Lucene search
K
LinuxLinux Kernel4.15.0

22 matches found

CVE
CVE
added 2024/02/25 2:3 p.m.1216 views

CVE-2021-46904

CVE-2021-46904 affects the Linux kernel net: hso subsystem. The issue was a null pointer dereference during tty device unregistration caused by multiple ttys claiming the same minor number. The root cause was that get_free_serial_index() returned an available minor but did not assign it immediate...

5.5CVSS6.2AI score0.00256EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.1170 views

CVE-2019-25162

CVE-2019-25162: In the Linux kernel, an information-leak/UAF issue was fixed in the i2c subsystem. The patch fixes a potential use-after-free by ensuring the adap structure is freed only after it is no longer in use; specifically, put_device() is moved down to avoid freeing the adapter too early....

7.8CVSS7.4AI score0.00378EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.995 views

CVE-2019-25160

CVE-2019-25160 is about netlabel: fix out-of-bounds memory accesses in the Linux kernel. The Connected documents specify two array OOB accesses: one in cipso_v4_map_lvl_valid() and another in netlbl_bitmap_walk(). The fixes are described as straightforward, and backport guidance notes that netlbl...

7.1CVSS6.8AI score0.00252EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.968 views

CVE-2021-46906

CVE-2021-46906 — Linux kernel HID (usbhid) info leak fix : The vulnerability arises in hid_submit_ctrl where report->size of zero caused transfer_buffer_length to be calculated as 16384, enabling an information leak. The root cause is the calculation in hid_report_len() not handling a zero-siz...

5.5CVSS6.1AI score0.00245EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.739 views

CVE-2021-46939

CVE-2021-46939 affects the Linux kernel where tracing changes to trace_clock_global() could deadlock due to recursive locking during tracing; the fix uses a trylock and retry semantics to avoid blocking. Public details in connected advisories (MiracleLinux UTSA, Nessus plugin) describe the same i...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.684 views

CVE-2021-46929

CVE-2021-46929 describes a Linux kernel SCTP use-after-free related issue in endpoint destruction, resolved by delaying endpoint free with call_rcu() and moving sock_put/ep free into sctp_endpoint_destroy_rcu(). The patch ensures the endpoint (ep) remains alive under rcu_read_lock during certain ...

5.5CVSS6.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 6:53 a.m.670 views

CVE-2021-46915

The CVE-2021-46915 issue is in the Linux kernel’s netfilter nft_limit code. nft_limit_init attempted to divide a 64-bit value by a 64-bit expectation but used div_u64 (dividing 64-bit by 32-bit), risking a divide error. The fix changes nft_limit_init to use the correct 64-bit division function (d...

5.5CVSS6.1AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:53 a.m.667 views

CVE-2021-46909

Mode C (normal, concrete details available) CVE-2021-46909 affects the Linux kernel PCI subsystem (ARM) and is resolved by a PCI interrupt/mapping fix in ARM: footbridge. The root cause was that after commit 30fdfb929e82, the kernel started mapping PCI IRQs whenever a PCI driver is probed via pci...

5.5CVSS6.9AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.659 views

CVE-2020-36777

CVE-2020-36777 is a Linux kernel issue where media: dvbdev had a memory leak in dvb_media_device_free(), documented as freeing dvbdev->adapter->conn before NULL-ing it. The connected MiracleLinux advisory (AXSA-2024-8481:17) lists this CVE among others and confirms a fix/vendor advisory. Th...

5.5CVSS6.1AI score0.00242EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.655 views

CVE-2021-46936

CVE-2021-46936 affects the Linux kernel (net: fix use-after-free in tw_timer_handler). The flaw allowed use-after-free on net->mib.net_statistics when destroying a net namespace if inflight time-wait timers exist; it is triggered during path of timer handling and ip/mib teardown. The fix reloc...

7.8CVSS7.4AI score0.00244EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.581 views

CVE-2021-46935

CVE-2021-46935 : Linux kernel binder vulnerability where async_free_space accounting for empty parcels leaked up to 8 bytes per 8-byte-or-smaller async transaction. Root cause: after a patch fixing visibility (Android binder buffer moved out of user space), the free operation didn’t add back size...

5.5CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.576 views

CVE-2021-46953

The CVE-2021-46953 issue affects the Linux kernel ACPI GTDT driver. If a probe fails due to invalid firmware properties, the driver may unmap an interrupt it mapped earlier without verifying that the mapping succeeded, and if the firmware reports an interrupt number overlapping the GIC SGI range,...

6.7CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.566 views

CVE-2021-46938

CVE-2021-46938 affects the Linux kernel in the device-mapper (dm-mq) path for request-based mapped devices. When loading a device-mapper table, if the allocation/initialization of blk_mq_tag_set for the device fails, a subsequent dev_remove can trigger a double free during cleanup because the poi...

7.8CVSS7.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 9:36 a.m.549 views

CVE-2021-46921

CVE-2021-46921 affects the Linux kernel’s locking/qrwlock code. The vulnerability arises in queued_write_lock_slowpath while the wait_lock is held: a reader can observe values before the writer has truly acquired the lock, due to an ordering gap between atomic_cond_read_acquire() and the subseque...

5.5CVSS6AI score0.00228EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.541 views

CVE-2021-46933

The CVE-2021-46933 issue affects the Linux kernel USB gadget f_fs component. It occurred when ffs_data_clear was invoked indirectly via ffs_fs_kill_sb/ffs_ep0_release, causing eventfd_ctx_put to be called multiple times and leading to a refcount underflow. The documented fix zeroes out ffs_eventf...

5.5CVSS6.1AI score0.00233EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.499 views

CVE-2021-46934

CVE-2021-46934 affects the Linux kernel i2c subsystem, specifically the compat ioctl path. The issue was that wrong user data could cause warnings in i2c_transfer(); userspace might trigger warnings through the compat ioctl. The patch adds validation of user data in the compat ioctl to prevent re...

3.3CVSS5.3AI score0.00233EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.471 views

CVE-2021-46924

CVE-2021-46924 affects the Linux kernel NFC driver st21nfca. The issue is a memory leak caused by phy->pending_skb being allocated during device probe but not freed on error or remove paths. The connected Astra Linux bulletin and referenced kernel commits confirm the root cause and the remedia...

5.5CVSS6.1AI score0.00226EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.461 views

CVE-2021-46932

CVE-2021-46932 affects the Linux kernel’s input subsystem (Input: appletouch). The root cause is that input_dev->close() can cancel_work_sync(&dev->work) before dev->work is initialized (initialized after input_register_device()), causing a risk of a NULL work function in __flush_work()....

5.5CVSS6.1AI score0.00228EPSS
CVE
CVE
added 2021/03/05 12:0 a.m.338 views

CVE-2021-28038

CVE-2021-28038 is a Linux kernel issue (through 5.11.3 with Xen PV) where the netback driver mishandles grant mapping errors, leaving memory allocation/error conditions untreated. In a Xen PV setup, a misbehaving networking frontend driver can trigger a host OS denial of service (Dom0 crash) from...

6.5CVSS6.3AI score0.00708EPSS
CVE
CVE
added 2020/10/22 8:33 p.m.313 views

CVE-2020-27673

CVE-2020-27673 is described in connected advisories as a Linux kernel race-condition bug in Xen event handling, permitting a guest (domU) to cause a denial of service or host hang in dom0 when exposed to high event rates. Affected scope: Linux kernel up to 5.9.1, used with Xen through 4.14.x. The...

5.5CVSS6.2AI score0.0041EPSS
CVE
CVE
added 2019/08/07 2:48 p.m.288 views

CVE-2018-20961

CVE-2018-20961 affects the Linux kernel prior to 4.16.4. It is a double-free in the f_midi_set_alt function of drivers/usb/gadget/function/f_midi.c (f_midi driver) that may allow a denial of service or potentially other impacts. Affected versions are Linux kernel before 4.16.4; remediation is pro...

10CVSS9.2AI score0.06342EPSS
CVE
CVE
added 2024/04/10 6:56 p.m.104 views

CVE-2021-47194

CVE-2021-47194 : Linux kernel vulnerability in cfg80211 where switching from P2P_GO to ADHOC via NL80211_CMD_SET_INTERFACE failed to call cfg80211_stop_ap, allowing in-use data to be re-initialized (e.g., sdata->assigned_chanctx_list) while still in assigned_vifs, corrupting the linked list. D...

7.8CVSS6.4AI score0.00249EPSS