Lucene search

K

9994 matches found

CVE
CVE
added 2024/05/19 11:15 a.m.75 views

CVE-2024-35926

In the Linux kernel, the following vulnerability has been resolved: crypto: iaa - Fix async_disable descriptor leak The disable_async paths of iaa_compress/decompress() don't free idxddescriptors in the async_disable case. Currently this only happens inthe testcases where req->dst is set to null...

6.6AI score0.00051EPSS
CVE
CVE
added 2024/05/30 3:15 p.m.75 views

CVE-2024-36026

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fixes a random hang in S4 for SMU v13.0.4/11 While doing multiple S4 stress tests, GC/RLC/PMFW get intoan invalid state resulting into hard hangs. Adding a GFX reset as workaround just before sending theMP1_UNLOAD messa...

6.8AI score0.0004EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.75 views

CVE-2024-37078

In the Linux kernel, the following vulnerability has been resolved: nilfs2: fix potential kernel bug due to lack of writeback flag waiting Destructive writes to a block device on which nilfs2 is mounted can causea kernel bug in the folio/page writeback start routine or writeback endroutine (__folio...

6.9AI score0.0005EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.75 views

CVE-2024-38661

In the Linux kernel, the following vulnerability has been resolved: s390/ap: Fix crash in AP internal function modify_bitmap() A system crash like this Failing address: 200000cb7df6f000 TEID: 200000cb7df6f403Fault in home space mode while using kernel ASCE.AS:00000002d71bc007 R3:00000003fe5b8007 S:...

5.5CVSS7.1AI score0.00015EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.75 views

CVE-2024-39495

In the Linux kernel, the following vulnerability has been resolved: greybus: Fix use-after-free bug in gb_interface_release due to race condition. In gb_interface_create, &intf->mode_switch_completion is bound withgb_interface_mode_switch_work. Then it will be started bygb_interface_request_mode...

7.8CVSS7.7AI score0.00072EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.75 views

CVE-2024-40932

In the Linux kernel, the following vulnerability has been resolved: drm/exynos/vidi: fix memory leak in .get_modes() The duplicated EDID is never freed. Fix it.

5.5CVSS7.1AI score0.00011EPSS
CVE
CVE
added 2024/07/30 8:15 a.m.75 views

CVE-2024-42108

In the Linux kernel, the following vulnerability has been resolved: net: rswitch: Avoid use-after-free in rswitch_poll() The use-after-free is actually in rswitch_tx_free(), which is inlined inrswitch_poll(). Since skb and gq->skbs[gq->dirty] are in fact thesame pointer, the skb is first free...

5.5CVSS6.6AI score0.00046EPSS
CVE
CVE
added 2024/08/17 9:15 a.m.75 views

CVE-2024-42295

In the Linux kernel, the following vulnerability has been resolved: nilfs2: handle inconsistent state in nilfs_btnode_create_block() Syzbot reported that a buffer state inconsistency was detected innilfs_btnode_create_block(), triggering a kernel bug. It is not appropriate to treat this inconsisten...

6.6AI score0.00194EPSS
CVE
CVE
added 2024/08/17 10:15 a.m.75 views

CVE-2024-43831

In the Linux kernel, the following vulnerability has been resolved: media: mediatek: vcodec: Handle invalid decoder vsi Handle an invalid decoder vsi in vpu_dec_init to ensure the decoder vsiis valid for future use.

6.5AI score0.0012EPSS
CVE
CVE
added 2024/09/04 7:15 p.m.75 views

CVE-2024-44950

In the Linux kernel, the following vulnerability has been resolved: serial: sc16is7xx: fix invalid FIFO access with special register set When enabling access to the special register set, Receiver time-out andRHR interrupts can happen. In this case, the IRQ handler will try to readfrom the FIFO thru...

5.5CVSS7.1AI score0.00066EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.75 views

CVE-2024-46755

In the Linux kernel, the following vulnerability has been resolved: wifi: mwifiex: Do not return unused priv in mwifiex_get_priv_by_id() mwifiex_get_priv_by_id() returns the priv pointer corresponding tothe bss_num and bss_type, but without checking if the priv is actuallycurrently in use.Unused pr...

5.5CVSS6AI score0.00084EPSS
CVE
CVE
added 2024/09/27 1:15 p.m.75 views

CVE-2024-46817

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Stop amdgpu_dm initialize when stream nums greater than 6 [Why]Coverity reports OVERRUN warning. Should abort amdgpu_dminitialize. [How]Return failure to amdgpu_dm_init.

5.5CVSS6.2AI score0.00036EPSS
CVE
CVE
added 2024/10/21 1:15 p.m.75 views

CVE-2024-47727

In the Linux kernel, the following vulnerability has been resolved: x86/tdx: Fix "in-kernel MMIO" check TDX only supports kernel-initiated MMIO operations. The handle_mmio()function checks if the #VE exception occurred in the kernel and rejectsthe operation if it did not. However, userspace can dec...

7.8CVSS7.1AI score0.00048EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.75 views

CVE-2024-49865

In the Linux kernel, the following vulnerability has been resolved: drm/xe/vm: move xa_alloc to prevent UAF Evil user can guess the next id of the vm before the ioctl completes andthen call vm destroy ioctl to trigger UAF since create ioctl is stillreferencing the same vm. Move the xa_alloc all the...

7.8CVSS7.4AI score0.00049EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.75 views

CVE-2024-49874

In the Linux kernel, the following vulnerability has been resolved: i3c: master: svc: Fix use after free vulnerability in svc_i3c_master Driver Due to Race Condition In the svc_i3c_master_probe function, &master->hj_work is bound withsvc_i3c_master_hj_work, &master->ibi_work is bound withsvc_...

7CVSS6.5AI score0.00048EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.75 views

CVE-2024-49901

In the Linux kernel, the following vulnerability has been resolved: drm/msm/adreno: Assign msm_gpu->pdev earlier to avoid nullptrs There are some cases, such as the one uncovered by Commit 46d4efcccc68("drm/msm/a6xx: Avoid a nullptr dereference when speedbin setting fails")where msm_gpu_cleanup(...

5.5CVSS5.1AI score0.00048EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.75 views

CVE-2024-49972

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Deallocate DML memory if allocation fails [Why]When DC state create DML memory allocation fails, memory is notdeallocated subsequently, resulting in uninitialized structurethat is not NULL. [How]Deallocate memory i...

5.5CVSS5.2AI score0.00047EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.75 views

CVE-2024-49986

In the Linux kernel, the following vulnerability has been resolved: platform/x86: x86-android-tablets: Fix use after free on platform_device_register() errors x86_android_tablet_remove() frees the pdevs[] array, so it should notbe used after calling x86_android_tablet_remove(). When platform_device...

7.8CVSS7.3AI score0.00047EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.75 views

CVE-2024-50042

In the Linux kernel, the following vulnerability has been resolved: ice: Fix increasing MSI-X on VF Increasing MSI-X value on a VF leads to invalid memory operations. Thisis caused by not reallocating some arrays. Reproducer:modprobe iceecho 0 > /sys/bus/pci/devices/$PF_PCI/sriov_drivers_autopro...

7.1CVSS6.6AI score0.00037EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.75 views

CVE-2024-50065

In the Linux kernel, the following vulnerability has been resolved: ntfs3: Change to non-blocking allocation in ntfs_d_hash d_hash is done while under "rcu-walk" and should not sleep.__get_name() allocates using GFP_KERNEL, having the possibilityto sleep when under memory pressure. Change the alloc...

5.5CVSS5.2AI score0.0003EPSS
CVE
CVE
added 2024/11/05 6:15 p.m.75 views

CVE-2024-50105

In the Linux kernel, the following vulnerability has been resolved: ASoC: qcom: sc7280: Fix missing Soundwire runtime stream alloc Commit 15c7fab0e047 ("ASoC: qcom: Move Soundwire runtime stream alloc tosoundcards") moved the allocation of Soundwire stream runtime from theQualcomm Soundwire driver ...

5.5CVSS5.3AI score0.00045EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.75 views

CVE-2024-50231

In the Linux kernel, the following vulnerability has been resolved: iio: gts-helper: Fix memory leaks in iio_gts_build_avail_scale_table() modprobe iio-test-gts and rmmod it, then the following memory leakoccurs: unreferenced object 0xffffff80c810be00 (size 64): comm "kunit_try_catch", pid 1654, ji...

5.5CVSS5.2AI score0.00028EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.75 views

CVE-2024-50232

In the Linux kernel, the following vulnerability has been resolved: iio: adc: ad7124: fix division by zero in ad7124_set_channel_odr() In the ad7124_write_raw() function, parameter val can potentiallybe zero. This may lead to a division by zero when DIV_ROUND_CLOSEST()is called within ad7124_set_ch...

5.5CVSS5.1AI score0.00049EPSS
CVE
CVE
added 2024/11/19 2:16 a.m.75 views

CVE-2024-50285

In the Linux kernel, the following vulnerability has been resolved: ksmbd: check outstanding simultaneous SMB operations If Client send simultaneous SMB operations to ksmbd, It exhausts too muchmemory through the "ksmbd_work_cache”. It will cause OOM issue.ksmbd has a credit mechanism but it can't ...

5.5CVSS6.5AI score0.00028EPSS
CVE
CVE
added 2025/01/11 1:15 p.m.75 views

CVE-2024-51729

In the Linux kernel, the following vulnerability has been resolved: mm: use aligned address in copy_user_gigantic_page() In current kernel, hugetlb_wp() calls copy_user_large_folio() with thefault address. Where the fault address may be not aligned with the hugepage size. Then, copy_user_large_foli...

6.4AI score0.00042EPSS
CVE
CVE
added 2024/12/27 2:15 p.m.75 views

CVE-2024-53185

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix NULL ptr deref in crypto_aead_setkey() Neither SMB3.0 or SMB3.02 supports encryption negotiate context, sowhen SMB2_GLOBAL_CAP_ENCRYPTION flag is set in the negotiate response,the client uses AES-128-CCM as the def...

7.8CVSS6.3AI score0.0002EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.75 views

CVE-2024-56556

In the Linux kernel, the following vulnerability has been resolved: binder: fix node UAF in binder_add_freeze_work() In binder_add_freeze_work() we iterate over the proc->nodes with theproc->inner_lock held. However, this lock is temporarily dropped inorder to acquire the node->lock first ...

7.8CVSS6.5AI score0.0002EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.75 views

CVE-2024-56588

In the Linux kernel, the following vulnerability has been resolved: scsi: hisi_sas: Create all dump files during debugfs initialization For the current debugfs of hisi_sas, after user triggers dump, thedriver allocate memory space to save the register information and createdebugfs files to display ...

5.5CVSS6.1AI score0.00032EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.75 views

CVE-2024-56621

In the Linux kernel, the following vulnerability has been resolved: scsi: ufs: core: Cancel RTC work during ufshcd_remove() Currently, RTC work is only cancelled during __ufshcd_wl_suspend(). Whenufshcd is removed in ufshcd_remove(), RTC work is not cancelled. Due tothis, any further trigger of the...

5.5CVSS6.3AI score0.00032EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.75 views

CVE-2024-56649

In the Linux kernel, the following vulnerability has been resolved: net: enetc: Do not configure preemptible TCs if SIs do not support Both ENETC PF and VF drivers share enetc_setup_tc_mqprio() to configureMQPRIO. And enetc_setup_tc_mqprio() calls enetc_change_preemptible_tcs()to configure preempti...

5.5CVSS6.4AI score0.00023EPSS
CVE
CVE
added 2025/03/06 4:15 p.m.75 views

CVE-2024-58054

In the Linux kernel, the following vulnerability has been resolved: staging: media: max96712: fix kernel oops when removing module The following kernel oops is thrown when trying to remove the max96712module: Unable to handle kernel paging request at virtual address 00007375746174dbMem abort info:E...

7AI score0.00064EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.75 views

CVE-2025-21724

In the Linux kernel, the following vulnerability has been resolved: iommufd/iova_bitmap: Fix shift-out-of-bounds in iova_bitmap_offset_to_index() Resolve a UBSAN shift-out-of-bounds issue in iova_bitmap_offset_to_index()where shifting the constant "1" (of type int) by bitmap->mapped.pgshift(an u...

6.4AI score0.00064EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.75 views

CVE-2025-21725

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix oops due to unset link speed It isn't guaranteed that NETWORK_INTERFACE_INFO::LinkSpeed will alwaysbe set by the server, so the client must handle any values and thenprevent oopses like below from happening: Oops: ...

6.3AI score0.00064EPSS
CVE
CVE
added 2025/02/27 8:16 p.m.75 views

CVE-2025-21821

In the Linux kernel, the following vulnerability has been resolved: fbdev: omap: use threaded IRQ for LCD DMA When using touchscreen and framebuffer, Nokia 770 crashes easily with: BUG: scheduling while atomic: irq/144-ads7846/82/0x00010000 Modules linked in: usb_f_ecm g_ether usb_f_rndis u_ether l...

6.6AI score0.00044EPSS
CVE
CVE
added 2025/04/16 3:15 p.m.75 views

CVE-2025-22036

In the Linux kernel, the following vulnerability has been resolved: exfat: fix random stack corruption after get_block When get_block is called with a buffer_head allocated on the stack, suchas do_mpage_readpage, stack corruption due to buffer_head UAF may occur inthe following race condition situa...

7CVSS6.6AI score0.00018EPSS
CVE
CVE
added 2025/04/16 3:16 p.m.75 views

CVE-2025-22113

In the Linux kernel, the following vulnerability has been resolved: ext4: avoid journaling sb update on error if journal is destroying Presently we always BUG_ON if trying to start a transaction on a journal markedwith JBD2_UNMOUNT, since this should never happen. However, while ltp runningstress t...

6.4AI score0.00044EPSS
CVE
CVE
added 2025/05/01 1:15 p.m.75 views

CVE-2025-23163

In the Linux kernel, the following vulnerability has been resolved: net: vlan: don't propagate flags on open With the device instance lock, there is now a possibility of a deadlock: [ 1.211455] ============================================[ 1.211571] WARNING: possible recursive locking detected[ 1.2...

6.2AI score0.00049EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.75 views

CVE-2025-37803

In the Linux kernel, the following vulnerability has been resolved: udmabuf: fix a buf size overflow issue during udmabuf creation by casting size_limit_mb to u64 when calculate pglimit.

7.8CVSS5.5AI score0.00018EPSS
CVE
CVE
added 2025/05/08 7:15 a.m.75 views

CVE-2025-37819

In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v2m: Prevent use after free of gicv2m_get_fwnode() With ACPI in place, gicv2m_get_fwnode() is registered with the pcisubsystem as pci_msi_get_fwnode_cb(), which may get invoked at runtimeduring a PCI host bridge probe. ...

5.3AI score0.00053EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.75 views

CVE-2025-37925

In the Linux kernel, the following vulnerability has been resolved: jfs: reject on-disk inodes of an unsupported type Syzbot has reported the following BUG: kernel BUG at fs/inode.c:668!Oops: invalid opcode: 0000 [#1] PREEMPT SMP KASAN PTICPU: 3 UID: 0 PID: 139 Comm: jfsCommit Not tainted 6.12.0-rc...

5.5CVSS6.4AI score0.00033EPSS
CVE
CVE
added 2025/04/18 7:15 a.m.75 views

CVE-2025-39989

In the Linux kernel, the following vulnerability has been resolved: x86/mce: use is_copy_from_user() to determine copy-from-user context Patch series "mm/hwpoison: Fix regressions in memory failure handling",v4. 1. What am I trying to do: This patchset resolves two critical regressions related to m...

6.3AI score0.00035EPSS
CVE
CVE
added 2006/10/10 4:6 a.m.74 views

CVE-2006-4997

The clip_mkip function in net/atm/clip.c of the ATM subsystem in Linux kernel allows remote attackers to cause a denial of service (panic) via unknown vectors that cause the ATM subsystem to access the memory of socket buffers after they are freed (freed pointer dereference).

7.5CVSS7AI score0.35021EPSS
CVE
CVE
added 2008/10/03 5:41 p.m.74 views

CVE-2008-3833

The generic_file_splice_write function in fs/splice.c in the Linux kernel before 2.6.19 does not properly strip setuid and setgid bits when there is a write to a file, which allows local users to gain the privileges of a different group, and obtain sensitive information or possibly have unspecified...

4.9CVSS6AI score0.13378EPSS
CVE
CVE
added 2009/12/02 4:30 p.m.74 views

CVE-2009-4027

Race condition in the mac80211 subsystem in the Linux kernel before 2.6.32-rc8-next-20091201 allows remote attackers to cause a denial of service (system crash) via a Delete Block ACK (aka DELBA) packet that triggers a certain state change in the absence of an aggregation session.

7.1CVSS6.3AI score0.01135EPSS
CVE
CVE
added 2010/04/06 10:30 p.m.74 views

CVE-2010-1086

The ULE decapsulation functionality in drivers/media/dvb/dvb-core/dvb_net.c in dvb-core in Linux kernel 2.6.33 and earlier allows attackers to cause a denial of service (infinite loop) via a crafted MPEG2-TS frame, related to an invalid Payload Pointer ULE.

7.8CVSS6.3AI score0.00881EPSS
CVE
CVE
added 2010/05/07 6:30 p.m.74 views

CVE-2010-1451

The TSB I-TLB load implementation in arch/sparc/kernel/tsb.S in the Linux kernel before 2.6.33 on the SPARC platform does not properly obtain the value of a certain _PAGE_EXEC_4U bit and consequently does not properly implement a non-executable stack, which makes it easier for context-dependent att...

2.1CVSS6.6AI score0.00099EPSS
CVE
CVE
added 2012/05/24 11:55 p.m.74 views

CVE-2011-4081

crypto/ghash-generic.c in the Linux kernel before 3.1 allows local users to cause a denial of service (NULL pointer dereference and OOPS) or possibly have unspecified other impact by triggering a failed or missing ghash_setkey function call, followed by a (1) ghash_update function call or (2) ghash...

5.5CVSS5.9AI score0.00058EPSS
CVE
CVE
added 2012/05/17 11:0 a.m.74 views

CVE-2012-0879

The I/O implementation for block devices in the Linux kernel before 2.6.33 does not properly handle the CLONE_IO feature, which allows local users to cause a denial of service (I/O instability) by starting multiple processes that share an I/O context.

5.5CVSS5AI score0.00016EPSS
CVE
CVE
added 2012/12/21 11:47 a.m.74 views

CVE-2012-0957

The override_release function in kernel/sys.c in the Linux kernel before 3.4.16 allows local users to obtain sensitive information from kernel stack memory via a uname system call in conjunction with a UNAME26 personality.

4.9CVSS6.7AI score0.00371EPSS
CVE
CVE
added 2013/01/22 11:55 p.m.74 views

CVE-2012-2137

Buffer overflow in virt/kvm/irq_comm.c in the KVM subsystem in the Linux kernel before 3.2.24 allows local users to cause a denial of service (crash) and possibly execute arbitrary code via vectors related to Message Signaled Interrupts (MSI), irq routing entries, and an incorrect check by the setu...

6.9CVSS7.5AI score0.00049EPSS
Total number of security vulnerabilities9994