Lucene search
K
LinuxLinux Kernel5.15.179

7 matches found

CVE
CVE
added 2025/05/08 6:26 a.m.119 views

CVE-2025-37811

CVE-2025-37811 is a Linux kernel vulnerability in the USB chipidea ci_hdrc_imx driver. The root cause is an unsafe dereference of data->usbmisc_data when usbmisc is NULL; the fix adds a guard before dereferencing the pointer. Reported under CVSSv3.1: AV Local, AC Low, PR Low, UI None, S U, C a...

5.5CVSS5.3AI score0.00156EPSS
CVE
CVE
added 2025/05/20 4:1 p.m.93 views

CVE-2025-37964

CVE-2025-37964 affects the Linux kernel’s x86/mm path, specifically a window during mm switching where an IPITLB flush could be suppressed. The root cause: should_flush_tlb() could skip TLB flushes between load_new_mm_cr3() and writing loaded_mm, in a window labeled LOADED_MM_SWITCHING. The fix: ...

5.5CVSS7AI score0.00149EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.85 views

CVE-2025-38031

CVE-2025-38031 is a Linux kernel issue in the padata subsystem where a parallel_data refcount is incremented unconditionally by a patch, allowing a refcount leak if queue_work() returns that the work is already queued. The described fix is to check queue_work()’s return value and decrement the re...

5.5CVSS6.5AI score0.0017EPSS
CVE
CVE
added 2025/08/19 5:2 p.m.44 views

CVE-2025-38569

CVE-2025-38569 (Linux kernel benet) arises from a bug in the be2net SR-IOV VF MAC address configuration flow where be_cmd_set_mac_list() calls dma_free_coherent() while still under spin_lock_bh, leading to a kernel crash (BUG at mm/vmalloc.c and OOPs) when SR-IOV VFs are created. The linked advis...

5.5CVSS7.1AI score0.0016EPSS
CVE
CVE
added 2026/05/05 3:17 p.m.29 views

CVE-2026-43061

CVE-2026-43061 (Linux kernel): The serial8250 TX DMA deadlock was fixed. The root cause was that dmaengine_terminate_async did not guarantee the __dma_tx_complete callback would run, and that callback is the only place where dma->tx_running is cleared. If a TX DMA transaction is canceled and t...

5.5CVSS5.8AI score0.00091EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.29 views

CVE-2026-53273

CVE-2026-53273 describes a use-after-free in the Linux kernel TEE/OP-TEE path. When a client exits before the supplicant finishes processing, freed request memory could be dereferenced, enabling a potential crash or code execution path. The root cause is a race around request lifetime between the...

7.8CVSS5.8AI score0.00126EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.21 views

CVE-2026-43382

Summary: CVE-2026-43382 affects the Linux kernel batman-adv component. The issue arises when batadv_v_elp_get_throughput() runs with the RTNL lock already held, which could cause a deadlock during cancellation of a work item. The fix switches to rtnl_trylock to skip ethtool retrieval if the RTNL ...

5.5CVSS5.5AI score0.00095EPSS