Lucene search
K
LinuxLinux Kernel5.15.86

10 matches found

CVE
CVE
added 2023/01/05 12:0 a.m.498 views

CVE-2022-4378

CVE-2022-4378 is a Linux kernel stack overflow flaw in the SYSCTL subsystem triggered by how a user changes certain kernel parameters, allowing a local user to crash the system or potentially escalate privileges. Public advisories (ALSA and CloudLinux entries) confirm the issue affects stack over...

7.8CVSS7.6AI score0.00428EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.132 views

CVE-2023-53028

CVE-2023-53028 : Linux kernel vulnerability in wifi/mac80211 processing where reverting the memory-leak fix for ieee80211_if_add() (and the related path ieee80211_if_free called from free_netdev) can trigger a null-ptr-deref/GPF as shown by syzbot. Affected component is the wireless stack (mac802...

5.5CVSS6.6AI score0.00176EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.121 views

CVE-2023-52977

CVE-2023-52977 is a kernel vulnerability in the Linux kernel’s net/openvswitch path where a memory leak occurs in ovs_flow_cmd_new when key allocation fails. The issue is triggered during netlink/genl handling as shown in the provided trace, and the remediation described in the patch is to reorde...

5.5CVSS6.5AI score0.00252EPSS
CVE
CVE
added 2025/05/02 3:56 p.m.116 views

CVE-2023-53124

VULNERABILITY SUMMARY: CVE-2023-53124 fixes a NULL pointer dereference in the Linux kernel SCSI driver mpt3sas during transport_port_add. The port is created by sas_port_alloc_num() and rphy by sas_end_device_alloc() or sas_expander_alloc(), any of which may return NULL, and the code would access...

5.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2024/07/12 12:31 p.m.110 views

CVE-2024-40947

CVE-2024-40947 affects the Linux kernel IMA subsystem. The root cause was sleeping in an RCU read-side critical section caused by kmalloc(GFP_KERNEL) inside ima_lsm_copy_rule (via ima_filter_rule_match) leading to potential use-after-free and NULL pointer dereference during file operations. The i...

5.5CVSS6.2AI score0.0025EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.93 views

CVE-2025-38226

CVE-2025-38226 targets the Linux kernel, specifically the media/v4l2-tpg path used by vivid. The issue is a KASAN-detected vmalloc-out-of-bounds access in tpg_fill_plane_pattern and tpg_fill_plane_buffer (v4l2-tpg-core.c:2608 and 2705), causing a write of size 1440 to a kernel address during vivi...

7.8CVSS6.4AI score0.00157EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.79 views

CVE-2023-52983

The CVE-2023-52983 issue affects the Linux kernel’s bfq (multiqueue block I/O) subsystem. It describes a use-after-free (UAF) where bic_set_bfqq() could access a bfqq after it had been freed in certain contexts. The root cause was that bfqq was freed in the wrong place relative to bic_set_bfqq(),...

7.8CVSS6.7AI score0.00262EPSS
CVE
CVE
added 2025/03/27 4:43 p.m.61 views

CVE-2023-53012

CVE-2023-53012 is documented across multiple connected advisories as a Linux kernel vulnerability affecting the thermal subsystem. The issue arises from calling put_device() before a successful device_register(), specifically in __thermal_cooling_device_register(), and is accompanied by unnecessa...

5.5CVSS6.6AI score0.00188EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.26 views

CVE-2026-43232

Summary: CVE-2026-43232 is a Linux kernel vulnerability in the FarSync WAN driver (net: wan: farsync) that causes a use-after-free when detaching a FarSync T-series card. The issue arises from a race between tasklets/work queues and card removal: fst_card_info is freed in fst_remove_one() but fst...

8.8CVSS5.8AI score0.00387EPSS
CVE
CVE
added 2025/09/15 2:49 p.m.19 views

CVE-2022-50329

CVE-2022-50329 affects the Linux kernel’s block/bfq subsystem. The root cause was a use-after-free: bfqq could be freed in bfq_exit_icq_bfqq() and then used in bic_set_bfqq(), leading to UAF. The fix reorders operations by moving bfq_exit_bfqq() behind bic_set_bfqq(), preventing the invalid access.

7.8CVSS6.2AI score0.00154EPSS