2023-30772

The Linux kernel before 6.2.9 has a race condition and resultant use-after-free in drivers/power/supply/da9150-charger.c if a physically proximate attacker unplugs a device.

6.4CVSS6.5AI score0.00053EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.109 views

CVE-2023-52674

In the Linux kernel, the following vulnerability has been resolved: ALSA: scarlett2: Add clamp() in scarlett2_mixer_ctl_put() Ensure the value passed to scarlett2_mixer_ctl_put() is between 0 andSCARLETT2_MIXER_MAX_VALUE so we don't attempt to access outsidescarlett2_mixer_values[].

5.5CVSS6.6AI score0.00011EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.109 views

CVE-2023-52837

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_open Commit 4af5f2e03013 ("nbd: use blk_mq_alloc_disk andblk_cleanup_disk") cleans up disk by blk_cleanup_disk() and it won't setdisk->private_data as NULL as before. UAF may be triggered in nbd_open()if some...

7.8CVSS6.7AI score0.00016EPSS
CVE
CVE
added 2023/12/11 7:15 p.m.109 views

CVE-2023-6679

A null pointer dereference vulnerability was found in dpll_pin_parent_pin_set() in drivers/dpll/dpll_netlink.c in the Digital Phase Locked Loop (DPLL) subsystem in the Linux kernel. This issue could be exploited to trigger a denial of service.

5.5CVSS6AI score0.00013EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.109 views

CVE-2024-26725

In the Linux kernel, the following vulnerability has been resolved: dpll: fix possible deadlock during netlink dump operation Recently, I've been hitting following deadlock warning during dpll pindump: [52804.637962] ======================================================[52804.638536] WARNING: poss...

5.5CVSS6.7AI score0.00008EPSS
CVE
CVE
added 2024/04/03 5:15 p.m.109 views

CVE-2024-26757

In the Linux kernel, the following vulnerability has been resolved: md: Don't ignore read-only array in md_check_recovery() Usually if the array is not read-write, md_check_recovery() won'tregister new sync_thread in the first place. And if the array isread-write and sync_thread is registered, md_s...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/04/17 10:15 a.m.109 views

CVE-2024-26825

In the Linux kernel, the following vulnerability has been resolved: nfc: nci: free rx_data_reassembly skb on NCI device cleanup rx_data_reassembly skb is stored during NCI data exchange for processingfragmented packets. It is dropped only when the last fragment is processedor when an NTF packet wit...

5.5CVSS6.1AI score0.00007EPSS
CVE
CVE
added 2024/05/17 2:15 p.m.109 views

CVE-2024-35827

In the Linux kernel, the following vulnerability has been resolved: io_uring/net: fix overflow check in io_recvmsg_mshot_prep() The "controllen" variable is type size_t (unsigned long). Casting itto int could lead to an integer underflow. The check_add_overflow() function considers the type of the ...

5.5CVSS6.9AI score0.0002EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.109 views

CVE-2024-35845

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: dbg-tlv: ensure NUL termination The iwl_fw_ini_debug_info_tlv is used as a string, so we mustensure the string is terminated correctly before using it.

9.1CVSS6.7AI score0.00405EPSS
CVE
CVE
added 2024/05/19 9:15 a.m.109 views

CVE-2024-35865

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_oplock_break() Skip sessions that are being teared down (status == SES_EXITING) toavoid UAF.

5.5CVSS6.7AI score0.0001EPSS
CVE
CVE
added 2024/06/21 11:15 a.m.109 views

CVE-2024-36270

In the Linux kernel, the following vulnerability has been resolved: netfilter: tproxy: bail out if IP has been disabled on the device syzbot reports:general protection fault, probably for non-canonical address 0xdffffc0000000003: 0000 [#1] PREEMPT SMP KASAN PTIKASAN: null-ptr-deref in range [0x0000...

5.5CVSS7.7AI score0.00011EPSS
CVE
CVE
added 2024/05/30 4:15 p.m.109 views

CVE-2024-36881

In the Linux kernel, the following vulnerability has been resolved: mm/userfaultfd: reset ptes when close() for wr-protected ones Userfaultfd unregister includes a step to remove wr-protect bits from allthe relevant pgtable entries, but that only covered an explicitUFFDIO_UNREGISTER ioctl, not a cl...

5.5CVSS7AI score0.00011EPSS
CVE
CVE
added 2024/05/30 4:15 p.m.109 views

CVE-2024-36897

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Atom Integrated System Info v2_2 for DCN35 New request from KMD/VBIOS in order to support new UMA carveoutmodel. This fixes a null dereference from accessingCtx->dc_bios->integrated_info while it was NULL. DA...

5.5CVSS7AI score0.00009EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.109 views

CVE-2024-38558

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVS_PACKET_CMD_EXECUTE has 3 main attributes: OVS_PACKET_ATTR_KEY - Packet metadata in a netlink format. OVS_PACKET_ATTR_PACKET - Binary packet content. OVS_PACKET_ATTR...

7AI score0.00101EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.109 views

CVE-2024-40912

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: Fix deadlock in ieee80211_sta_ps_deliver_wakeup() The ieee80211_sta_ps_deliver_wakeup() function takes sta->ps_lock tosynchronizes with ieee80211_tx_h_unicast_ps_buf() which is called fromsoftirq context. However...

5.5CVSS6.8AI score0.00045EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.109 views

CVE-2024-41076

In the Linux kernel, the following vulnerability has been resolved: NFSv4: Fix memory leak in nfs4_set_security_label We leak nfs_fattr and nfs4_label every time we set a security xattr.

5.5CVSS6.6AI score0.00048EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.109 views

CVE-2024-42131

In the Linux kernel, the following vulnerability has been resolved: mm: avoid overflows in dirty throttling logic The dirty throttling logic is interspersed with assumptions that dirtylimits in PAGE_SIZE units fit into 32-bit (so that various multiplicationsfit into 64-bits). If limits end up being...

4.4CVSS6.6AI score0.00075EPSS
CVE
CVE
added 2024/08/26 12:15 p.m.109 views

CVE-2024-44938

In the Linux kernel, the following vulnerability has been resolved: jfs: Fix shift-out-of-bounds in dbDiscardAG When searching for the next smaller log2 block, BLKSTOL2() returned 0,causing shift exponent -1 to be negative. This patch fixes the issue by exiting the loop directly when negativeshift ...

5.5CVSS6.5AI score0.0005EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.109 views

CVE-2024-46722

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: fix mc_data out-of-bounds read warning Clear warning that read mc_data[i-1] may out-of-bounds.

7.1CVSS6.9AI score0.00058EPSS
CVE
CVE
added 2024/10/21 12:15 p.m.109 views

CVE-2024-47706

In the Linux kernel, the following vulnerability has been resolved: block, bfq: fix possible UAF for bfqq->bic with merge chain initial state, three tasks: Process 1 Process 2 Process 3 (BIC1) (BIC2) (BIC3) | Λ | Λ | Λ | | | | | | V | V | V | bfqq1 bfqq2 bfqq3 process ref: 1 1 1 bfqq1 merged to ...

5.5CVSS6.9AI score0.00043EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.109 views

CVE-2024-49933

In the Linux kernel, the following vulnerability has been resolved: blk_iocost: fix more out of bound shifts Recently running UBSAN caught few out of bound shifts in theioc_forgive_debts() function: UBSAN: shift-out-of-bounds in block/blk-iocost.c:2142:38shift exponent 80 is too large for 64-bit ty...

5.5CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.109 views

CVE-2024-50038

In the Linux kernel, the following vulnerability has been resolved: netfilter: xtables: avoid NFPROTO_UNSPEC where needed syzbot managed to call xt_cluster match via ebtables: WARNING: CPU: 0 PID: 11 at net/netfilter/xt_cluster.c:72 xt_cluster_mt+0x196/0x780[..]ebt_do_table+0x174b/0x2a40 Module reg...

5.5CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.109 views

CVE-2024-56608

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix out-of-bounds access in 'dcn21_link_encoder_create' An issue was identified in the dcn21_link_encoder_create function wherean out-of-bounds access could occur when the hpd_source index was usedto reference the ...

7.8CVSS6.5AI score0.00051EPSS
CVE
CVE
added 2025/01/15 1:15 p.m.109 views

CVE-2024-57885

In the Linux kernel, the following vulnerability has been resolved: mm/kmemleak: fix sleeping function called from invalid context at print message Address a bug in the kernel that triggers a "sleeping function called frominvalid context" warning when /sys/kernel/debug/kmemleak is printed underspec...

6.6AI score0.0004EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.109 views

CVE-2025-21715

In the Linux kernel, the following vulnerability has been resolved: net: davicom: fix UAF in dm9000_drv_remove dm is netdev private data and it cannot beused after free_netdev() call. Using dm after free_netdev()can cause UAF bug. Fix it by moving free_netdev() at the end of thefunction. This is si...

7.8CVSS6.5AI score0.0003EPSS
CVE
CVE
added 2025/04/18 3:15 p.m.109 views

CVE-2025-37838

In the Linux kernel, the following vulnerability has been resolved: HSI: ssi_protocol: Fix use after free vulnerability in ssi_protocol Driver Due to Race Condition In the ssi_protocol_probe() function, &ssi->work is bound withssip_xmit_work(), In ssip_pn_setup(), the ssip_pn_xmit() functionwith...

7.8CVSS6.6AI score0.00021EPSS
CVE
CVE
added 2009/08/18 9:0 p.m.108 views

CVE-2009-2844

cfg80211 in net/wireless/scan.c in the Linux kernel 2.6.30-rc1 and other versions before 2.6.31-rc6 allows remote attackers to cause a denial of service (crash) via a sequence of beacon frames in which one frame omits an SSID Information Element (IE) and the subsequent frame contains an SSID IE, wh...

7.8CVSS6.7AI score0.01735EPSS
CVE
CVE
added 2010/03/31 6:0 p.m.108 views

CVE-2010-1188

Use-after-free vulnerability in net/ipv4/tcp_input.c in the Linux kernel 2.6 before 2.6.20, when IPV6_RECVPKTINFO is set on a listening socket, allows remote attackers to cause a denial of service (kernel panic) via a SYN packet while the socket is in a listening (TCP_LISTEN) state, which is not pr...

7.1CVSS5.3AI score0.02726EPSS
CVE
CVE
added 2011/05/09 7:55 p.m.108 views

CVE-2011-1013

Integer signedness error in the drm_modeset_ctl function in (1) drivers/gpu/drm/drm_irq.c in the Direct Rendering Manager (DRM) subsystem in the Linux kernel before 2.6.38 and (2) sys/dev/pci/drm/drm_irq.c in the kernel in OpenBSD before 4.9 allows local users to trigger out-of-bounds write operati...

7.2CVSS7AI score0.00043EPSS
CVE
CVE
added 2012/01/27 3:55 p.m.108 views

CVE-2011-4132

The cleanup_journal_tail function in the Journaling Block Device (JBD) functionality in the Linux kernel 2.6 allows local users to cause a denial of service (assertion error and kernel oops) via an ext3 or ext4 image with an "invalid log first block value."

2.1CVSS6.1AI score0.00125EPSS
CVE
CVE
added 2016/04/13 3:59 p.m.108 views

CVE-2015-8551

The PCI backend driver in Xen, when running on an x86 system and using Linux 3.1.x through 4.3.x as the driver domain, allows local guest administrators to hit BUG conditions and cause a denial of service (NULL pointer dereference and host OS crash) by leveraging a system with access to a passed-th...

6CVSS5.6AI score0.00073EPSS
Total number of security vulnerabilities10745