Lucene search
K
LinuxLinux Kernel5.15.1

17 matches found

CVE
CVE
added 2024/05/01 5:20 a.m.2497 views

CVE-2024-26977

CVE-2024-26977 — Linux kernel MMIO leak due to broken guarding of iounmap(). The vulnerability arises because the ARCH_HAS_GENERIC_IOPORT_MAP guard was applied to iounmap() in pci_iounmap(), causing MMIO mappings to leak. The fix relocates the guard so iounmap() is called for MMIO mappings, preve...

5.5CVSS6.7AI score0.00226EPSS
CVE
CVE
added 2025/02/27 8:0 p.m.171 views

CVE-2025-21802

CVE-2025-21802 is a Linux kernel issue affecting the networking driver path for hns3. The vulnerability arises during driver unload when the hclge path attempts to disable SR-IOV for each ae_dev in hnae3_ae_dev_list while the ae_dev list is being modified, which can cause an oops. The root cause ...

5.5CVSS6.5AI score0.00186EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.85 views

CVE-2022-49266

CVE-2022-49266 (Linux kernel) : The vulnerability arises in the block layer where the patch that prevents calling rq_qos_done_bio() for untracked bios caused blk-iocost to mis-handle merged bios, leaving them “in-flight.” The fix adds a new flag BIO_QOS_MERGED to mark merged bios and ensures rq_q...

5.5CVSS5.5AI score0.00273EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.77 views

CVE-2022-48807

CVE-2022-48807 concerns the Linux kernel ice driver and the LAG NETDEV_UNREGISTER notifier path. The issue arises because the same notifier handler was invoked for both NETDEV_BONDING_INFO LAG unlink and NETDEV_UNREGISTER events, passing a netdev_notifier_info structure that differs between event...

5.5CVSS6.4AI score0.00288EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.74 views

CVE-2022-49195

The CVE-2022-49195 entry documents a Linux kernel issue in the DSA driver: during multi-chip probing, all switches must probe, but up to N-1 may bind and later shutdown since the Nth switch initializes the tree. If that Nth initialization fails, shutdown on the other switches dereferences uniniti...

5.5CVSS6.5AI score0.00245EPSS
CVE
CVE
added 2026/05/27 12:55 p.m.34 views

CVE-2026-45997

CVE-2026-45997 concerns the Linux kernel SCSI disk driver (sd). The issue arises when device_add(&sdkp->disk_dev) fails during sd_probe; as a result, put_device() calls lead to scsi_disk_release() freeing the scsi_disk but leaving the gendisk referenced. The fix adds a missing put_disk(gd) in ...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2025/09/15 2:46 p.m.29 views

CVE-2022-50307

In CVE-2022-50307, the Linux kernel s390/cio subsystem had an out-of-bounds read during cio_ignore free scans. The bug arose from an optimization that excluded online devices from scans, incorrectly assuming I/O-subchannel drvdata pointed to a private struct, which is invalid for devices bound to...

7.1CVSS6.2AI score0.00147EPSS
Web
CVE
CVE
added 2025/10/04 7:31 a.m.25 views

CVE-2025-39943

CVE-2025-39943 affects the Linux kernel’s ksmbd smb_direct_data_transfer path. The vulnerability arises if data_offset or data_length in smb_direct_data_transfer are invalid, enabling an out-of-bounds condition. The cited patch adds validation in recv_done to guard against invalid offsets/lengths...

7.1CVSS6.2AI score0.0014EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.23 views

CVE-2026-23364

CVE-2026-23364 concerns the Linux kernel’s ksmbd path, where MAC comparisons were not performed in constant time. The underlying issue is a timing-attack-prone memcmp() usage; the recommended fix is to replace memcmp() with crypto_memneq() to ensure constant-time comparisons. The vulnerability is...

7.4CVSS5.6AI score0.00392EPSS
CVE
CVE
added 2025/10/04 7:31 a.m.22 views

CVE-2025-39942

CVE-2025-39942 is a Linux kernel vulnerability affecting the ksmbd smbdirect component. The issue, described as: “verify remaining_data_length respects max_fragmented_recv_size,” is a refinement inspired by the existing check for data_offset + data_length. The connected sources identify this CVE ...

5.5CVSS6.2AI score0.00136EPSS
CVE
CVE
added 2026/03/18 10:5 a.m.22 views

CVE-2025-71266

The CVE-2025-71266 entry concerns the Linux kernel ntfs3 filesystem. A malformed directory entry in NTFS3 could trigger an infinite loop in indx_find during lookups, repeatedly reading the same block and allocating 4 KB per iteration, causing memory exhaustion and potential DoS. The vulnerability...

5.5CVSS5.7AI score0.00118EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.20 views

CVE-2026-23359

CVE-2026-23359 stems from a Linux kernel bug in BPF devmap handling. get_upper_ifindexes() could write upper-device indices beyond the allocated stack, because the code assumed MAX_NEST_DEV (8) bounds, but the number of upper devices (e.g., many macvlan) could exceed that. The result is a stack-o...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.19 views

CVE-2022-50536

CVE-2022-50536 affects the Linux kernel’s BPF sockmap path. In tcp_bpf_send_verdict() redirection, the eval variable is set to __SK_REDIRECT after sending apply_bytes data; if msg.has_more_data, sock_put() can be called multiple times, risking a use-after-free via refcount misuse. The issue is fi...

7.8CVSS6.1AI score0.00158EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.17 views

CVE-2026-31476

In the Linux kernel component ksmbd, CVE-2026-31476 describes a logic flaw where a multichannel session binding request that fails (for example, due to a wrong password) could cause the targeted session to be marked SMB2_SESSION_EXPIRED. Because the failed binding may reference a session from ano...

8.2CVSS5.6AI score0.00499EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.13 views

CVE-2025-71132

CVE-2025-71132 affects the Linux kernel’s smc91x driver when built with PREEMPT_RT, causing a workqueue/RCU leak due to smc_special_trylock() disabling IRQs without restoring them. The root cause is that smc_special_unlock() uses spin_unlock_irqrestore() but cannot invoke rcu_read_unlock() via __...

5.5CVSS6.1AI score0.00114EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.12 views

CVE-2026-31477

In CVE-2026-31477, the Linux kernel ksmbd component smb2_lock() had three error-handling issues after detaching smb_lock from lock_list: (1) non-UNLOCK path leaks smb_lock and its flock when vfs_lock_file() returns an unexpected error, (2) UNLOCK path leaks on -ENOENT with stale error code, and (...

7.5CVSS5.6AI score0.00479EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.12 views

CVE-2026-43015

The CVE-2026-43015 issue is in the Linux kernel macb PCI glue driver where clk handling during platform_device_unregister() can be used after the device is unregistered. The root cause is that platform_device_unregister may still use registered clks during a runtime resume callback, leading to a ...

7.8CVSS5.8AI score0.00126EPSS