Lucene search

K

9994 matches found

CVE
CVE
added 2025/05/08 7:15 a.m.72 views

CVE-2025-37831

In the Linux kernel, the following vulnerability has been resolved: cpufreq: apple-soc: Fix null-ptr-deref in apple_soc_cpufreq_get_rate() cpufreq_cpu_get_raw() can return NULL when the target CPU is not presentin the policy->cpus mask. apple_soc_cpufreq_get_rate() does not checkfor this case, w...

6.7AI score0.00026EPSS
CVE
CVE
added 2025/05/09 7:16 a.m.72 views

CVE-2025-37840

In the Linux kernel, the following vulnerability has been resolved: mtd: rawnand: brcmnand: fix PM resume warning Fixed warning on PM resume as shown below caused due to uninitializedstruct nand_operation that checks chip select field :WARN_ON(op->cs >= nanddev_ntargets(&chip->base) [ 14.5...

6.5AI score0.00049EPSS
CVE
CVE
added 2004/08/06 4:0 a.m.71 views

CVE-2004-0447

Unknown vulnerability in Linux before 2.4.26 for IA64 allows local users to cause a denial of service, with unknown impact. NOTE: due to a typo, this issue was accidentally assigned CVE-2004-0477. This is the proper candidate to use for the Linux local DoS.

7.2CVSS5.9AI score0.00314EPSS
CVE
CVE
added 2006/04/20 10:2 a.m.71 views

CVE-2006-1056

The Linux kernel before 2.6.16.9 and the FreeBSD kernel, when running on AMD64 and other 7th and 8th generation AuthenticAMD processors, only save/restore the FOP, FIP, and FDP x87 registers in FXSAVE/FXRSTOR when an exception is pending, which allows one process to determine portions of the state ...

2.1CVSS5AI score0.00078EPSS
CVE
CVE
added 2008/11/05 3:0 p.m.71 views

CVE-2008-3527

arch/i386/kernel/sysenter.c in the Virtual Dynamic Shared Objects (vDSO) implementation in the Linux kernel before 2.6.21 does not properly check boundaries, which allows local users to gain privileges or cause a denial of service via unspecified vectors, related to the install_special_mapping, sys...

4.6CVSS5.5AI score0.00065EPSS
CVE
CVE
added 2008/11/17 11:30 p.m.71 views

CVE-2008-5025

Stack-based buffer overflow in the hfs_cat_find_brec function in fs/hfs/catalog.c in the Linux kernel before 2.6.28-rc1 allows attackers to cause a denial of service (memory corruption or system crash) via an hfs filesystem image with an invalid catalog namelength field, a related issue to CVE-2008...

7.8CVSS5.5AI score0.012EPSS
CVE
CVE
added 2009/03/18 2:0 a.m.71 views

CVE-2009-0935

The inotify_read function in the Linux kernel 2.6.27 to 2.6.27.13, 2.6.28 to 2.6.28.2, and 2.6.29-rc3 allows local users to cause a denial of service (OOPS) via a read with an invalid address to an inotify instance, which causes the device's event list mutex to be unlocked twice and prevents proper...

5.5CVSS5.1AI score0.00067EPSS
CVE
CVE
added 2009/08/28 3:30 p.m.71 views

CVE-2009-3001

The llc_ui_getname function in net/llc/af_llc.c in the Linux kernel 2.6.31-rc7 and earlier does not initialize a certain data structure, which allows local users to read the contents of some kernel memory locations by calling getsockname on an AF_LLC socket.

4.9CVSS6.1AI score0.00087EPSS
CVE
CVE
added 2009/11/20 2:30 a.m.71 views

CVE-2009-4005

The collect_rx_frame function in drivers/isdn/hisax/hfc_usb.c in the Linux kernel before 2.6.32-rc7 allows attackers to have an unspecified impact via a crafted HDLC packet that arrives over ISDN and triggers a buffer under-read.

7.2CVSS6.8AI score0.00054EPSS
CVE
CVE
added 2010/01/19 4:30 p.m.71 views

CVE-2009-4141

Use-after-free vulnerability in the fasync_helper function in fs/fcntl.c in the Linux kernel before 2.6.33-rc4-git1 allows local users to gain privileges via vectors that include enabling O_ASYNC (aka FASYNC or FIOASYNC) on a locked file, and then closing this file.

7.2CVSS6.6AI score0.00117EPSS
CVE
CVE
added 2011/02/18 8:0 p.m.71 views

CVE-2011-0710

The task_show_regs function in arch/s390/kernel/traps.c in the Linux kernel before 2.6.38-rc4-next-20110216 on the s390 platform allows local users to obtain the values of the registers of an arbitrary process by reading a status file under /proc/.

2.1CVSS7.1AI score0.00108EPSS
CVE
CVE
added 2011/03/01 11:0 p.m.71 views

CVE-2011-1012

The ldm_parse_vmdb function in fs/partitions/ldm.c in the Linux kernel before 2.6.38-rc6-git6 does not validate the VBLK size value in the VMDB structure in an LDM partition table, which allows local users to cause a denial of service (divide-by-zero error and OOPS) via a crafted partition table.

4.9CVSS7.3AI score0.00011EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.71 views

CVE-2012-0028

The robust futex implementation in the Linux kernel before 2.6.28 does not properly handle processes that make exec system calls, which allows local users to cause a denial of service or possibly gain privileges by writing to a memory location in a child process.

7.2CVSS7.2AI score0.00046EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.71 views

CVE-2012-6540

The do_ip_vs_get_ctl function in net/netfilter/ipvs/ip_vs_ctl.c in the Linux kernel before 3.6 does not initialize a certain structure for IP_VS_SO_GET_TIMEOUT commands, which allows local users to obtain sensitive information from kernel stack memory via a crafted application.

1.9CVSS5.5AI score0.00058EPSS
CVE
CVE
added 2013/03/15 8:55 p.m.71 views

CVE-2012-6549

The isofs_export_encode_fh function in fs/isofs/export.c in the Linux kernel before 3.6 does not initialize a certain structure member, which allows local users to obtain sensitive information from kernel heap memory via a crafted application.

1.9CVSS5.4AI score0.00034EPSS
CVE
CVE
added 2013/02/18 4:41 a.m.71 views

CVE-2013-0216

The Xen netback functionality in the Linux kernel before 3.7.8 allows guest OS users to cause a denial of service (loop) by triggering ring pointer corruption.

5.2CVSS5.7AI score0.00076EPSS
CVE
CVE
added 2013/06/07 2:3 p.m.71 views

CVE-2013-2128

The tcp_read_sock function in net/ipv4/tcp.c in the Linux kernel before 2.6.34 does not properly manage skb consumption, which allows local users to cause a denial of service (system crash) via a crafted splice system call for a TCP socket.

5.5CVSS4.8AI score0.00095EPSS
CVE
CVE
added 2013/11/12 2:35 p.m.71 views

CVE-2013-4514

Multiple buffer overflows in drivers/staging/wlags49_h2/wl_priv.c in the Linux kernel before 3.12 allow local users to cause a denial of service or possibly have unspecified other impact by leveraging the CAP_NET_ADMIN capability and providing a long station-name string, related to the (1) wvlan_ui...

4.7CVSS7.5AI score0.00045EPSS
CVE
CVE
added 2013/12/09 6:55 p.m.71 views

CVE-2013-7027

The ieee80211_radiotap_iterator_init function in net/wireless/radiotap.c in the Linux kernel before 3.11.7 does not check whether a frame contains any data outside of the header, which might allow attackers to cause a denial of service (buffer over-read) via a crafted header.

6.1CVSS6.7AI score0.0032EPSS
CVE
CVE
added 2014/04/01 6:35 a.m.71 views

CVE-2014-2673

The arch_dup_task_struct function in the Transactional Memory (TM) implementation in arch/powerpc/kernel/process.c in the Linux kernel before 3.13.7 on the powerpc platform does not properly interact with the clone and fork system calls, which allows local users to cause a denial of service (Progra...

4.7CVSS6.8AI score0.0004EPSS
CVE
CVE
added 2014/11/30 1:59 a.m.71 views

CVE-2014-7843

The __clear_user function in arch/arm64/lib/clear_user.S in the Linux kernel before 3.17.4 on the ARM64 platform allows local users to cause a denial of service (system crash) by reading one byte beyond a /dev/zero page boundary.

4.9CVSS6.7AI score0.00092EPSS
CVE
CVE
added 2016/05/02 10:59 a.m.71 views

CVE-2016-2070

The tcp_cwnd_reduction function in net/ipv4/tcp_input.c in the Linux kernel before 4.3.5 allows remote attackers to cause a denial of service (divide-by-zero error and system crash) via crafted TCP traffic.

7.8CVSS7AI score0.0074EPSS
CVE
CVE
added 2016/04/27 5:59 p.m.71 views

CVE-2016-3135

Integer overflow in the xt_alloc_table_info function in net/netfilter/x_tables.c in the Linux kernel through 4.5.2 on 32-bit platforms allows local users to gain privileges or cause a denial of service (heap memory corruption) via an IPT_SO_SET_REPLACE setsockopt call.

7.8CVSS7.3AI score0.00174EPSS
CVE
CVE
added 2018/01/14 6:29 a.m.71 views

CVE-2017-15128

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

5.5CVSS5.2AI score0.00046EPSS
CVE
CVE
added 2017/06/28 6:29 a.m.71 views

CVE-2017-9984

The snd_msnd_interrupt function in sound/isa/msnd/msnd_pinnacle.c in the Linux kernel through 4.11.7 allows local users to cause a denial of service (over-boundary access) or possibly have unspecified other impact by changing the value of a message queue head pointer between two kernel reads of tha...

7.8CVSS7.5AI score0.00106EPSS
CVE
CVE
added 2024/03/25 10:15 a.m.71 views

CVE-2021-47173

In the Linux kernel, the following vulnerability has been resolved: misc/uss720: fix memory leak in uss720_probe uss720_probe forgets to decrease the refcount of usbdev in uss720_probe.Fix this by decreasing the refcount of usbdev by usb_put_dev. BUG: memory leakunreferenced object 0xffff8881011138...

5.5CVSS6.1AI score0.00008EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47269

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3: ep0: fix NULL pointer exception There is no validation of the index from dwc3_wIndex_to_dep() and we mightbe referring a non-existing ep and trigger a NULL pointer exception. Incertain configurations we might use fewer e...

5.5CVSS6.6AI score0.0001EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47328

In the Linux kernel, the following vulnerability has been resolved: scsi: iscsi: Fix conn use after free during resets If we haven't done a unbind target call we can race whereiscsi_conn_teardown wakes up the EH thread and then frees the conn whilethose threads are still accessing the conn ehwait. ...

7.8CVSS6.8AI score0.00015EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47339

In the Linux kernel, the following vulnerability has been resolved: media: v4l2-core: explicitly clear ioctl input data As seen from a recent syzbot bug report, mistakes in the compat ioctlimplementation can lead to uninitialized kernel stack data getting usedas input for driver ioctl handlers. The...

5.5CVSS6.5AI score0.00019EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47350

In the Linux kernel, the following vulnerability has been resolved: powerpc/mm: Fix lockup on kernel exec fault The powerpc kernel is not prepared to handle exec faults from kernel.Especially, the function is_exec_fault() will return 'false' when anexec fault is taken by kernel, because the check i...

5.5CVSS7AI score0.00009EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47368

In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint irq_set_affinity_hit() stores a reference to the cpumask_tparameter in the irq descriptor, and that reference can beaccessed later from irq_affinity_hint_proc_show(). Sincethe cp...

8.1CVSS8.3AI score0.00029EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47388

In the Linux kernel, the following vulnerability has been resolved: mac80211: fix use-after-free in CCMP/GCMP RX When PN checking is done in mac80211, for fragmentation we needto copy the PN to the RX struct so we can later use it to do acomparison, since commit bf30ca922a0c ("mac80211: check defra...

7.8CVSS6.9AI score0.00012EPSS
CVE
CVE
added 2024/05/21 3:15 p.m.71 views

CVE-2021-47389

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: fix missing sev_decommission in sev_receive_start DECOMMISSION the current SEV context if binding an ASID fails afterRECEIVE_START. Per AMD's SEV API, RECEIVE_START generates a new guestcontext and thus needs to be paired...

5.1CVSS6.9AI score0.00015EPSS
CVE
CVE
added 2024/05/22 9:15 a.m.71 views

CVE-2021-47496

In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix flipped sign in tls_err_abort() calls sk->sk_err appears to expect a positive value, a convention that ktlsdoesn't always follow and that leads to memory corruption in other code.For instance, [kworker] tls_encrypt_...

6.9AI score0.00031EPSS
CVE
CVE
added 2024/05/24 3:15 p.m.71 views

CVE-2021-47516

In the Linux kernel, the following vulnerability has been resolved: nfp: Fix memory leak in nfp_cpp_area_cache_add() In line 800 (#1), nfp_cpp_area_alloc() allocates and initializes aCPP area structure. But in line 807 (#2), when the cache is allocatedfailed, this CPP area structure is not freed, w...

5.5CVSS7AI score0.00009EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.71 views

CVE-2021-47595

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_ets: don't remove idle classes from the round-robin list Shuang reported that the following script: tc qdisc add dev ddd0 handle 10: parent 1: ets bands 8 strict 4 priomap 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 7 mausezahn dd...

5.5CVSS6.9AI score0.00009EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.71 views

CVE-2021-47598

In the Linux kernel, the following vulnerability has been resolved: sch_cake: do not call cake_destroy() from cake_init() qdiscs are not supposed to call their own destroy() methodfrom init(), because core stack already does that. syzbot was able to trigger use after free: DEBUG_LOCKS_WARN_ON(lock-...

7.8CVSS7.7AI score0.00016EPSS
CVE
CVE
added 2024/06/19 3:15 p.m.71 views

CVE-2021-47599

In the Linux kernel, the following vulnerability has been resolved: btrfs: use latest_dev in btrfs_show_devname The test case btrfs/238 reports the warning below: WARNING: CPU: 3 PID: 481 at fs/btrfs/super.c:2509 btrfs_show_devname+0x104/0x1e8 [btrfs]CPU: 2 PID: 1 Comm: systemd Tainted: G W O 5.14....

4.7CVSS5.5AI score0.00009EPSS
CVE
CVE
added 2024/06/20 11:15 a.m.71 views

CVE-2021-47620

In the Linux kernel, the following vulnerability has been resolved: Bluetooth: refactor malicious adv data check Check for out-of-bound read was being performed at the end of whilenum_reports loop, and would fill journal with false positives. Addedcheck to beginning of loop processing so that it do...

5.5CVSS7AI score0.00024EPSS
CVE
CVE
added 2025/02/26 6:37 a.m.71 views

CVE-2021-47654

In the Linux kernel, the following vulnerability has been resolved: samples/landlock: Fix path_list memory leak Clang static analysis reports this error sandboxer.c:134:8: warning: Potential leak of memorypointed to by 'path_list'ret = 0;^path_list is allocated in parse_path() but never freed.

5.5CVSS5.3AI score0.00025EPSS
CVE
CVE
added 2022/10/16 7:15 p.m.71 views

CVE-2022-3526

A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function macvlan_handle_frame of the file drivers/net/macvlan.c of the component skb. The manipulation leads to memory leak. The attack can be initiated remotely. It is recommended to apply a patch t...

7.5CVSS6.2AI score0.00139EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.71 views

CVE-2022-48791

In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a use-after-free may occur if a TMF sas_task is aborted before wehandle the IO completion in mpi_ssp_completion(). The abort occurs due totimeout. When the timeout...

7.8CVSS7.5AI score0.0005EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.71 views

CVE-2022-48799

In the Linux kernel, the following vulnerability has been resolved: perf: Fix list corruption in perf_cgroup_switch() There's list corruption on cgrp_cpuctx_list. This happens on thefollowing path: perf_cgroup_switch: list_for_each_entry(cgrp_cpuctx_list)cpu_ctx_sched_inctx_sched_inctx_pinned_sched...

6.7AI score0.00109EPSS
CVE
CVE
added 2024/07/16 12:15 p.m.71 views

CVE-2022-48826

In the Linux kernel, the following vulnerability has been resolved: drm/vc4: Fix deadlock on DSI device attach error DSI device attach to DSI host will be done with host device's lockheld. Un-registering host in "device attach" error path (ex: probe retry)will result in deadlock with below call tra...

5.5CVSS6.2AI score0.0003EPSS
CVE
CVE
added 2024/08/21 7:15 a.m.71 views

CVE-2022-48891

In the Linux kernel, the following vulnerability has been resolved: regulator: da9211: Use irq handler when ready If the system does not come from reset (like when it is kexec()), theregulator might have an IRQ waiting for us. If we enable the IRQ handler before its structures are ready, we crash. ...

5.5CVSS6.4AI score0.00048EPSS
CVE
CVE
added 2024/08/22 2:15 a.m.71 views

CVE-2022-48923

In the Linux kernel, the following vulnerability has been resolved: btrfs: prevent copying too big compressed lzo segment Compressed length can be corrupted to be a lot larger than memorywe have allocated for buffer.This will cause memcpy in copy_compressed_segment to write outsideof allocated memo...

5.5CVSS6.6AI score0.00039EPSS
CVE
CVE
added 2024/10/21 8:15 p.m.71 views

CVE-2022-48953

In the Linux kernel, the following vulnerability has been resolved: rtc: cmos: Fix event handler registration ordering issue Because acpi_install_fixed_event_handler() enables the eventautomatically on success, it is incorrect to call it before thehandler routine passed to it is ready to handle eve...

5.5CVSS5.2AI score0.00072EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.71 views

CVE-2022-49061

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: stmmac: fix altr_tse_pcs function when using a fixed-link When using a fixed-link, the altr_tse_pcs driver crashesdue to null-pointer dereference as no phy_device is provided totse_pcs_fix_mac_speed function. Fix thi...

5.5CVSS6.5AI score0.00024EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.71 views

CVE-2022-49089

In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition The documentation of the function rvt_error_qp says both r_lock and s_lockneed to be held when calling that function. It also asserts using lockdepthat both of...

5.4AI score0.00068EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.71 views

CVE-2022-49113

In the Linux kernel, the following vulnerability has been resolved: powerpc/secvar: fix refcount leak in format_show() Refcount leak will happen when format_show returns failure in multiplecases. Unified management of of_node_put can fix this problem.

5.5CVSS5.3AI score0.00024EPSS
Total number of security vulnerabilities9994