Lucene search

K

9994 matches found

CVE
CVE
added 2013/02/18 4:41 a.m.74 views

CVE-2012-4530

The load_script function in fs/binfmt_script.c in the Linux kernel before 3.7.2 does not properly handle recursion, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

2.1CVSS6.7AI score0.00362EPSS
CVE
CVE
added 2013/03/22 11:59 a.m.74 views

CVE-2013-1797

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use of a guest physical address (GPA) in (1) movable ...

6.8CVSS7.5AI score0.00458EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.74 views

CVE-2013-3224

The bt_sock_recvmsg function in net/bluetooth/af_bluetooth.c in the Linux kernel before 3.9-rc7 does not properly initialize a certain length variable, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5AI score0.00078EPSS
CVE
CVE
added 2013/04/22 11:41 a.m.74 views

CVE-2013-3234

The rose_recvmsg function in net/rose/af_rose.c in the Linux kernel before 3.9-rc7 does not initialize a certain data structure, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call.

4.9CVSS5.7AI score0.00075EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.74 views

CVE-2014-3182

Array index error in the logi_dj_raw_event function in drivers/hid/hid-logitech-dj.c in the Linux kernel before 3.16.2 allows physically proximate attackers to execute arbitrary code or cause a denial of service (invalid kfree) via a crafted device that provides a malformed REPORT_TYPE_NOTIF_DEVICE...

6.9CVSS6.5AI score0.00142EPSS
CVE
CVE
added 2014/09/28 7:55 p.m.74 views

CVE-2014-3535

include/linux/netdevice.h in the Linux kernel before 2.6.36 incorrectly uses macros for netdev_printk and its related logging implementation, which allows remote attackers to cause a denial of service (NULL pointer dereference and system crash) by sending invalid packets to a VxLAN interface.

7.8CVSS5.1AI score0.00821EPSS
CVE
CVE
added 2014/09/28 10:55 a.m.74 views

CVE-2014-3631

The assoc_array_gc function in the associative-array implementation in lib/assoc_array.c in the Linux kernel before 3.16.3 does not properly implement garbage collection, which allows local users to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified o...

7.2CVSS6.4AI score0.00364EPSS
CVE
CVE
added 2016/11/16 5:59 a.m.74 views

CVE-2015-8961

The __ext4_journal_stop function in fs/ext4/ext4_jbd2.c in the Linux kernel before 4.3.3 allows local users to gain privileges or cause a denial of service (use-after-free) by leveraging improper access to a certain error field.

9.3CVSS7.6AI score0.00246EPSS
CVE
CVE
added 2018/06/21 1:29 p.m.74 views

CVE-2016-10723

An issue was discovered in the Linux kernel through 4.17.2. Since the page allocator does not yield CPU resources to the owner of the oom_lock mutex, a local unprivileged user can trivially lock up the system forever by wasting CPU resources from the page allocator (e.g., via concurrent page fault ...

5.5CVSS5.6AI score0.00106EPSS
CVE
CVE
added 2018/06/22 12:29 a.m.74 views

CVE-2018-12633

An issue was discovered in the Linux kernel through 4.17.2. vbg_misc_device_ioctl() in drivers/virt/vboxguest/vboxguest_linux.c reads the same user data twice with copy_from_user. The header part of the user data is double-fetched, and a malicious user thread can tamper with the critical variables ...

6.3CVSS7AI score0.00025EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.74 views

CVE-2021-47259

In the Linux kernel, the following vulnerability has been resolved: NFS: Fix use-after-free in nfs4_init_client() KASAN reports a use-after-free when attempting to mount two differentexports through two different NICs that belong to the same server. Olga was able to hit this with kernels starting s...

7.5CVSS8.2AI score0.00066EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.74 views

CVE-2021-47362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: Update intermediate power state for SI Update the current state as boot state during dpm initialization.During the subsequent initialization, set_power_state gets called totransition to the final power state. set_power_...

5.5CVSS6.7AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.74 views

CVE-2021-47374

In the Linux kernel, the following vulnerability has been resolved: dma-debug: prevent an error message from causing runtime problems For some drivers, that use the DMA API. This error message can be reachedseveral millions of times per second, causing spam to the kernel's printkbuffer and bringing...

5.5CVSS6.6AI score0.00014EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.74 views

CVE-2021-47418

In the Linux kernel, the following vulnerability has been resolved: net_sched: fix NULL deref in fifo_set_limit() syzbot reported another NULL deref in fifo_set_limit() [1] I could repro the issue with : unshare -ntc qd add dev lo root handle 1:0 tbf limit 200000 burst 70000 rate 100Mbittc qd repla...

5.5CVSS6.5AI score0.00013EPSS
CVE
CVE
added 2024/05/22 7:15 a.m.74 views

CVE-2021-47464

In the Linux kernel, the following vulnerability has been resolved: audit: fix possible null-pointer dereference in audit_filter_rules Fix possible null-pointer dereference in audit_filter_rules. audit_filter_rules() error: we previously assumed 'ctx' could be null

7.4CVSS8.2AI score0.00027EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.74 views

CVE-2021-47486

In the Linux kernel, the following vulnerability has been resolved: riscv, bpf: Fix potential NULL dereference The bpf_jit_binary_free() function requires a non-NULL argument. Whenthe RISC-V BPF JIT fails to converge in NR_JIT_ITERATIONS steps,jit_data->header will be NULL, which triggers a NULL...

7.5CVSS8.2AI score0.00117EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.74 views

CVE-2021-47490

In the Linux kernel, the following vulnerability has been resolved: drm/ttm: fix memleak in ttm_transfered_destroy We need to cleanup the fences for ghost objects as well. Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214029Bug: https://bugzilla.kernel.org/show_bug.cgi?id=214447

5.5CVSS6.8AI score0.00027EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.74 views

CVE-2021-47511

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: oss: Fix negative period/buffer sizes The period size calculation in OSS layer may receive a negative valueas an error, but the code there assumes only the positive values andhandle them with size_t. Due to that, a too b...

5.5CVSS7AI score0.00008EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.74 views

CVE-2021-47602

In the Linux kernel, the following vulnerability has been resolved: mac80211: track only QoS data frames for admission control For admission control, obviously all of that only works forQoS data frames, otherwise we cannot even access the QoSfield in the header. Syzbot reported (see below) an unini...

5.5CVSS7AI score0.00017EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.74 views

CVE-2021-47638

In the Linux kernel, the following vulnerability has been resolved: ubifs: rename_whiteout: Fix double free for whiteout_ui->data 'whiteout_ui->data' will be freed twice if space budget fail forrename whiteout operation as following process: rename_whiteoutdev = kmallocwhiteout_ui->data = ...

5.5CVSS5.5AI score0.00024EPSS
CVE
CVE
added 2022/10/17 9:15 a.m.74 views

CVE-2022-3533

A vulnerability was found in Linux Kernel. It has been rated as problematic. This issue affects the function parse_usdt_arg of the file tools/lib/bpf/usdt.c of the component BPF. The manipulation of the argument reg_name leads to memory leak. It is recommended to apply a patch to fix this issue. Th...

5.7CVSS5.1AI score0.00021EPSS
CVE
CVE
added 2024/04/28 1:15 p.m.74 views

CVE-2022-48666

In the Linux kernel, the following vulnerability has been resolved: scsi: core: Fix a use-after-free There are two .exit_cmd_priv implementations. Both implementations useresources associated with the SCSI host. Make sure that these resources arestill available when .exit_cmd_priv is called by wait...

7.4CVSS6.6AI score0.00015EPSS
CVE
CVE
added 2024/05/03 3:15 p.m.74 views

CVE-2022-48689

In the Linux kernel, the following vulnerability has been resolved: tcp: TX zerocopy should not sense pfmemalloc status We got a recent syzbot report [1] showing a possible misuseof pfmemalloc page status in TCP zerocopy paths. Indeed, for pages coming from user space or other layers,using page_is_...

7CVSS6.5AI score0.00012EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.74 views

CVE-2022-48775

In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Fix memory leak in vmbus_add_channel_kobj kobject_init_and_add() takes reference even when it fails.According to the doc of kobject_init_and_add(): If this function returns an error, kobject_put() must be called...

5.5CVSS6.5AI score0.00052EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.74 views

CVE-2022-48790

In the Linux kernel, the following vulnerability has been resolved: nvme: fix a possible use-after-free in controller reset during load Unlike .queue_rq, in .submit_async_event drivers may not check the ctrlreadiness for AER submission. This may lead to a use-after-freecondition that was observed w...

7CVSS7.5AI score0.00049EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49044

In the Linux kernel, the following vulnerability has been resolved: dm integrity: fix memory corruption when tag_size is less than digest size It is possible to set up dm-integrity in such a way that the"tag_size" parameter is less than the actual digest size. In thissituation, a part of the digest...

5.6AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49085

In the Linux kernel, the following vulnerability has been resolved: drbd: Fix five use after free bugs in get_initial_state In get_initial_state, it calls notify_initial_state_done(skb,..) ifcb->args[5]==1. If genlmsg_put() failed in notify_initial_state_done(),the skb will be freed by nlmsg_fre...

7.8CVSS5.6AI score0.00056EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49103

In the Linux kernel, the following vulnerability has been resolved: NFSv4.2: fix reference count leaks in _nfs42_proc_copy_notify() [You don't often get email from [email protected]. Learn why this is important at http://aka.ms/LearnAboutSenderIdentification.] The reference counting issue happe...

5.5CVSS5.5AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49131

In the Linux kernel, the following vulnerability has been resolved: ath11k: fix kernel panic during unload/load ath11k modules Call netif_napi_del() from ath11k_ahb_free_ext_irq() to fixthe following kernel panic when unload/load ath11k modulesfor few iterations. [ 971.201365] Unable to handle kern...

5.5CVSS6.4AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49151

In the Linux kernel, the following vulnerability has been resolved: can: mcba_usb: properly check endpoint type Syzbot reported warning in usb_submit_urb() which is caused by wrongendpoint type. We should check that in endpoint is actually present toprevent this warning. Found pipes are now saved t...

5.3AI score0.00075EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49154

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix panic on out-of-bounds guest IRQ As guest_irq is coming from KVM_IRQFD API call, it may triggercrash in svm_update_pi_irte() due to out-of-bounds: crash> btPID: 22218 TASK: ffff951a6ad74980 CPU: 73 COMMAND: "vcpu8"...

5.4AI score0.00061EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49201

In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead toibmvnic_xmit() accessing an scrq after it has been freed in the resetpath. It can result in a crash like: Kernel attempte...

4.7CVSS5.2AI score0.00019EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.74 views

CVE-2022-49209

In the Linux kernel, the following vulnerability has been resolved: bpf, sockmap: Fix memleak in tcp_bpf_sendmsg while sk msg is full If tcp_bpf_sendmsg() is running while sk msg is full. When sk_msg_alloc()returns -ENOMEM error, tcp_bpf_sendmsg() goes to wait_for_memory. If partialmemory has been ...

5.5CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49248

In the Linux kernel, the following vulnerability has been resolved: ALSA: firewire-lib: fix uninitialized flag for AV/C deferred transaction AV/C deferred transaction was supported at a commit 00a7bb81c20f ("ALSA:firewire-lib: Add support for deferred transaction") while 'deferrable'flag can be uni...

6.5AI score0.00116EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49259

In the Linux kernel, the following vulnerability has been resolved: block: don't delete queue kobject before its children kobjects aren't supposed to be deleted before their child kobjects aredeleted. Apparently this is usually benign; however, a WARN will betriggered if one of the child kobjects h...

5.4AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49308

In the Linux kernel, the following vulnerability has been resolved: extcon: Modify extcon device to be created after driver data is set Currently, someone can invoke the sysfs such as state_show()intermittently before dev_set_drvdata() is done.And it can be a cause of kernel Oops because of edev is...

5.2AI score0.00084EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49311

In the Linux kernel, the following vulnerability has been resolved: drivers: staging: rtl8192bs: Fix deadlock in rtw_joinbss_event_prehandle() There is a deadlock in rtw_joinbss_event_prehandle(), which is shownbelow: (Thread 1) | (Thread 2)| _set_timer()rtw_joinbss_event_prehandle()| mod_timer()sp...

5.5CVSS6.4AI score0.00036EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49327

In the Linux kernel, the following vulnerability has been resolved: bcache: avoid journal no-space deadlock by reserving 1 journal bucket The journal no-space deadlock was reported time to time. Such deadlockcan happen in the following situation. When all journal buckets are fully filled by active ...

5.5CVSS5.4AI score0.00035EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49331

In the Linux kernel, the following vulnerability has been resolved: nfc: st21nfca: fix memory leaks in EVT_TRANSACTION handling Error paths do not free previously allocated memory. Add devm_kfree() tothose failure paths.

5.5CVSS6.6AI score0.00023EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49390

In the Linux kernel, the following vulnerability has been resolved: macsec: fix UAF bug for real_dev Create a new macsec device but not get reference to real_dev. That cannot ensure that real_dev is freed after macsec. That will trigger theUAF bug for real_dev as following: ========================...

7.8CVSS5.4AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49514

In the Linux kernel, the following vulnerability has been resolved: ASoC: mediatek: Fix error handling in mt8173_max98090_dev_probe Call of_node_put(platform_node) to avoid refcount leak inthe error path.

5.5CVSS5.3AI score0.00023EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49657

In the Linux kernel, the following vulnerability has been resolved: usbnet: fix memory leak in error case usbnet_write_cmd_async() mixed up which buffersneed to be freed in which error case. v2: add Fixes tagv3: fix uninitialized buf pointer

5.5CVSS5.3AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.74 views

CVE-2022-49694

In the Linux kernel, the following vulnerability has been resolved: block: disable the elevator int del_gendisk The elevator is only used for file system requests, which are stopped indel_gendisk. Move disabling the elevator and freeing the scheduler tagsto the end of del_gendisk instead of doing t...

7.8CVSS5.5AI score0.00032EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.74 views

CVE-2022-49788

In the Linux kernel, the following vulnerability has been resolved: misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram() struct vmci_event_qp allocated by qp_notify_peer() contains padding,which may carry uninitialized data to the userspace, as observed byKMSAN: BUG: KMSAN: kernel-info...

6.3AI score0.00071EPSS
CVE
CVE
added 2025/05/01 3:16 p.m.74 views

CVE-2022-49862

In the Linux kernel, the following vulnerability has been resolved: tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header This is a follow-up for commit 974cb0e3e7c9 ("tipc: fix uninit-valuein tipc_nl_compat_name_table_dump") where it should have type castedsizeof(..) to ...

5.5CVSS6.5AI score0.00018EPSS
CVE
CVE
added 2023/01/30 2:15 p.m.74 views

CVE-2023-0240

There is a logic error in io_uring's implementation which can be used to trigger a use-after-free vulnerability leading to privilege escalation. In the io_prep_async_work function the assumption that the last io_grab_identity call cannot return false is not true, and in this case the function will ...

7.8CVSS7.7AI score0.00021EPSS
CVE
CVE
added 2023/07/24 4:15 p.m.74 views

CVE-2023-32252

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_LOGOFF commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create...

7.5CVSS7.9AI score0.00133EPSS
CVE
CVE
added 2023/07/24 4:15 p.m.74 views

CVE-2023-32257

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage t...

8.1CVSS8.4AI score0.00084EPSS
CVE
CVE
added 2024/03/02 10:15 p.m.74 views

CVE-2023-52500

In the Linux kernel, the following vulnerability has been resolved: scsi: pm80xx: Avoid leaking tags when processing OPC_INB_SET_CONTROLLER_CONFIG command Tags allocated for OPC_INB_SET_CONTROLLER_CONFIG command need to be freedwhen we receive the response.

5.5CVSS6.4AI score0.0001EPSS
CVE
CVE
added 2024/03/02 10:15 p.m.74 views

CVE-2023-52568

In the Linux kernel, the following vulnerability has been resolved: x86/sgx: Resolves SECS reclaim vs. page fault for EAUG race The SGX EPC reclaimer (ksgxd) may reclaim the SECS EPC page for anenclave and set secs.epc_page to NULL. The SECS page is used for EAUGand ELDU in the SGX page fault handl...

4.7CVSS6.1AI score0.00018EPSS
Total number of security vulnerabilities9994