Lucene search

K
LinuxLinux Kernel

10748 matches found

CVE
CVE
added 2025/02/26 7:1 a.m.97 views

CVE-2022-49596

In the Linux kernel, the following vulnerability has been resolved: tcp: Fix data-races around sysctl_tcp_min_snd_mss. While reading sysctl_tcp_min_snd_mss, it can be changed concurrently.Thus, we need to add READ_ONCE() to its readers.

4.7CVSS5.3AI score0.00084EPSS
CVE
CVE
added 2024/03/18 11:15 a.m.97 views

CVE-2024-26635

In the Linux kernel, the following vulnerability has been resolved: llc: Drop support for ETH_P_TR_802_2. syzbot reported an uninit-value bug below. [0] llc supports ETH_P_802_2 (0x0004) and used to support ETH_P_TR_802_2(0x0011), and syzbot abused the latter to trigger the bug. write$tun(r0, &(0x7...

5.5CVSS5.8AI score0.00007EPSS
CVE
CVE
added 2024/08/21 1:15 a.m.97 views

CVE-2024-43873

In the Linux kernel, the following vulnerability has been resolved: vhost/vsock: always initialize seqpacket_allow There are two issues around seqpacket_allow: seqpacket_allow is not initialized when socket iscreated. Thus if features are never set, it will beread uninitialized. if VIRTIO_VSOCK_F_S...

7.8CVSS6.4AI score0.00051EPSS
CVE
CVE
added 2024/10/21 1:15 p.m.97 views

CVE-2024-47738

In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't use rate mask for offchannel TX either Like the commit ab9177d83c04 ("wifi: mac80211: don't use rate mask forscanning"), ignore incorrect settings to avoid no supported rate warningreported by syzbot. The syzb...

3.3CVSS6.1AI score0.00048EPSS
CVE
CVE
added 2024/11/07 10:15 a.m.97 views

CVE-2024-50168

In the Linux kernel, the following vulnerability has been resolved: net/sun3_82586: fix potential memory leak in sun3_82586_send_packet() The sun3_82586_send_packet() returns NETDEV_TX_OK without freeing skbin case of skb->len being too long, add dev_kfree_skb() to fix it.

5.5CVSS5.2AI score0.00045EPSS
CVE
CVE
added 2025/01/19 12:15 p.m.97 views

CVE-2024-57906

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads8688: fix information leak in triggered buffer The 'buffer' local array is used to push data to user space from atriggered buffer, but it does not set values for inactive channels, asit only uses iio_for_each_active...

7.1CVSS6.1AI score0.00037EPSS
CVE
CVE
added 2013/03/22 11:59 a.m.96 views

CVE-2013-0914

The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted application containing a sigaction system call.

3.6CVSS5.2AI score0.00009EPSS
CVE
CVE
added 2024/03/01 10:15 p.m.96 views

CVE-2021-47070

In the Linux kernel, the following vulnerability has been resolved: uio_hv_generic: Fix another memory leak in error handling paths Memory allocated by 'vmbus_alloc_ring()' at the beginning of the probefunction is never freed in the error handling path. Add the missing 'vmbus_free_ring()' call. Not...

5.5CVSS6.1AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.96 views

CVE-2021-47304

In the Linux kernel, the following vulnerability has been resolved: tcp: fix tcp_init_transfer() to not reset icsk_ca_initialized This commit fixes a bug (found by syzkaller) that could cause spuriousdouble-initializations for congestion control modules, which could causememory leaks or other probl...

5.5CVSS6.7AI score0.00046EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.96 views

CVE-2022-49426

In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu-v3-sva: Fix mm use-after-free We currently call arm64_mm_context_put() without holding a reference tothe mm, which can result in use-after-free. Call mmgrab()/mmdrop() toensure the mm only gets freed after we unpinne...

7.8CVSS5.3AI score0.00048EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.96 views

CVE-2022-49673

In the Linux kernel, the following vulnerability has been resolved: dm raid: fix KASAN warning in raid5_add_disks There's a KASAN warning in raid5_add_disk when running the LVM testsuite.The warning happens in the testlvconvert-raid-reshape-linear_to_raid6-single-type.sh. We fix the warningby verif...

5.4AI score0.00084EPSS
CVE
CVE
added 2023/07/18 12:15 a.m.96 views

CVE-2023-38431

An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read.

9.1CVSS8.8AI score0.00066EPSS
CVE
CVE
added 2023/12/09 11:15 p.m.96 views

CVE-2023-50431

sec_attest_info in drivers/accel/habanalabs/common/habanalabs_ioctl.c in the Linux kernel through 6.6.5 allows an information leak to user space because info->pad0 is not initialized.

5.5CVSS5.7AI score0.0001EPSS
CVE
CVE
added 2024/05/17 2:15 p.m.96 views

CVE-2023-52669

In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the last block, the s390 ctr code will always reada whole block, even if there isn't a whole block of data left. Fixthis by using the actual length left and copy it...

7.1AI score0.00024EPSS
CVE
CVE
added 2024/05/21 4:15 p.m.96 views

CVE-2023-52700

In the Linux kernel, the following vulnerability has been resolved: tipc: fix kernel warning when sending SYN message When sending a SYN message, this kernel stack trace is observed: ...[ 13.396352] RIP: 0010:_copy_from_iter+0xb4/0x550...[ 13.398494] Call Trace:[ 13.398630] [ 13.398630] ? __alloc_s...

5.5CVSS6.8AI score0.00009EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.96 views

CVE-2024-26702

In the Linux kernel, the following vulnerability has been resolved: iio: magnetometer: rm3100: add boundary check for the value read from RM3100_REG_TMRC Recently, we encounter kernel crash in function rm3100_common_probecaused by out of bound access of array rm3100_samp_rates (because ofunderlying...

5.5CVSS6.1AI score0.00007EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.96 views

CVE-2024-26722

In the Linux kernel, the following vulnerability has been resolved: ASoC: rt5645: Fix deadlock in rt5645_jack_detect_work() There is a path in rt5645_jack_detect_work(), where rt5645->jd_mutexis left locked forever. That may lead to deadlockwhen rt5645_jack_detect_work() is called for the second...

5.5CVSS6.1AI score0.00006EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.96 views

CVE-2024-26888

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: msft: Fix memory leak Fix leaking buffer allocated to send MSFT_OP_LE_MONITOR_ADVERTISEMENT.

5.5CVSS6.9AI score0.00018EPSS
CVE
CVE
added 2024/05/17 12:15 p.m.96 views

CVE-2024-27413

In the Linux kernel, the following vulnerability has been resolved: efi/capsule-loader: fix incorrect allocation size gcc-14 notices that the allocation with sizeof(void) on 32-bit architecturesis not enough for a 64-bit phys_addr_t: drivers/firmware/efi/capsule-loader.c: In function 'efi_capsule_o...

6.7AI score0.00069EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.96 views

CVE-2024-39469

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix nilfs_empty_dir() misjudgment and long loop on I/O errors The error handling in nilfs_empty_dir() when a directory folio/page readfails is incorrect, as in the old ext2 implementation, and if thefolio/page cannot be rea...

6.5AI score0.00093EPSS
CVE
CVE
added 2024/07/05 7:15 a.m.96 views

CVE-2024-39480

In the Linux kernel, the following vulnerability has been resolved: kdb: Fix buffer overflow during tab-complete Currently, when the user attempts symbol completion with the Tab key, kdbwill use strncpy() to insert the completed symbol into the command buffer.Unfortunately it passes the size of the...

7.8CVSS9AI score0.00022EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.96 views

CVE-2024-40902

In the Linux kernel, the following vulnerability has been resolved: jfs: xattr: fix buffer overflow for invalid xattr When an xattr size is not what is expected, it is printed out to thekernel log in hex format as a form of debugging. But when that xattrsize is bigger than the expected size, printi...

7.8CVSS8.4AI score0.00033EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.96 views

CVE-2024-40925

In the Linux kernel, the following vulnerability has been resolved: block: fix request.queuelist usage in flush Friedrich Weber reported a kernel crash problem and bisected to commit81ada09cc25e ("blk-flush: reuse rq queuelist in flush state machine"). The root cause is that we use "list_move_tail(...

6.4AI score0.00116EPSS
CVE
CVE
added 2024/07/29 4:15 p.m.96 views

CVE-2024-42074

In the Linux kernel, the following vulnerability has been resolved: ASoC: amd: acp: add a null check for chip_pdev structure When acp platform device creation is skipped, chip->chip_pdev value willremain NULL. Add NULL check for chip->chip_pdev structure insnd_acp_resume() function to avoid n...

5.5CVSS6.6AI score0.00039EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.96 views

CVE-2024-42282

In the Linux kernel, the following vulnerability has been resolved: net: mediatek: Fix potential NULL pointer dereference in dummy net_device handling Move the freeing of the dummy net_device from mtk_free_dev() tomtk_remove(). Previously, if alloc_netdev_dummy() failed in mtk_probe(),eth->dummy...

5.5CVSS6.5AI score0.00047EPSS
CVE
CVE
added 2024/08/21 1:15 a.m.96 views

CVE-2024-43870

In the Linux kernel, the following vulnerability has been resolved: perf: Fix event leak upon exit When a task is scheduled out, pending sigtrap deliveries are deferredto the target task upon resume to userspace via task_work. However failures while adding an event's callback to the task_workengine...

6.5AI score0.0014EPSS
CVE
CVE
added 2024/08/26 11:15 a.m.96 views

CVE-2024-43910

In the Linux kernel, the following vulnerability has been resolved: bpf: add missing check_func_arg_reg_off() to prevent out-of-bounds memory accesses Currently, it's possible to pass in a modified CONST_PTR_TO_DYNPTR toa global function as an argument. The adverse effects of this is thatBPF helper...

5.5CVSS6.9AI score0.00069EPSS
CVE
CVE
added 2024/09/13 7:15 a.m.96 views

CVE-2024-46711

In the Linux kernel, the following vulnerability has been resolved: mptcp: pm: fix ID 0 endp usage after multiple re-creations 'local_addr_used' and 'add_addr_accepted' are decremented for addressesnot related to the initial subflow (ID0), because the source anddestination addresses of the initial ...

4.7CVSS5.3AI score0.0006EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.96 views

CVE-2024-49867

In the Linux kernel, the following vulnerability has been resolved: btrfs: wait for fixup workers before stopping cleaner kthread during umount During unmount, at close_ctree(), we have the following steps in this order: Park the cleaner kthread - this doesn't destroy the kthread, it basicallyhalts...

5.5CVSS7AI score0.00042EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.96 views

CVE-2024-49886

In the Linux kernel, the following vulnerability has been resolved: platform/x86: ISST: Fix the KASAN report slab-out-of-bounds bug Attaching SST PCI device to VM causes "BUG: KASAN: slab-out-of-bounds".kasan report:[ 19.411889] ==================================================================[ 19...

5.5CVSS5AI score0.00045EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.96 views

CVE-2024-50230

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix kernel bug due to missing clearing of checked flag Syzbot reported that in directory operations after nilfs2 detectsfilesystem corruption and degrades to read-only,__block_write_begin_int(), which is called to prepare b...

7.8CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2024/12/24 12:15 p.m.96 views

CVE-2024-53145

In the Linux kernel, the following vulnerability has been resolved: um: Fix potential integer overflow during physmem setup This issue happens when the real map size is greater than LONG_MAX,which can be easily triggered on UML/i386.

5.5CVSS6.9AI score0.0004EPSS
CVE
CVE
added 2024/12/29 9:15 a.m.96 views

CVE-2024-56718

In the Linux kernel, the following vulnerability has been resolved: net/smc: protect link down work from execute after lgr freed link down work may be scheduled before lgr freed but executeafter lgr freed, which may result in crash. So it is need tohold a reference before shedule link down work, an...

5.5CVSS6.6AI score0.00041EPSS
CVE
CVE
added 2025/01/19 12:15 p.m.96 views

CVE-2024-57925

In the Linux kernel, the following vulnerability has been resolved: ksmbd: fix a missing return value check bug In the smb2_send_interim_resp(), if ksmbd_alloc_work_struct()fails to allocate a node, it returns a NULL pointer to thein_work pointer. This can lead to an illegal memory write ofin_work-...

7.1CVSS6.6AI score0.00047EPSS
CVE
CVE
added 2025/01/23 2:15 p.m.96 views

CVE-2024-57947

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_set_pipapo: fix initial map fill The initial buffer has to be inited to all-ones, but it must restrictit to the size of the first field, not the total field size. After each round in the map search step, the result an...

5.5AI score0.00045EPSS
CVE
CVE
added 2025/03/06 5:15 p.m.96 views

CVE-2024-58085

In the Linux kernel, the following vulnerability has been resolved: tomoyo: don't emit warning in tomoyo_write_control() syzbot is reporting too large allocation warning at tomoyo_write_control(),for one can write a very very long line without new line character. To fixthis warning, I use __GFP_NOW...

7.1AI score0.00109EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.96 views

CVE-2025-21898

In the Linux kernel, the following vulnerability has been resolved: ftrace: Avoid potential division by zero in function_stat_show() Check whether denominator expression x * (x - 1) * 1000 mod {2^32, 2^64}produce zero and skip stddev computation in that case. For now don't care about rec->counte...

5.5CVSS7.4AI score0.0004EPSS
CVE
CVE
added 2005/04/03 5:0 a.m.95 views

CVE-2005-0750

The bluez_sock_create function in the Bluetooth stack for Linux kernel 2.4.6 through 2.4.30-rc1 and 2.6 through 2.6.11.5 allows local users to gain privileges via (1) socket or (2) socketpair call with a negative protocol value.

7.2CVSS5.3AI score0.002EPSS
CVE
CVE
added 2009/02/22 10:30 p.m.95 views

CVE-2009-0675

The skfp_ioctl function in drivers/net/skfp/skfddi.c in the Linux kernel before 2.6.28.6 permits SKFP_CLR_STATS requests only when the CAP_NET_ADMIN capability is absent, instead of when this capability is present, which allows local users to reset the driver statistics, related to an "inverted log...

2.1CVSS4.8AI score0.00076EPSS
CVE
CVE
added 2009/10/22 4:0 p.m.95 views

CVE-2009-3620

The ATI Rage 128 (aka r128) driver in the Linux kernel before 2.6.31-git11 does not properly verify Concurrent Command Engine (CCE) state initialization, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly gain privileges via unspecified ioc...

7.8CVSS6.7AI score0.00089EPSS
CVE
CVE
added 2010/02/17 6:30 p.m.95 views

CVE-2010-0415

The do_pages_move function in mm/migrate.c in the Linux kernel before 2.6.33-rc7 does not validate node values, which allows local users to read arbitrary kernel memory locations, cause a denial of service (OOPS), and possibly have unspecified other impact by specifying a node that is not part of t...

4.6CVSS7AI score0.06988EPSS
CVE
CVE
added 2011/05/26 4:55 p.m.95 views

CVE-2010-4251

The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by netperf UDP tests.

7.8CVSS6.8AI score0.0215EPSS
CVE
CVE
added 2011/07/18 10:55 p.m.95 views

CVE-2011-0726

The do_task_stat function in fs/proc/array.c in the Linux kernel before 2.6.39-rc1 does not perform an expected uid check, which makes it easier for local users to defeat the ASLR protection mechanism by reading the start_code and end_code fields in the /proc/#####/stat file for a process executing...

2.1CVSS6.7AI score0.0011EPSS
CVE
CVE
added 2011/04/10 2:51 a.m.95 views

CVE-2011-1163

The osf_partition function in fs/partitions/osf.c in the Linux kernel before 2.6.38 does not properly handle an invalid number of partitions, which might allow local users to obtain potentially sensitive information from kernel heap memory via vectors related to partition-table parsing.

2.1CVSS7.5AI score0.00108EPSS
CVE
CVE
added 2011/05/03 8:55 p.m.95 views

CVE-2011-1593

Multiple integer overflows in the next_pidmap function in kernel/pid.c in the Linux kernel before 2.6.38.4 allow local users to cause a denial of service (system crash) via a crafted (1) getdents or (2) readdir system call.

4.9CVSS6.1AI score0.00041EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.95 views

CVE-2012-1601

The KVM implementation in the Linux kernel before 3.3.6 allows host OS users to cause a denial of service (NULL pointer dereference and host OS crash) by making a KVM_CREATE_IRQCHIP ioctl call after a virtual CPU already exists.

4.9CVSS5.8AI score0.00127EPSS
CVE
CVE
added 2015/03/02 11:59 a.m.95 views

CVE-2013-7421

The Crypto API in the Linux kernel before 3.18.5 allows local users to load arbitrary kernel modules via a bind system call for an AF_ALG socket with a module name in the salg_name field, a different vulnerability than CVE-2014-9644.

2.1CVSS5.7AI score0.00041EPSS
CVE
CVE
added 2024/02/28 9:15 a.m.95 views

CVE-2020-36782

In the Linux kernel, the following vulnerability has been resolved: i2c: imx-lpi2c: fix reference leak when pm_runtime_get_sync fails The PM reference count is not expected to be incremented onreturn in lpi2c_imx_master_enable. However, pm_runtime_get_sync will increment the PM referencecount even ...

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2021/03/23 5:15 p.m.95 views

CVE-2021-20219

A denial of service vulnerability was found in n_tty_receive_char_special in drivers/tty/n_tty.c of the Linux kernel. In this flaw a local attacker with a normal user privilege could delay the loop (due to a changing ldata->read_head, and a missing sanity check) and cause a threat to the system ...

5.5CVSS6.2AI score0.00052EPSS
CVE
CVE
added 2024/04/10 7:15 p.m.95 views

CVE-2021-47219

In the Linux kernel, the following vulnerability has been resolved: scsi: scsi_debug: Fix out-of-bound read in resp_report_tgtpgs() The following issue was observed running syzkaller: BUG: KASAN: slab-out-of-bounds in memcpy include/linux/string.h:377 [inline]BUG: KASAN: slab-out-of-bounds in sg_co...

7.1CVSS6.2AI score0.00009EPSS
Total number of security vulnerabilities10748