Lucene search
K
LinuxLinux Kernel5.10.1

12 matches found

CVE
CVE
added 2024/05/20 9:48 a.m.173 views

CVE-2024-36000

The vulnerability CVE-2024-36000 is a Linux kernel issue where mm/hugetlb could miss acquiring hugetlb_lock during resv uncharge, particularly in a userfault context via UFFDIO_COPY. The root cause is locking criteria being overlooked in hugetlb_cgroup_uncharge_folio_rsvd(), which updates the cgr...

5.5CVSS6.6AI score0.00225EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.112 views

CVE-2023-53065

CVE-2023-53065 is a Linux kernel vulnerability in perf/core where perf_output_begin was invoked with an incorrect parameter in perf_event_bpf_output. Syzkaller reported a KASAN stack-out-of-bounds issue, traced through __perf_event_header__init_id, causing memory overwrites. The root cause is the...

7.8CVSS6.5AI score0.00174EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.107 views

CVE-2023-53084

CVE-2023-53084 – Linux kernel (drm/shmem) 손상 문제 확인 Impact: In the Linux kernel, the error path in drm_gem_shmem_mmap() could fail to drop a reference, causing a dma-buf shmem GEM object to be freed prematurely and potentially leading to a use-after-free. Affected component: drm/shmem-helper and r...

7.8CVSS6.7AI score0.0017EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.82 views

CVE-2025-38227

CVE-2025-38227 concerns a slab-use-after-free in the Linux kernel’s vidtv driver, specifically in vidtv_mux_pid_ctx_init and vidtv_mux_init. The root cause, as reported by syzbot, is a use-after-free that occurs when PSI initialization fails and the si member is accessed again, leading to a 8-byt...

7.8CVSS6.3AI score0.00149EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.80 views

CVE-2023-53099

CVE-2023-53099 concerns a Linux kernel issue where a sleepable memory allocation was performed from an atomic context in the Xilinx firmware driver, triggering a lockdep-detected “sleeping function called from invalid context” condition. The advisory notes the root cause is in firmware: xilinx an...

5.5CVSS6.6AI score0.00125EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.37 views

CVE-2026-23097

CVE-2026-23097: Linux kernel migrate path deadlock due to incorrect lock ordering between hugetlb folio_lock and i_mmap_rwsem. Specifically migrate_pages -> migrate_hugetlbs -> unmap_and_move_huge_page -> remove_migration_ptes -> __rmap_walk_file() acquires i_mmap_lock_read while anot...

5.5CVSS5.2AI score0.00114EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.27 views

CVE-2026-23315

The CVE affects the Linux kernel mt76 wifi driver (mt76_connac2_mac_write_txwi_80211). The root cause is that the function could perform an out-of-bounds access by not validating the frame length before accessing management fields, including mgmt->u.action.u.addba_req.capab. This could enable ...

7.1CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.25 views

CVE-2026-45974

Summary: CVE-2026-45974 affects the Linux kernel btrfs quota handling. A logic error in btrfs_quota_enable() can cause invalid leaf access if the search key is not found, potentially allowing instability or DoS. The root cause is improper handling when btrfs_search_slot_for_read() returns 1 (no k...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2026/01/31 11:39 a.m.23 views

CVE-2026-23019

CVE-2026-23019 describes a NULL dereference in the Linux kernel’s net: marvell: prestera code. The root cause is that prestera_devlink_alloc() calls devlink_priv() on the pointer returned by devlink_alloc() without verifying that the pointer is non-NULL; if allocation fails, this leads to a NULL ...

5.5CVSS5.7AI score0.00115EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.23 views

CVE-2026-23371

CVE-2026-23371 (Linux kernel SCHED_DEADLINE) details (from provided docs): The vulnerability arose when a SCHED_DEADLINE task (often a lock holder) moved to a lower class via sched_setscheduler() and failed to inherit the donor DEADLINE parameters, risking bandwidth accounting corruption because ...

5.5CVSS5.7AI score0.00117EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.21 views

CVE-2022-50436

CVE-2022-50436 : Linux kernel ext4 had a deadlock risk when ext4_unlink() extended the jbd2 transaction scope, because ext4_find_entry() could require setting up the directory encryption key inside a transaction. The fix restores the transaction to its original scope, preventing the deadlock. The...

5.5CVSS6.1AI score0.00095EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.14 views

CVE-2026-43449

CVE-2026-43449 concerns the Linux kernel NVMe PCI driver. The issue is a slab-out-of-bounds write in nvme_dbbuf_set caused by an incorrect loop bound when indexing dev->online_queues; index 0 (admin queue) is excluded, but the loop could overrun. The vulnerability is evidenced by KASAN reports...

7.1CVSS5.8AI score0.00126EPSS