Lucene search
K
LinuxLinux Kernel5.15.121

9 matches found

CVE
CVE
added 2024/06/19 1:45 p.m.180 views

CVE-2024-38598

CVE-2024-38598 — Linux kernel (md/raid10) softlockup during resync Technical details from the provided documents indicate that the issue arises in the md bitmap synchronization path for raid10 during lvextend/lvchange --syncaction, leading to a soft lockup (CPU 3) due to a logic error in md_bitma...

5.5CVSS7.4AI score0.00197EPSS
CVE
CVE
added 2025/03/27 2:57 p.m.171 views

CVE-2025-21887

In CVE-2025-21887, the Linux kernel overlayfs (ovl) had a use-after-free in ovl_dentry_remote/ovl_dentry_update_reval caused by calling dput(upper) before upper is no longer safe to use; the fix moves dput(upper) to after its final use in ovl_link_up, preventing the UAF. The issue is addressed in...

7.8CVSS6.9AI score0.00182EPSS
CVE
CVE
added 2026/02/13 1:29 p.m.165 views

CVE-2026-23111

CVE-2026-23111 (Linux kernel) : A bug in netfilter nf_tables nft_map_catchall_activate() inverted the genmask check, causing catchall elements to be processed incorrectly during abort of a DELSET operation. The function skipped inactive elements and processed active ones, leading to a use-after-f...

7.8CVSS5.3AI score0.00344EPSS
CVE
CVE
added 2024/03/02 9:52 p.m.146 views

CVE-2023-52524

CVE-2023-52524 (Linux kernel) affects the net:nfc:llcp subsystem. The issue arises from modifying the device list without holding the required lock, which could allow list corruption as observed by syzbot. The vulnerability is local and requires privileges, with a high impact on confidentiality, ...

7.8CVSS6.2AI score0.00183EPSS
CVE
CVE
added 2025/01/11 12:25 p.m.135 views

CVE-2024-48881

CVE-2024-48881 concerns the Linux kernel’s bcache implementation. The issue was a NULL pointer dereference risk in cache_set_flush() caused by a changed check: the code could access c->root when previous registration failed before c->root was allocated. The patch reverts the IS_ERR check to...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2025/04/16 2:11 p.m.131 views

CVE-2024-58093

CVE-2024-58093 affects the Linux kernel’s PCI/ASPM link state handling. The issue arises when removing functions on a bus with a PCIe switch/MFD: freeing the ASPM link state either too late (function 0 removed last) or too early (before all subordinate links are gone), leading to use-after-free o...

7.8CVSS6.6AI score0.00162EPSS
CVE
CVE
added 2025/08/16 1:25 p.m.43 views

CVE-2023-4515

CVE-2023-4515: Linux kernel ksmbd had command payload size checks missing for most commands (except SMB2_OPLOCK_BREAK_HE). An attacker with local access could exploit this to trigger issues due to unchecked request sizes. A fix was committed to validate command payload sizes; the SUSE advisories ...

5.5CVSS7.4AI score0.00135EPSS
CVE
CVE
added 2026/03/20 8:8 a.m.29 views

CVE-2026-23278

CVE-2026-23278 (Linux kernel nf_tables catchall handling) The issue occurs in netfilter nf_tables where, during transaction processing, a map holding catchall elements being removed may require toggling all pending catchall elements, not just the first viable candidate. If the map is also being f...

7.8CVSS5.7AI score0.00165EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.22 views

CVE-2026-23428

CVE-2026-23428 affects the Linux kernel ksmbd component handling SMB2. The root cause is a use-after-free when reusing work->tcon in compound SMB2 requests: after a prior command (e.g., SMB2_TREE_DISCONNECT) sets t_state to TREE_DISCONNECTED and ksmbd_share_config_put() frees share_conf, subse...

9.8CVSS5.8AI score0.00331EPSS