Lucene search
K
LinuxLinux Kernel5.10.188

13 matches found

CVE
CVE
added 2024/12/27 1:50 p.m.2291 views

CVE-2024-53234

CVE-2024-53234 : In the Linux kernel’s EROFS, a vulnerability in handling NONHEAD lclusters with delta[1] caused inadequate decompressed lengths for FIEMAP mappings. The root cause was unconditional bailing when delta[1]==0 for NONHEAD lclusters, which could affect crafted images/filesystems from...

5.5CVSS6.9AI score0.00203EPSS
CVE
CVE
added 2024/06/19 1:45 p.m.180 views

CVE-2024-38598

CVE-2024-38598 — Linux kernel (md/raid10) softlockup during resync Technical details from the provided documents indicate that the issue arises in the md bitmap synchronization path for raid10 during lvextend/lvchange --syncaction, leading to a soft lockup (CPU 3) due to a logic error in md_bitma...

5.5CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2025/03/27 2:57 p.m.171 views

CVE-2025-21887

In CVE-2025-21887, the Linux kernel overlayfs (ovl) had a use-after-free in ovl_dentry_remote/ovl_dentry_update_reval caused by calling dput(upper) before upper is no longer safe to use; the fix moves dput(upper) to after its final use in ovl_link_up, preventing the UAF. The issue is addressed in...

7.8CVSS6.9AI score0.00182EPSS
CVE
CVE
added 2026/02/13 1:29 p.m.163 views

CVE-2026-23111

CVE-2026-23111 (Linux kernel) : A bug in netfilter nf_tables nft_map_catchall_activate() inverted the genmask check, causing catchall elements to be processed incorrectly during abort of a DELSET operation. The function skipped inactive elements and processed active ones, leading to a use-after-f...

7.8CVSS5.3AI score0.00344EPSS
CVE
CVE
added 2024/04/03 5:0 p.m.156 views

CVE-2024-26766

CVE-2024-26766 affects the Linux kernel’s IB/hfi1 path. The root cause is an off-by-one error in the sdma.h tx descriptor handling that, when a send consists of six descriptors and requires a seventh-dword padding, prevents proper expansion of the sdma_txreq descriptor array. This overflow can co...

5.5CVSS6.4AI score0.00259EPSS
CVE
CVE
added 2024/03/02 9:52 p.m.146 views

CVE-2023-52524

CVE-2023-52524 (Linux kernel) affects the net:nfc:llcp subsystem. The issue arises from modifying the device list without holding the required lock, which could allow list corruption as observed by syzbot. The vulnerability is local and requires privileges, with a high impact on confidentiality, ...

7.8CVSS6.2AI score0.00183EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.142 views

CVE-2022-49588

CVE-2022-49588 corresponds to a data-race in the Linux kernel’s TCP sysctl_migrate_req reader. The vulnerability arises from concurrent reading of sysctl_tcp_migrate_req, which could be changed during access. The fix adds READ_ONCE() to the readers to prevent races. Affected component is the kern...

4.7CVSS5.3AI score0.00176EPSS
CVE
CVE
added 2024/10/21 7:39 p.m.140 views

CVE-2024-50040

CVE-2024-50040 concerns the igb driver in the Linux kernel. The issue stemmed from igb_io_error_detected() treating transient non-fatal PCIe errors as non-fatal, which could lead igb_io_resume() to assume the device was still up and attempt a bring-up, causing a kernel panic during recovery from ...

5.5CVSS5AI score0.00258EPSS
CVE
CVE
added 2025/01/11 12:25 p.m.135 views

CVE-2024-48881

CVE-2024-48881 concerns the Linux kernel’s bcache implementation. The issue was a NULL pointer dereference risk in cache_set_flush() caused by a changed check: the code could access c->root when previous registration failed before c->root was allocated. The patch reverts the IS_ERR check to...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2025/04/16 2:11 p.m.131 views

CVE-2024-58093

CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...

7.8CVSS6.6AI score0.00162EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.88 views

CVE-2023-52838

CVE-2023-52838 – Linux kernel fbdev: imsttfb resource leak (probe) . The issue arises when init_imstt() fails and the code does not call iounmap(par->cmap_regs), leading to a resource leak in probe. The vulnerability is addressed by rewriting the error handling to ensure iounmap(par->cmap_r...

6.2CVSS6.5AI score0.00252EPSS
CVE
CVE
added 2026/03/20 8:8 a.m.29 views

CVE-2026-23278

CVE-2026-23278 (Linux kernel nf_tables catchall handling) The issue occurs in netfilter nf_tables where, during transaction processing, a map holding catchall elements being removed may require toggling all pending catchall elements, not just the first viable candidate. If the map is also being f...

7.8CVSS5.7AI score0.00165EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.24 views

CVE-2026-45954

CVE-2026-45954 concerns the Linux kernel fbdev driver (au1200fb). The issue arises when au1200fb_drv_probe fails at platform_get_irq: it returns an error without freeing allocated memory, causing a memory leak. A patch adds proper cleanup via a goto label to release resources. Red Hat notes the f...

5.5CVSS5.8AI score0.00122EPSS