Lucene search

K
LinuxLinux Kernel

8330 matches found

CVE
CVE
added 2016/11/10 9:59 p.m.2036 views

CVE-2016-5195

Race condition in mm/gup.c in the Linux kernel 2.x through 4.x before 4.8.3 allows local users to gain privileges by leveraging incorrect handling of a copy-on-write (COW) feature to write to a read-only memory mapping, as exploited in the wild in October 2016, aka "Dirty COW."

7.2CVSS7.8AI score0.94176EPSS
In wild
CVE
CVE
added 2025/02/22 10:15 a.m.2031 views

CVE-2025-21704

In the Linux kernel, the following vulnerability has been resolved: usb: cdc-acm: Check control transfer buffer size before access If the first fragment is shorter than struct usb_cdc_notification, we can'tcalculate an expected_size. Log an error and discard the notificationinstead of reading lengt...

7.8CVSS7AI score0.00041EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.2007 views

CVE-2024-53198

In the Linux kernel, the following vulnerability has been resolved: xen: Fix the issue of resource not being properly released in xenbus_dev_probe() This patch fixes an issue in the function xenbus_dev_probe(). In thexenbus_dev_probe() function, within the if (err) branch at line 313, theprogram in...

5.5CVSS6.5AI score0.00033EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1999 views

CVE-2024-56616

In the Linux kernel, the following vulnerability has been resolved: drm/dp_mst: Fix MST sideband message body length check Fix the MST sideband message body length check, which must be at least 1byte accounting for the message body CRC (aka message data CRC) at theend of the message. This fixes a c...

7.8CVSS6.7AI score0.0004EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1995 views

CVE-2024-53219

In the Linux kernel, the following vulnerability has been resolved: virtiofs: use pages instead of pointer for kernel direct IO When trying to insert a 10MB kernel module kept in a virtio-fs with cachedisabled, the following warning was reported: ------------[ cut here ]------------WARNING: CPU: 1 ...

5.5CVSS6.3AI score0.00028EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1992 views

CVE-2024-56566

In the Linux kernel, the following vulnerability has been resolved: mm/slub: Avoid list corruption when removing a slab from the full list Boot with slub_debug=UFPZ. If allocated object failed in alloc_consistency_checks, all objects ofthe slab will be marked as used, and then the slab will be remo...

5.5CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1983 views

CVE-2024-53190

In the Linux kernel, the following vulnerability has been resolved: wifi: rtlwifi: Drastically reduce the attempts to read efuse in case of failures Syzkaller reported a hung task with uevent_show() on stack trace. Thatspecific issue was addressed by another commit [0], but even with thatfix applie...

5.5CVSS6.8AI score0.00034EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1970 views

CVE-2024-56576

In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the pollingtimer that was alarmed earlier, otherwise the timer is called witharguments that are...

4.7CVSS6.5AI score0.00026EPSS
CVE
CVE
added 2024/12/24 12:15 p.m.1946 views

CVE-2024-53147

In the Linux kernel, the following vulnerability has been resolved: exfat: fix out-of-bounds access of directory entries In the case of the directory size is greater than or equal tothe cluster size, if start_clu becomes an EOF cluster(an invalidcluster) due to file system corruption, then the dire...

7.1CVSS6.6AI score0.00032EPSS
CVE
CVE
added 2025/01/11 1:15 p.m.1945 views

CVE-2024-41935

In the Linux kernel, the following vulnerability has been resolved: f2fs: fix to shrink read extent node in batches We use rwlock to protect core structure data of extent tree duringits shrink, however, if there is a huge number of extent nodes inextent tree, during shrink of extent tree, it may ho...

7.1CVSS6.2AI score0.00025EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1935 views

CVE-2024-56590

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_core: Fix not checking skb length on hci_acldata_packet This fixes not checking if skb really contains an ACL header otherwisethe code may attempt to access some uninitilized/invalid memory past thevalid skb->data...

5.5CVSS6.7AI score0.00034EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1935 views

CVE-2024-56597

In the Linux kernel, the following vulnerability has been resolved: jfs: fix shift-out-of-bounds in dbSplit When dmt_budmin is less than zero, it causes errorsin the later stages. Added a check to return an error beforehandin dbAllocCtl itself.

7.1CVSS6.5AI score0.00034EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1925 views

CVE-2024-53233

In the Linux kernel, the following vulnerability has been resolved: unicode: Fix utf8_load() error path utf8_load() requests the symbol "utf8_data_table" and then checks if therequested UTF-8 version is supported. If it's unsupported, it tries toput the data table using symbol_put(). If an unsuppor...

5.5CVSS6.9AI score0.00034EPSS
CVE
CVE
added 2025/01/19 11:15 a.m.1921 views

CVE-2025-21632

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Ensure shadow stack is active before "getting" registers The x86 shadow stack support has its own set of registers. Those registersare XSAVE-managed, but they are "supervisor state components" which meansthat userspace can...

5.5CVSS6.9AI score0.00024EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.1905 views

CVE-2024-27028

In the Linux kernel, the following vulnerability has been resolved: spi: spi-mt65xx: Fix NULL pointer access in interrupt handler The TX buffer in spi_transfer can be a NULL pointer, so the interrupthandler may end up writing to the invalid memory and cause crashes. Add a check to trans->tx_buf ...

6.5CVSS6.5AI score0.00144EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1891 views

CVE-2024-53169

In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval,could potentially sneak in while shutting down a fabric controller.This may lead to a race between t...

4.7CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2025/01/11 2:15 p.m.1886 views

CVE-2024-57838

In the Linux kernel, the following vulnerability has been resolved: s390/entry: Mark IRQ entries to fix stack depot warnings The stack depot filters out everything outside of the top interruptcontext as an uninteresting or irrelevant part of the stack traces. Thishelps with stack trace de-duplicati...

7.1CVSS6.7AI score0.00038EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1885 views

CVE-2024-56533

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-longwaiting. OTOH, the current code uses snd_card_free() atdisconnection, but this waits for the close of...

5.5CVSS6.7AI score0.00026EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1875 views

CVE-2024-53193

In the Linux kernel, the following vulnerability has been resolved: clk: clk-loongson2: Fix memory corruption bug in struct loongson2_clk_provider Some heap space is allocated for the flexible structure struct clk_hw_onecell_data and its flexible-array member hws throughthe composite structure stru...

7.8CVSS6.9AI score0.00035EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.1857 views

CVE-2024-56585

In the Linux kernel, the following vulnerability has been resolved: LoongArch: Fix sleeping in atomic context for PREEMPT_RT Commit bab1c299f3945ffe79 ("LoongArch: Fix sleeping in atomic context insetup_tlb_handler()") changes the gfp flag from GFP_KERNEL to GFP_ATOMICfor alloc_pages_node(). Howeve...

5.5CVSS6.5AI score0.00027EPSS
CVE
CVE
added 2024/05/01 1:15 p.m.1855 views

CVE-2024-27037

In the Linux kernel, the following vulnerability has been resolved: clk: zynq: Prevent null pointer dereference caused by kmalloc failure The kmalloc() in zynq_clk_setup() will return null if thephysical memory has run out. As a result, if we use snprintf()to write data to the null address, the nul...

5.5CVSS6.6AI score0.00014EPSS
CVE
CVE
added 2024/02/21 3:15 p.m.1850 views

CVE-2024-26584

In the Linux kernel, the following vulnerability has been resolved: net: tls: handle backlogging of crypto requests Since we're setting the CRYPTO_TFM_REQ_MAY_BACKLOG flag on ourrequests to the crypto API, crypto_aead_{encrypt,decrypt} can return-EBUSY instead of -EINPROGRESS in valid situations. F...

5.5CVSS6.8AI score0.00039EPSS
CVE
CVE
added 2024/02/20 1:15 p.m.1660 views

CVE-2024-26581

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree lazy gc on insert might collect an end interval element that hasbeen just added in this transactions, skip end interval elements thatare not yet active.

7.8CVSS7AI score0.00182EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1658 views

CVE-2023-52456

In the Linux kernel, the following vulnerability has been resolved: serial: imx: fix tx statemachine deadlock When using the serial port as RS485 port, the tx statemachine is used tocontrol the RTS pin to drive the RS485 transceiver TX_EN pin. When theTTY port is closed in the middle of a transmiss...

5.5CVSS6.3AI score0.0001EPSS
CVE
CVE
added 2024/02/22 5:15 p.m.1541 views

CVE-2024-26592

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix UAF issue in ksmbd_tcp_new_connection() The race is between the handling of a new TCP connection andits disconnection. It leads to UAF on struct tcp_transport inksmbd_tcp_new_connection() function.

7.8CVSS7.4AI score0.00031EPSS
CVE
CVE
added 2024/03/06 7:15 a.m.1537 views

CVE-2023-52602

In the Linux kernel, the following vulnerability has been resolved: jfs: fix slab-out-of-bounds Read in dtSearch Currently while searching for current page in the sorted entry tableof the page there is a out of bound access. Added a bound check to fixthe error. Dave:Set return code to -EIO

7.8CVSS7.6AI score0.00011EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1491 views

CVE-2023-52455

In the Linux kernel, the following vulnerability has been resolved: iommu: Don't reserve 0-length IOVA region When the bootloader/firmware doesn't setup the framebuffers, theiraddress and size are 0 in "iommu-addresses" property. If IOVA region isreserved with 0 length, then it ends up corrupting t...

7.8CVSS7AI score0.0002EPSS
CVE
CVE
added 2024/02/20 9:15 p.m.1489 views

CVE-2023-52436

In the Linux kernel, the following vulnerability has been resolved: f2fs: explicitly null-terminate the xattr list When setting an xattr, explicitly null-terminate the xattr list. Thiseliminates the fragile assumption that the unused xattr space is alwayszeroed.

7.8CVSS7.5AI score0.00013EPSS
CVE
CVE
added 2019/07/17 1:15 p.m.1475 views

CVE-2019-13272

In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a par...

7.8CVSS7.7AI score0.78254EPSS
In wild
CVE
CVE
added 2024/02/23 10:15 a.m.1451 views

CVE-2024-26593

In the Linux kernel, the following vulnerability has been resolved: i2c: i801: Fix block process call transactions According to the Intel datasheets, software must reset the blockbuffer index twice for block process call transactions: once beforewriting the outgoing data to the buffer, and once aga...

7.1CVSS7.4AI score0.00009EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1440 views

CVE-2023-52457

In the Linux kernel, the following vulnerability has been resolved: serial: 8250: omap: Don't skip resource freeing if pm_runtime_resume_and_get() failed Returning an error code from .remove() makes the driver core emit thelittle helpful error message: remove callback returned a non-zero value. Thi...

7.8CVSS7.5AI score0.00013EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1440 views

CVE-2024-53197

In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Fix potential out-of-bound accesses for Extigy and Mbox devices A bogus device can provide a bNumConfigurations value that exceeds theinitial value used in usb_get_configuration for allocating dev->config. This ...

7.8CVSS6.9AI score0.003EPSS
In wild
CVE
CVE
added 2024/02/23 3:15 p.m.1439 views

CVE-2023-52464

In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling -Wstringop-overflow globally exposes a warning for a common bugin the usage of strncat(): drivers/edac/thunderx_edac.c: In function 'thunderx_ocx_com_threaded_isr':dr...

7.8CVSS7.3AI score0.00011EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1407 views

CVE-2024-26597

In the Linux kernel, the following vulnerability has been resolved: net: qualcomm: rmnet: fix global oob in rmnet_policy The variable rmnet_link_ops assign a bigger maxtype which leads to aglobal out-of-bounds read when parsing the netlink attributes. See bugtrace below: ===========================...

7.1CVSS6.7AI score0.00012EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.1402 views

CVE-2024-56532

In the Linux kernel, the following vulnerability has been resolved: ALSA: us122l: Use snd_card_free_when_closed() at disconnection The USB disconnect callback is supposed to be short and not too-longwaiting. OTOH, the current code uses snd_card_free() atdisconnection, but this waits for the close o...

5.5CVSS6.7AI score0.00025EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1397 views

CVE-2024-26601

In the Linux kernel, the following vulnerability has been resolved: ext4: regenerate buddy after block freeing failed if under fc replay This mostly reverts commit 6bd97bf273bd ("ext4: remove redundantmb_regenerate_buddy()") and reintroduces mb_regenerate_buddy(). Based oncode in mb_free_blocks(), ...

5.5CVSS6.8AI score0.00013EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1386 views

CVE-2024-26598

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: vgic-its: Avoid potential UAF in LPI translation cache There is a potential UAF scenario in the case of an LPI translationcache hit racing with an operation that invalidates the cache, suchas a DISCARD ITS command. The ...

7.8CVSS7.6AI score0.00012EPSS
CVE
CVE
added 2021/12/15 7:15 p.m.1385 views

CVE-2021-0920

In unix_scm_to_skb of af_unix.c, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-196926917R...

6.9CVSS7.1AI score0.0051EPSS
In wild
CVE
CVE
added 2024/02/23 3:15 p.m.1366 views

CVE-2023-52460

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix NULL pointer dereference at hibernate During hibernate sequence the source context might not have a clk_mgr.So don't use it to look for DML2 support.

5.5CVSS5.3AI score0.00017EPSS
CVE
CVE
added 2024/02/26 4:28 p.m.1350 views

CVE-2024-26603

In the Linux kernel, the following vulnerability has been resolved: x86/fpu: Stop relying on userspace for info to fault in xsave buffer Before this change, the expected size of the user space buffer wastaken from fx_sw->xstate_size. fx_sw->xstate_size can be changedfrom user-space, so it is ...

5.5CVSS7.1AI score0.00009EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1284 views

CVE-2024-26600

In the Linux kernel, the following vulnerability has been resolved: phy: ti: phy-omap-usb2: Fix NULL pointer dereference for SRP If the external phy working together with phy-omap-usb2 does not implementsend_srp(), we may still attempt to call it. This can happen on an idleEthernet gadget triggerin...

5.5CVSS6.4AI score0.00012EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1279 views

CVE-2023-52470

In the Linux kernel, the following vulnerability has been resolved: drm/radeon: check the alloc_workqueue return value in radeon_crtc_init() check the alloc_workqueue return value in radeon_crtc_init()to avoid null-ptr-deref.

5.5CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1258 views

CVE-2023-52467

In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in of_syscon_register() kasprintf() returns a pointer to dynamically allocated memorywhich can be NULL upon failure.

5.5CVSS6.2AI score0.00017EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1256 views

CVE-2023-52469

In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps allocated by kzalloc equals to NULL, kv_parse_power_tablefrees adev->pm.dpm.ps that allocated before. However, after the controlflow goes through the following...

7.8CVSS7.9AI score0.00011EPSS
CVE
CVE
added 2024/06/24 2:15 p.m.1251 views

CVE-2024-34027

In the Linux kernel, the following vulnerability has been resolved: f2fs: compress: fix to cover {reserve,release}_compress_blocks() w/ cp_rwsem lock It needs to cover {reserve,release}_compress_blocks() w/ cp_rwsem lockto avoid racing with checkpoint, otherwise, filesystem metadata includingblkadd...

7CVSS7.9AI score0.00021EPSS
CVE
CVE
added 2024/02/26 4:28 p.m.1246 views

CVE-2024-26605

In the Linux kernel, the following vulnerability has been resolved: PCI/ASPM: Fix deadlock when enabling ASPM A last minute revert in 6.7-final introduced a potential deadlock whenenabling ASPM during probe of Qualcomm PCIe controllers as reported bylockdep: ========================================...

5.5CVSS6AI score0.00013EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1229 views

CVE-2023-52458

In the Linux kernel, the following vulnerability has been resolved: block: add check that partition length needs to be aligned with block size Before calling add partition or resize partition, there is no checkon whether the length is aligned with the logical block size.If the logical block size of...

5.5CVSS6.6AI score0.00014EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1219 views

CVE-2023-52473

In the Linux kernel, the following vulnerability has been resolved: thermal: core: Fix NULL pointer dereference in zone registration error path If device_register() in thermal_zone_device_register_with_trips()returns an error, the tz variable is set to NULL and subsequentlydereferenced in kfree(tz-...

5.5CVSS6AI score0.00009EPSS
CVE
CVE
added 2024/02/23 3:15 p.m.1202 views

CVE-2024-26595

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix NULL pointer dereference in error path When calling mlxsw_sp_acl_tcam_region_destroy() from an error path afterfailing to attach the region to an ACL group, we hit a NULL pointerdereference upon 'regio...

5.5CVSS6AI score0.00009EPSS
CVE
CVE
added 2024/02/26 4:27 p.m.1197 views

CVE-2021-46904

In the Linux kernel, the following vulnerability has been resolved: net: hso: fix null-ptr-deref during tty device unregistration Multiple ttys try to claim the same the minor number causing a doubleunregistration of the same device. The first unregistration succeedsbut the next one results in a nu...

5.5CVSS6.2AI score0.00007EPSS
Total number of security vulnerabilities8330