Lucene search

K

9873 matches found

CVE
CVE
added 2024/08/22 2:15 a.m.102 views

CVE-2022-48912

In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not dereference @new_hooks after nf_hook_mutex has been released,because other threads might have freed our allocated hooks already. BUG: KASAN: use-after-free in nf...

7.8CVSS6.5AI score0.00049EPSS
CVE
CVE
added 2025/02/26 7:0 a.m.102 views

CVE-2022-49175

In the Linux kernel, the following vulnerability has been resolved: PM: core: keep irq flags in device_pm_check_callbacks() The function device_pm_check_callbacks() can be called under the spinlock (in the reported case it happens from genpd_add_device() ->dev_pm_domain_set(), when the genpd use...

6.5AI score0.00144EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49272

In the Linux kernel, the following vulnerability has been resolved: ALSA: pcm: Fix potential AB/BA lock with buffer_mutex and mmap_lock syzbot caught a potential deadlock between the PCMruntime->buffer_mutex and the mm->mmap_lock. It was brought by therecent fix to cover the racy read/write a...

5.4AI score0.00075EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49466

In the Linux kernel, the following vulnerability has been resolved: regulator: scmi: Fix refcount leak in scmi_regulator_probe of_find_node_by_name() returns a node pointer with refcountincremented, we should use of_node_put() on it when done.Add missing of_node_put() to avoid refcount leak.

5.5CVSS6.4AI score0.00025EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49579

In the Linux kernel, the following vulnerability has been resolved: ipv4: Fix data-races around sysctl_fib_multipath_hash_policy. While reading sysctl_fib_multipath_hash_policy, it can be changedconcurrently. Thus, we need to add READ_ONCE() to its readers.

4.7CVSS5.4AI score0.00044EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49675

In the Linux kernel, the following vulnerability has been resolved: tick/nohz: unexport __init-annotated tick_nohz_full_setup() EXPORT_SYMBOL and __init is a bad combination because the .init.textsection is freed up after the initialization. Hence, modules cannotuse symbols annotated __init. The ac...

6.6AI score0.00051EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49723

In the Linux kernel, the following vulnerability has been resolved: drm/i915/reset: Fix error_state_read ptr + offset use Fix our pointer offset usage in error_state_readwhen there is no i915_gpu_coredump but buf offsetis non-zero. This fixes a kernel page fault can happen whenmultiple tests are ru...

6.2AI score0.00051EPSS
CVE
CVE
added 2025/02/26 7:1 a.m.102 views

CVE-2022-49726

In the Linux kernel, the following vulnerability has been resolved: clocksource: hyper-v: unexport __init-annotated hv_init_clocksource() EXPORT_SYMBOL and __init is a bad combination because the .init.textsection is freed up after the initialization. Hence, modules cannotuse symbols annotated __in...

5.2AI score0.00039EPSS
CVE
CVE
added 2023/07/10 4:15 p.m.102 views

CVE-2023-32250

A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerabilit...

9CVSS8.4AI score0.0008EPSS
CVE
CVE
added 2024/04/03 3:15 p.m.102 views

CVE-2023-52639

In the Linux kernel, the following vulnerability has been resolved: KVM: s390: vsie: fix race during shadow creation Right now it is possible to see gmap->private being zero inkvm_s390_vsie_gmap_notifier resulting in a crash. This is due to thefact that we add gmap->private == kvm after creat...

4.7CVSS6.1AI score0.00012EPSS
CVE
CVE
added 2024/05/17 2:15 p.m.102 views

CVE-2023-52667

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When kcalloc() for ft->g succeeds but kvzalloc() for in fails,fs_any_create_groups() will free ft->g. However, its callerfs_any_create_table() will free ft->g ...

7.8CVSS6.7AI score0.00196EPSS
CVE
CVE
added 2024/05/17 3:15 p.m.102 views

CVE-2023-52675

In the Linux kernel, the following vulnerability has been resolved: powerpc/imc-pmu: Add a null pointer check in update_events_in_group() kasprintf() returns a pointer to dynamically allocated memorywhich can be NULL upon failure.

5.5CVSS6.6AI score0.00013EPSS
CVE
CVE
added 2024/02/05 8:15 a.m.102 views

CVE-2024-24859

A race condition was found in the Linux kernel's net/bluetooth in sniff_{min,max}_interval_set() function. This can result in a bluetooth sniffing exception issue, possibly leading denial of service.

4.8CVSS5.8AI score0.00008EPSS
CVE
CVE
added 2024/03/26 4:15 p.m.102 views

CVE-2024-26644

In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deletedsubvolume, we get the following abort: BTRFS: Transaction aborted (error -2)WARNING:...

5.5CVSS6AI score0.00007EPSS
CVE
CVE
added 2024/05/17 12:15 p.m.102 views

CVE-2024-27417

In the Linux kernel, the following vulnerability has been resolved: ipv6: fix potential "struct net" leak in inet6_rtm_getaddr() It seems that if userspace provides a correct IFA_TARGET_NETNSID valuebut no IFA_ADDRESS and IFA_LOCAL attributes, inet6_rtm_getaddr()returns -EINVAL with an elevated "st...

6.7AI score0.00043EPSS
CVE
CVE
added 2024/05/17 1:15 p.m.102 views

CVE-2024-35787

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix incorrect usage for sb_index Commit d7038f951828 ("md-bitmap: don't use ->index for pages backing thebitmap file") removed page->index from bitmap code, but left wrong codelogic for clustered-md. current cod...

6.9AI score0.00053EPSS
CVE
CVE
added 2024/05/20 10:15 a.m.102 views

CVE-2024-36007

In the Linux kernel, the following vulnerability has been resolved: mlxsw: spectrum_acl_tcam: Fix warning during rehash As previously explained, the rehash delayed work migrates filters fromone region to another. This is done by iterating over all chunks (allthe filters with the same priority) in t...

5.5CVSS6.6AI score0.00012EPSS
CVE
CVE
added 2024/06/25 3:15 p.m.102 views

CVE-2024-39298

In the Linux kernel, the following vulnerability has been resolved: mm/memory-failure: fix handling of dissolved but not taken off from buddy pages When I did memory failure tests recently, below panic occurs: page: refcount:0 mapcount:0 mapping:0000000000000000 index:0x0 pfn:0x8cee00flags: 0x6fffe...

7AI score0.00103EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.102 views

CVE-2024-39506

In the Linux kernel, the following vulnerability has been resolved: liquidio: Adjust a NULL pointer handling path in lio_vf_rep_copy_packet In lio_vf_rep_copy_packet() pg_info->page is compared to a NULL value,but then it is unconditionally passed to skb_add_rx_frag() which looksstrange and coul...

5.5CVSS6.8AI score0.00064EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.102 views

CVE-2024-40913

In the Linux kernel, the following vulnerability has been resolved: cachefiles: defer exposing anon_fd until after copy_to_user() succeeds After installing the anonymous fd, we can now see it in userland and closeit. However, at this point we may not have gotten the reference count ofthe cache, but...

6.4AI score0.0015EPSS
CVE
CVE
added 2024/07/12 1:15 p.m.102 views

CVE-2024-40974

In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries: Enforce hcall result buffer validity and size plpar_hcall(), plpar_hcall9(), and related functions expect callers toprovide valid result buffers of certain minimum size. Currently thisis communicated only through c...

6.9AI score0.00263EPSS
CVE
CVE
added 2024/07/29 3:15 p.m.102 views

CVE-2024-41079

In the Linux kernel, the following vulnerability has been resolved: nvmet: always initialize cqe.result The spec doesn't mandate that the first two double words (aka results)for the command queue entry need to be set to 0 when they are notused (not specified). Though, the target implemention return...

6.7AI score0.00131EPSS
CVE
CVE
added 2024/07/29 4:15 p.m.102 views

CVE-2024-41094

In the Linux kernel, the following vulnerability has been resolved: drm/fbdev-dma: Only set smem_start is enable per module option Only export struct fb_info.fix.smem_start if that is required by theuser and the memory does not come from vmalloc(). Setting struct fb_info.fix.smem_start breaks syste...

5.5CVSS6.5AI score0.00039EPSS
CVE
CVE
added 2024/09/18 8:15 a.m.102 views

CVE-2024-46783

In the Linux kernel, the following vulnerability has been resolved: tcp_bpf: fix return value of tcp_bpf_sendmsg() When we cork messages in psock->cork, the last message triggers theflushing will result in sending a sk_msg larger than the currentmessage size. In this case, in tcp_bpf_send_verdic...

5.5CVSS6.1AI score0.00036EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.102 views

CVE-2024-49929

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: avoid NULL pointer dereference iwl_mvm_tx_skb_sta() and iwl_mvm_tx_mpdu() verify that the mvmvstapointer is not NULL.It retrieves this pointer using iwl_mvm_sta_from_mac80211, which isdereferencing the ieee80211...

5.5CVSS6.6AI score0.00045EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.102 views

CVE-2024-49935

In the Linux kernel, the following vulnerability has been resolved: ACPI: PAD: fix crash in exit_round_robin() The kernel occasionally crashes in cpumask_clear_cpu(), which is calledwithin exit_round_robin(), because when executing clear_bit(nr, addr) withnr set to 0xffffffff, the address calculati...

5.5CVSS5.1AI score0.00045EPSS
CVE
CVE
added 2024/10/21 6:15 p.m.102 views

CVE-2024-50002

In the Linux kernel, the following vulnerability has been resolved: static_call: Handle module init failure correctly in static_call_del_module() Module insertion invokes static_call_add_module() to initialize the staticcalls in a module. static_call_add_module() invokes __static_call_init(),which ...

5.5CVSS7.1AI score0.00045EPSS
CVE
CVE
added 2024/10/21 7:15 p.m.102 views

CVE-2024-50015

In the Linux kernel, the following vulnerability has been resolved: ext4: dax: fix overflowing extents beyond inode size when partially writing The dax_iomap_rw() does two things in each iteration: map written blocksand copy user data to blocks. If the process is killed by user(See signalhandling i...

5.5CVSS6.9AI score0.00045EPSS
CVE
CVE
added 2024/11/05 6:15 p.m.102 views

CVE-2024-50130

In the Linux kernel, the following vulnerability has been resolved: netfilter: bpf: must hold reference on net namespace BUG: KASAN: slab-use-after-free in __nf_unregister_net_hook+0x640/0x6b0Read of size 8 at addr ffff8880106fe400 by task repro/72=bpf_nf_link_release+0xda/0x1e0bpf_link_free+0x139/...

7.8CVSS7.2AI score0.00046EPSS
CVE
CVE
added 2024/11/07 10:15 a.m.102 views

CVE-2024-50171

In the Linux kernel, the following vulnerability has been resolved: net: systemport: fix potential memory leak in bcm_sysport_xmit() The bcm_sysport_xmit() returns NETDEV_TX_OK without freeing skbin case of dma_map_single() fails, add dev_kfree_skb() to fix it.

5.5CVSS5.1AI score0.00045EPSS
CVE
CVE
added 2024/11/09 11:15 a.m.102 views

CVE-2024-50261

In the Linux kernel, the following vulnerability has been resolved: macsec: Fix use-after-free while sending the offloading packet KASAN reports the following UAF. The metadata_dst, which is used tostore the SCI value for macsec offload, is already freed bymetadata_dst_free() in macsec_free_netdev(...

7.8CVSS6.6AI score0.00043EPSS
CVE
CVE
added 2024/12/27 3:15 p.m.102 views

CVE-2024-56596

In the Linux kernel, the following vulnerability has been resolved: jfs: fix array-index-out-of-bounds in jfs_readdir The stbl might contain some invalid values. Added a check toreturn error code in that case.

7.8CVSS6.6AI score0.00038EPSS
CVE
CVE
added 2024/12/29 12:15 p.m.102 views

CVE-2024-56755

In the Linux kernel, the following vulnerability has been resolved: netfs/fscache: Add a memory barrier for FSCACHE_VOLUME_CREATING In fscache_create_volume(), there is a missing memory barrier between thebit-clearing operation and the wake-up operation. This may cause asituation where, after a wak...

5.5CVSS6.5AI score0.00041EPSS
CVE
CVE
added 2025/01/08 6:15 p.m.102 views

CVE-2024-56778

In the Linux kernel, the following vulnerability has been resolved: drm/sti: avoid potential dereference of error pointers in sti_hqvdp_atomic_check The return value of drm_atomic_get_crtc_state() needs to bechecked. To avoid use of error pointer 'crtc_state' in caseof the failure.

5.5CVSS6.5AI score0.00037EPSS
CVE
CVE
added 2025/01/15 1:15 p.m.102 views

CVE-2024-57896

In the Linux kernel, the following vulnerability has been resolved: btrfs: flush delalloc workers queue before stopping cleaner kthread during unmount During the unmount path, at close_ctree(), we first stop the cleanerkthread, using kthread_stop() which frees the associated task_struct, andthen st...

7.8CVSS6.5AI score0.00033EPSS
CVE
CVE
added 2025/01/19 12:15 p.m.102 views

CVE-2024-57922

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add check for granularity in dml ceil/floor helpers [Why]Wrapper functions for dcn_bw_ceil2() and dcn_bw_floor2()should check for granularity is non zero to avoid assert anddivide-by-zero error in dcn_bw_ functions...

5.5CVSS6.6AI score0.00047EPSS
CVE
CVE
added 2025/02/27 2:15 a.m.102 views

CVE-2024-57980

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init() function fails to allocate the int_urb, it willfree the dev->status pointer but doesn't reset the pointer to NULL. Thisresults in the kfree() call in uvc_st...

7.8CVSS6.6AI score0.0003EPSS
CVE
CVE
added 2025/01/19 11:15 a.m.102 views

CVE-2025-21637

In the Linux kernel, the following vulnerability has been resolved: sctp: sysctl: udp_port: avoid using current->nsproxy As mentioned in a previous commit of this series, using the 'net'structure via 'current' is not recommended for different reasons: Inconsistency: getting info from the reader'...

5.5CVSS6.9AI score0.00035EPSS
CVE
CVE
added 2025/01/21 1:15 p.m.102 views

CVE-2025-21658

In the Linux kernel, the following vulnerability has been resolved: btrfs: avoid NULL pointer dereference if no valid extent tree [BUG]Syzbot reported a crash with the following call trace: BTRFS info (device loop0): scrub: started on devid 1BUG: kernel NULL pointer dereference, address: 0000000000...

5.5CVSS6.1AI score0.00022EPSS
CVE
CVE
added 2025/01/31 12:15 p.m.102 views

CVE-2025-21672

In the Linux kernel, the following vulnerability has been resolved: afs: Fix merge preference rule failure condition syzbot reported a lock held when returning to userspace[1]. This isbecause if argc is less than 0 and the function returns directly, the heldinode lock is not released. Fix this by s...

5.5CVSS6.9AI score0.0002EPSS
CVE
CVE
added 2025/04/01 4:15 p.m.102 views

CVE-2025-21928

In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The system can experience a random crash a few minutes after the driver isremoved. This issue occurs due to improper handling of memory freeing inthe ishtp_hid_remo...

7.8CVSS7.2AI score0.00028EPSS
CVE
CVE
added 2025/04/08 9:15 a.m.102 views

CVE-2025-22012

In the Linux kernel, the following vulnerability has been resolved: Revert "arm64: dts: qcom: sdm845: Affirm IDR0.CCTW on apps_smmu" There are reports that the pagetable walker cache coherency is not agiven across the spectrum of SDM845/850 devices, leading to lock-upsand resets. It works fine on s...

5.5CVSS7.3AI score0.00019EPSS
CVE
CVE
added 2009/11/20 5:30 p.m.101 views

CVE-2009-3080

Array index error in the gdth_read_event function in drivers/scsi/gdth.c in the Linux kernel before 2.6.32-rc8 allows local users to cause a denial of service or possibly gain privileges via a negative event index in an IOCTL request.

7.2CVSS7AI score0.0007EPSS
CVE
CVE
added 2010/01/12 5:30 p.m.101 views

CVE-2009-4536

drivers/net/e1000/e1000_main.c in the e1000 driver in the Linux kernel 2.6.32.3 and earlier handles Ethernet frames that exceed the MTU by processing certain trailing payload data as if it were a complete frame, which allows remote attackers to bypass packet filters via a large packet with a crafte...

7.8CVSS7AI score0.10763EPSS
CVE
CVE
added 2010/05/07 6:30 p.m.101 views

CVE-2010-1173

The sctp_process_unk_param function in net/sctp/sm_make_chunk.c in the Linux kernel 2.6.33.3 and earlier, when SCTP is enabled, allows remote attackers to cause a denial of service (system crash) via an SCTPChunkInit packet containing multiple invalid parameters that require a large amount of error...

7.1CVSS6.2AI score0.11434EPSS
CVE
CVE
added 2010/09/21 6:0 p.m.101 views

CVE-2010-3080

Double free vulnerability in the snd_seq_oss_open function in sound/core/seq/oss/seq_oss_init.c in the Linux kernel before 2.6.36-rc4 might allow local users to cause a denial of service or possibly have unspecified other impact via an unsuccessful attempt to open the /dev/sequencer device.

7.2CVSS7.7AI score0.00047EPSS
CVE
CVE
added 2010/11/30 10:14 p.m.101 views

CVE-2010-4083

The copy_semid_to_user function in ipc/sem.c in the Linux kernel before 2.6.36 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via a (1) IPC_INFO, (2) SEM_INFO, (3) IPC_STAT, or (4) SEM_STAT command in a semctl s...

1.9CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2011/01/07 12:0 p.m.101 views

CVE-2010-4160

Multiple integer overflows in the (1) pppol2tp_sendmsg function in net/l2tp/l2tp_ppp.c, and the (2) l2tp_ip_sendmsg function in net/l2tp/l2tp_ip.c, in the PPPoL2TP and IPoL2TP implementations in the Linux kernel before 2.6.36.2 allow local users to cause a denial of service (heap memory corruption ...

6.9CVSS7.5AI score0.00162EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.101 views

CVE-2011-1078

The sco_sock_getsockopt_old function in net/bluetooth/sco.c in the Linux kernel before 2.6.39 does not initialize a certain structure, which allows local users to obtain potentially sensitive information from kernel stack memory via the SCO_CONNINFO option.

1.9CVSS7.6AI score0.00029EPSS
CVE
CVE
added 2012/06/21 11:55 p.m.101 views

CVE-2011-1079

The bnep_sock_ioctl function in net/bluetooth/bnep/sock.c in the Linux kernel before 2.6.39 does not ensure that a certain device field ends with a '\0' character, which allows local users to obtain potentially sensitive information from kernel stack memory, or cause a denial of service (BUG and sy...

5.4CVSS6.5AI score0.00077EPSS
Total number of security vulnerabilities9873