Lucene search
K
LinuxLinux Kernel5.15.149

16 matches found

CVE
CVE
added 2024/05/01 12:53 p.m.2327 views

CVE-2024-27032

CVE-2024-27032 affects the Linux kernel f2fs subsystem. During recovery, if FAULT_BLOCK is enabled, f2fs_reserve_new_block() may return -ENOSPC, potentially causing a kernel panic. Additionally, with fault-injection rate 1 and only FAULT_BLOCK enabled, a deadloop in block reservation may occur. T...

6.3CVSS6.9AI score0.00291EPSS
CVE
CVE
added 2024/07/12 12:20 p.m.193 views

CVE-2024-39503

CVE-2024-39503 : Linux kernel netfilter ipset race in the list:set type (namespace cleanup vs. gc) has a confirmed fix. The issue was a race that could cause use-after-free by GC data being accessed after the set is destroyed. The patch changes destruction order: when destroying all sets, first r...

7CVSS6.5AI score0.00204EPSS
CVE
CVE
added 2024/03/06 6:45 a.m.182 views

CVE-2023-52607

CVE-2023-52607 is a Linux kernel vulnerability affecting the powerpc architecture, where a null-pointer dereference could occur in pgtable_cache_add due to a potentially NULL kasprintf() return when memory allocation fails. The issue arises because kasprintf() can return NULL and the code did not...

5.5CVSS6.5AI score0.00234EPSS
CVE
CVE
added 2024/07/29 2:32 p.m.172 views

CVE-2024-41055

CVE-2024-41055 : Linux kernel vulnerability in the mm subsystem where a NULL pointer dereference could occur in pfn_section_valid() due to a race with section_deactivate() and an insufficient READ_ONCE() around ms->usage. The fix adds a value check on ms->usage before dereferencing and reli...

5.5CVSS6.5AI score0.00255EPSS
CVE
CVE
added 2024/06/10 2:57 p.m.145 views

CVE-2024-36972

CVE-2024-36972 : In the Linux kernel, a race between __unix_gc() and queue_oob() can occur for unix sockets if MSG_OOB is queued while unix_sk(sk)->oob_skb is being garbage-collected. The code previously touched oob_skb without holding the sk_receive_queue lock, allowing a concurrent update to...

7.5CVSS8AI score0.0067EPSS
CVE
CVE
added 2025/04/16 2:13 p.m.141 views

CVE-2025-23138

CVE-2025-23138: In the Linux kernel, watch_queue: fix pipe accounting mismatch. watch_queue_set_size() updated charged pipe buffers for user->pipe_bufs but did not update pipe->nr_accounted due to pipe_resize_ring() guard, risking underflow when a pipe is freed and causing failures in too_m...

5.5CVSS6.5AI score0.00174EPSS
CVE
CVE
added 2024/07/30 7:45 a.m.135 views

CVE-2024-42102

CVE-2024-42102 concerns a Linux kernel vulnerability in the dirty throttling path used by the mm/wb subsystem. The issue centers on assuming that dirty limits in page units fit in 32 bits and a patch series titled “mm: Avoid possible overflows in dirty throttling” was applied. The entry notes tha...

4.7CVSS6.7AI score0.00256EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.129 views

CVE-2025-23151

CVE-2025-23151 concerns a race in the Linux kernel’s bus: mhi: host path. A client driver quiesces via mhi_unprepare_from_transfer() while data may still be processed, potentially causing a call to mhi_queue_buf() that triggers mhi_gen_tre(). If mhi_gen_tre() runs after the channel teardown, an i...

4.7CVSS6.5AI score0.0012EPSS
CVE
CVE
added 2024/05/13 10:26 a.m.118 views

CVE-2024-27400

CVE-2024-27400 affects the Linux kernel: drm/amdgpu, specifically amdgpu_ttm_move(). The issue is with move/ notification ordering—notifications must be sent before the actual move so DMA-buf and VM move notifications have the correct order; after a move, the old location becomes unavailable. The...

5.5CVSS6.6AI score0.00235EPSS
CVE
CVE
added 2024/08/17 8:54 a.m.109 views

CVE-2024-42273

CVE-2024-42273 is a Linux kernel vulnerability affecting f2fs where CURSEG_ALL_DATA_ATGC is incorrectly assigned to COMPR_ADDR when the page is GC’d with gcing flag, causing a kernel BUG at fs/f2fs/segment.c:3589 during writeback. The scenario involves creating a small file on a compressed f2fs f...

5.5CVSS6.3AI score0.00222EPSS
CVE
CVE
added 2024/04/04 8:20 a.m.107 views

CVE-2024-26750

CVE-2024-26750 affects the Linux kernel. The vulnerability was in af_unix garbage collection: a self-referencing oob_skb/FD scenario could cause __unix_gc() to hang due to a loop that fails to purge inflight sockets. The fix drops the oob_skb reference before purging the queue, allowing __skb_que...

5.5CVSS6.5AI score0.00224EPSS
CVE
CVE
added 2024/04/04 8:20 a.m.104 views

CVE-2024-26792

CVE-2024-26792 : Linux kernel bug in btrfs snapshot creation can cause a double free of an anonymous device number. Root cause: during snapshot creation, anon_dev is allocated, later freed in nested calls, and if the transaction path fails, the same anon_dev may be freed again even if it has been...

7.8CVSS6.2AI score0.00236EPSS
CVE
CVE
added 2024/05/17 1:23 p.m.103 views

CVE-2024-35813

CVE-2024-35813 affects the Linux kernel mmc/core component. Root cause: a negative index is used when accessing idatas[i-1] without ensuring i > 0, leading to an out-of-bounds access. The fixed commit adds a proper check to prevent the negative index. The vulnerability’s practical impact is de...

5.5CVSS6.7AI score0.00237EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.50 views

CVE-2026-23003

CVE-2026-23003 : In the Linux kernel’s IPv6 tunnel receive path (ip6_tunnel, __ip6_tnl_rcv), VLAN encapsulations were not handled correctly due to a failed VLAN-aware pull in the decapsulation path. The fix substitutes skb_vlan_inet_prepare() for pskb_inet_may_pull() to properly accommodate VLAN-...

7.5CVSS5.2AI score0.00468EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.25 views

CVE-2026-43024

CVE-2026-43024 affects Linux kernel nf_tables/netfilter: nf_queue. The issue is that immediate NF_QUEUE verdicts were emitted and could be misused; upstream patch rejects immediate NF_QUEUE verdicts to fix it. Downstream advisories indicate fixes implemented in kernel updates (e.g., upstream kern...

5.5CVSS5.8AI score0.00123EPSS
CVE
CVE
added 2026/06/26 7:40 p.m.11 views

CVE-2026-53291

CVE-2026-53291 affects the Linux kernel ALSA hda/conexant driver. The root cause is the ignored return value from snd_hda_jack_detect_enable_callback() in cx_probe(); if the call fails, an error pointer is returned and not checked, potentially leading to a crash when jack events are handled. The ...

5.5CVSS5.8AI score0.00172EPSS