Lucene search

K

9933 matches found

CVE
CVE
added 2024/12/29 9:15 a.m.81 views

CVE-2024-56710

In the Linux kernel, the following vulnerability has been resolved: ceph: fix memory leak in ceph_direct_read_write() The bvecs array which is allocated in iter_get_bvecs_alloc() is leakedand pages remain pinned if ceph_alloc_sparse_ext_map() fails. There is no need to delay the allocation of spars...

5.5CVSS6.4AI score0.00033EPSS
CVE
CVE
added 2025/05/02 4:15 p.m.80 views

CVE-2023-53100

In the Linux kernel, the following vulnerability has been resolved: ext4: fix WARNING in ext4_update_inline_data Syzbot found the following issue:EXT4-fs (loop0): mounted filesystem 00000000-0000-0000-0000-000000000000 without journal. Quota mode: none.fscrypt: AES-256-CTS-CBC using implementation ...

6.4AI score0.00095EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.80 views

CVE-2024-26714

In the Linux kernel, the following vulnerability has been resolved: interconnect: qcom: sc8180x: Mark CO0 BCM keepalive The CO0 BCM needs to be up at all times, otherwise some hardware (likethe UFS controller) loses its connection to the rest of the SoC,resulting in a hang of the platform, accompan...

5.5CVSS6.5AI score0.00011EPSS
CVE
CVE
added 2024/04/17 10:15 a.m.80 views

CVE-2024-26844

In the Linux kernel, the following vulnerability has been resolved: block: Fix WARNING in _copy_from_iter Syzkaller reports a warning in _copy_from_iter because aniov_iter is supposedly used in the wrong direction. The reasonis that syzcaller managed to generate a request witha transfer direction o...

5.5CVSS6.3AI score0.00009EPSS
CVE
CVE
added 2024/04/17 11:15 a.m.80 views

CVE-2024-26860

In the Linux kernel, the following vulnerability has been resolved: dm-integrity: fix a memory leak when rechecking the data Memory for the "checksums" pointer will leak if the data is recheckedafter checksum failure (because the associated kfree won't happen dueto 'goto skip_io'). Fix this by free...

5.5CVSS6.7AI score0.0001EPSS
CVE
CVE
added 2024/05/17 12:15 p.m.80 views

CVE-2024-27407

In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fixed overflow check in mi_enum_attr()

8.4CVSS7AI score0.00017EPSS
CVE
CVE
added 2024/05/17 2:15 p.m.80 views

CVE-2024-35821

In the Linux kernel, the following vulnerability has been resolved: ubifs: Set page uptodate in the correct place Page cache reads are lockless, so setting the freshly allocated pageuptodate before we've overwritten it with the data it's supposed to havein it will allow a simultaneous reader to see...

7.5CVSS6.6AI score0.00258EPSS
CVE
CVE
added 2024/05/19 11:15 a.m.80 views

CVE-2024-35935

In the Linux kernel, the following vulnerability has been resolved: btrfs: send: handle path ref underflow in header iterate_inode_ref() Change BUG_ON to proper error handling if building the path bufferfails. The pointers are not printed so we don't accidentally leak kerneladdresses.

6.6AI score0.0006EPSS
CVE
CVE
added 2024/05/30 4:15 p.m.80 views

CVE-2024-36957

In the Linux kernel, the following vulnerability has been resolved: octeontx2-af: avoid off-by-one read from userspace We try to access count + 1 byte from userspace with memdup_user(buffer,count + 1). However, the userspace only provides buffer of count bytes andonly these count bytes are verified...

6.6AI score0.00097EPSS
CVE
CVE
added 2024/06/19 2:15 p.m.80 views

CVE-2024-38587

In the Linux kernel, the following vulnerability has been resolved: speakup: Fix sizeof() vs ARRAY_SIZE() bug The "buf" pointer is an array of u16 values. This code should beusing ARRAY_SIZE() (which is 256) instead of sizeof() (which is 512),otherwise it can the still got out of bounds.

5.3CVSS7.2AI score0.00103EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.80 views

CVE-2024-39463

In the Linux kernel, the following vulnerability has been resolved: 9p: add missing locking around taking dentry fid list Fix a use-after-free on dentry's d_fsdata fid list when a threadlooks up a fid through dentry while another thread unlinks it: UAF thread:refcount_t: addition on 0; use-after-fr...

7.8CVSS8.4AI score0.00024EPSS
CVE
CVE
added 2024/07/10 8:15 a.m.80 views

CVE-2024-39489

In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix memleak in seg6_hmac_init_algo seg6_hmac_init_algo returns without cleaning up the previous allocationsif one fails, so it's going to leak all that memory and the crypto tfms. Update seg6_hmac_exit to only free the me...

5.5CVSS7.4AI score0.00064EPSS
CVE
CVE
added 2024/07/29 7:15 a.m.80 views

CVE-2024-41015

In the Linux kernel, the following vulnerability has been resolved: ocfs2: add bounds checking to ocfs2_check_dir_entry() This adds sanity checks for ocfs2_dir_entry to make sure all members ofocfs2_dir_entry don't stray beyond valid memory region.

6.6AI score0.00389EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.80 views

CVE-2024-42107

In the Linux kernel, the following vulnerability has been resolved: ice: Don't process extts if PTP is disabled The ice_ptp_extts_event() function can race with ice_ptp_release() andresult in a NULL pointer dereference which leads to a kernel panic. Panic occurs because the ice_ptp_extts_event() fu...

4.7CVSS6.4AI score0.00027EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.80 views

CVE-2024-42272

In the Linux kernel, the following vulnerability has been resolved: sched: act_ct: take care of padding in struct zones_ht_key Blamed commit increased lookup key size from 2 bytes to 16 bytes,because zones_ht_key got a struct net pointer. Make sure rhashtable_lookup() is not using the padding bytes...

5.5CVSS6.5AI score0.00064EPSS
CVE
CVE
added 2024/09/04 8:15 p.m.80 views

CVE-2024-44999

In the Linux kernel, the following vulnerability has been resolved: gtp: pull network headers in gtp_dev_xmit() syzbot/KMSAN reported use of uninit-value in get_dev_xmit() [1] We must make sure the IPv4 or Ipv6 header is pulled in skb->headbefore accessing fields in them. Use pskb_inet_may_pull(...

7.1CVSS6.9AI score0.00048EPSS
CVE
CVE
added 2024/09/18 7:15 a.m.80 views

CVE-2024-46715

In the Linux kernel, the following vulnerability has been resolved: driver: iio: add missing checks on iio_info's callback access Some callbacks from iio_info structure are accessed without any check, soif a driver doesn't implement them trying to access the correspondingsysfs entries produce a ker...

5.5CVSS6.4AI score0.0006EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.80 views

CVE-2024-46780

In the Linux kernel, the following vulnerability has been resolved: nilfs2: protect references to superblock parameters exposed in sysfs The superblock buffers of nilfs2 can not only be overwritten at runtimefor modifications/repairs, but they are also regularly swapped, replacedduring resizing, an...

5.5CVSS6.3AI score0.00055EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.80 views

CVE-2024-46818

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW]GPIO_ID_UNKNOWN (-1) is not a valid value for array index and thereforeshould be checked in advance. This fixes 5 OVERRUN issues reported by Coverity.

7.8CVSS7.3AI score0.00055EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.80 views

CVE-2024-46861

In the Linux kernel, the following vulnerability has been resolved: usbnet: ipheth: do not stop RX on failing RX callback RX callbacks can fail for multiple reasons: Payload too short Payload formatted incorrecly (e.g. bad NCM framing) Lack of memory None of these should cause the driver to seize u...

5.5CVSS7AI score0.00039EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.80 views

CVE-2024-49890

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: ensure the fw_info is not null before using it This resolves the dereference null return value warningreported by Coverity.

5.5CVSS6.9AI score0.00047EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.80 views

CVE-2024-49899

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Initialize denominators' default to 1 [WHAT & HOW]Variables used as denominators and maybe not assigned to other values,should not be 0. Change their default to 1 so they are never 0. This fixes 10 DIVIDE_BY_ZERO i...

5.5CVSS6.5AI score0.00066EPSS
CVE
CVE
added 2024/11/05 6:15 p.m.80 views

CVE-2024-50108

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Disable PSR-SU on Parade 08-01 TCON too Stuart Hayhurst has found that both at bootup and fullscreen VA-API videois leading to black screens for around 1 second and kernel WARNING [1] traceswhen calling dmub_psr_en...

5.5CVSS5.1AI score0.00035EPSS
CVE
CVE
added 2024/11/08 6:15 a.m.80 views

CVE-2024-50193

In the Linux kernel, the following vulnerability has been resolved: x86/entry_32: Clear CPU buffers after register restore in NMI return CPU buffers are currently cleared after call to exc_nmi, but beforeregister state is restored. This may be okay for MDS mitigation but not forRDFS. Because RDFS m...

7.1CVSS6.3AI score0.00045EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.80 views

CVE-2024-50257

In the Linux kernel, the following vulnerability has been resolved: netfilter: Fix use-after-free in get_info() ip6table_nat module unload has refcnt warning for UAF. call trace is: WARNING: CPU: 1 PID: 379 at kernel/module/main.c:853 module_put+0x6f/0x80Modules linked in: ip6table_nat(-)CPU: 1 UID...

7.8CVSS6.5AI score0.00058EPSS
CVE
CVE
added 2024/12/02 2:15 p.m.80 views

CVE-2024-53106

In the Linux kernel, the following vulnerability has been resolved: ima: fix buffer overrun in ima_eventdigest_init_common Function ima_eventdigest_init() calls ima_eventdigest_init_common()with HASH_ALGO__LAST which is then used to access the arrayhash_digest_size[] leading to buffer overrun. Have...

6.6AI score0.00059EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.80 views

CVE-2024-56535

In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: coex: check NULL return of kmalloc in btc_fw_set_monreg() kmalloc may fail, return value might be NULL and will causeNULL pointer dereference. Add check NULL return of kmalloc inbtc_fw_set_monreg().

5.5CVSS6.6AI score0.00023EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.80 views

CVE-2024-56544

In the Linux kernel, the following vulnerability has been resolved: udmabuf: change folios array from kmalloc to kvmalloc When PAGE_SIZE 4096, MAX_PAGE_ORDER 10, 64bit machine,page_alloc only support 4MB.If above this, trigger this warn and return NULL. udmabuf can change size limit, if change it t...

5.5CVSS6.5AI score0.00031EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.80 views

CVE-2024-56550

In the Linux kernel, the following vulnerability has been resolved: s390/stacktrace: Use break instead of return statement arch_stack_walk_user_common() contains a return statement instead of abreak statement in case store_ip() fails while trying to store a callchainentry of a user space process.Th...

6.5AI score0.00042EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.80 views

CVE-2024-56582

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix use-after-free in btrfs_encoded_read_endio() Shinichiro reported the following use-after free that sometimes ishappening in our CI system when running fstests' btrfs/284 on a TCMUrunner device: BUG: KASAN: slab-use-after...

7.8CVSS6.4AI score0.00039EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.80 views

CVE-2024-56656

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Fix aggregation ID mask to prevent oops on 5760X chips The 5760X (P7) chip's HW GRO/LRO interface is very similar to that ofthe previous generation (5750X or P5). However, the aggregation IDfields in the completion structu...

5.5CVSS6.6AI score0.00028EPSS
CVE
CVE
added 2025/01/11 1:15 p.m.80 views

CVE-2024-57805

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda-dai: Do not release the link DMA on STOP The linkDMA should not be released on stop trigger since a stream re-startmight happen without closing of the stream. This leaves a short time forother streams to 'stea...

6.9AI score0.00042EPSS
CVE
CVE
added 2025/01/21 1:15 p.m.80 views

CVE-2024-57944

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ti-ads1298: Add NULL check in ads1298_init devm_kasprintf() can return a NULL pointer on failure. A check on thereturn value of such a call in ads1298_init() is missing. Add it.

5.5CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.80 views

CVE-2025-21825

In the Linux kernel, the following vulnerability has been resolved: bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT During the update procedure, when overwrite element in a pre-allocatedhtab, the freeing of old_element is protected by the bucket lock. Thereason why the bucket lock ...

6.9AI score0.00039EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.80 views

CVE-2025-22038

In the Linux kernel, the following vulnerability has been resolved: ksmbd: validate zero num_subauth before sub_auth is accessed Access psid->sub_auth[psid->num_subauth - 1] without checkingif num_subauth is non-zero leads to an out-of-bounds read.This patch adds a validation step to ensure n...

7.1CVSS6.5AI score0.00023EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.80 views

CVE-2025-37757

In the Linux kernel, the following vulnerability has been resolved: tipc: fix memory leak in tipc_link_xmit In case the backlog transmit queue for system-importance messages is overloaded,tipc_link_xmit() returns -ENOBUFS but the skb list is not purged. This leads tomemory leak and failure when a s...

6.9AI score0.00049EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.80 views

CVE-2025-40325

In the Linux kernel, the following vulnerability has been resolved: md/raid10: wait barrier before returning discard request with REQ_NOWAIT raid10_handle_discard should wait barrier before returning a discard biowhich has REQ_NOWAIT. And there is no need to print warning calltraceif a discard bio ...

6.6AI score0.00027EPSS
CVE
CVE
added 2021/05/18 12:15 p.m.79 views

CVE-2002-2438

TCP firewalls could be circumvented by sending a SYN Packets with other flags (like e.g. RST flag) set, which was not correctly discarded by the Linux TCP stack after firewalling.

7.5CVSS7.4AI score0.04663EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.79 views

CVE-2008-4933

Buffer overflow in the hfsplus_find_cat function in fs/hfsplus/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfsplus filesystem image with an invalid catalog namelength field, related to the hfsplus_cat_build...

7.8CVSS5.4AI score0.00995EPSS
CVE
CVE
added 2009/01/21 2:30 a.m.79 views

CVE-2009-0031

Memory leak in the keyctl_join_session_keyring function (security/keys/keyctl.c) in Linux kernel 2.6.29-rc2 and earlier allows local users to cause a denial of service (kernel memory consumption) via unknown vectors related to a "missing kfree."

4.9CVSS5.7AI score0.00047EPSS
CVE
CVE
added 2010/01/19 4:30 p.m.79 views

CVE-2010-0007

net/bridge/netfilter/ebtables.c in the ebtables module in the netfilter framework in the Linux kernel before 2.6.33-rc4 does not require the CAP_NET_ADMIN capability for setting or modifying rules, which allows local users to bypass intended access restrictions and configure arbitrary network-traff...

2.1CVSS6.6AI score0.00068EPSS
CVE
CVE
added 2010/04/12 6:30 p.m.79 views

CVE-2010-1146

The Linux kernel 2.6.33.2 and earlier, when a ReiserFS filesystem exists, does not restrict read or write access to the .reiserfs_priv directory, which allows local users to gain privileges by modifying (1) extended attributes or (2) ACLs, as demonstrated by deleting a file under .reiserfs_priv/xat...

6.9CVSS6.8AI score0.00147EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.79 views

CVE-2011-4326

The udp6_ufo_fragment function in net/ipv6/udp.c in the Linux kernel before 2.6.39, when a certain UDP Fragmentation Offload (UFO) configuration is enabled, allows remote attackers to cause a denial of service (system crash) by sending fragmented IPv6 UDP packets to a bridge device.

7.1CVSS5.7AI score0.01502EPSS
CVE
CVE
added 2012/07/03 4:40 p.m.79 views

CVE-2012-0045

The em_syscall function in arch/x86/kvm/emulate.c in the KVM implementation in the Linux kernel before 3.2.14 does not properly handle the 0f05 (aka syscall) opcode, which allows guest OS users to cause a denial of service (guest OS crash) via a crafted application, as demonstrated by an NASM file.

4.7CVSS5.8AI score0.00564EPSS
CVE
CVE
added 2013/03/01 12:37 p.m.79 views

CVE-2013-0228

The xen_iret function in arch/x86/xen/xen-asm_32.S in the Linux kernel before 3.7.9 on 32-bit Xen paravirt_ops platforms does not properly handle an invalid value in the DS segment register, which allows guest OS users to gain guest OS privileges via a crafted application.

6.2CVSS6.5AI score0.00091EPSS
CVE
CVE
added 2013/03/22 11:59 a.m.79 views

CVE-2013-1860

Heap-based buffer overflow in the wdm_in_callback function in drivers/usb/class/cdc-wdm.c in the Linux kernel before 3.8.4 allows physically proximate attackers to cause a denial of service (system crash) or possibly execute arbitrary code via a crafted cdc-wdm USB device.

6.9CVSS6.6AI score0.00149EPSS
CVE
CVE
added 2013/06/07 2:3 p.m.79 views

CVE-2013-2850

Heap-based buffer overflow in the iscsi_add_notunderstood_response function in drivers/target/iscsi/iscsi_target_parameters.c in the iSCSI target subsystem in the Linux kernel through 3.9.4 allows remote attackers to cause a denial of service (memory corruption and OOPS) or possibly execute arbitra...

7.9CVSS9.7AI score0.19016EPSS
CVE
CVE
added 2014/01/06 4:55 p.m.79 views

CVE-2013-7269

The nr_recvmsg function in net/netrom/af_netrom.c in the Linux kernel before 3.12.4 updates a certain length value without ensuring that an associated data structure has been initialized, which allows local users to obtain sensitive information from kernel memory via a (1) recvfrom, (2) recvmmsg, o...

4.9CVSS4.7AI score0.00048EPSS
CVE
CVE
added 2014/03/11 1:1 p.m.79 views

CVE-2014-0100

Race condition in the inet_frag_intern function in net/ipv4/inet_fragment.c in the Linux kernel through 3.13.6 allows remote attackers to cause a denial of service (use-after-free error) or possibly have unspecified other impact via a large series of fragmented ICMP Echo Request packets to a system...

9.3CVSS6.6AI score0.00496EPSS
CVE
CVE
added 2016/12/28 7:59 a.m.79 views

CVE-2016-6786

kernel/events/core.c in the performance subsystem in the Linux kernel before 4.0 mismanages locks during certain migrations, which allows local users to gain privileges via a crafted application, aka Android internal bug 30955111.

7CVSS6.4AI score0.00086EPSS
Total number of security vulnerabilities9933