Lucene search
K
LinuxLinux Kernel5.16.3

18 matches found

CVE
CVE
added 2024/04/24 11:23 p.m.9090 views

CVE-2024-26926

CVE-2024-26926 : The Linux kernel vulnerability concerns the binder subsystem. After commit 6d98eb95, an offset alignment check was removed from binder_alloc_copy_from_buffer()/check_buffer(), and answers were copied in binder_get_object() via copy_from_user(), which now requires an explicit offs...

5.5CVSS6.3AI score0.00423EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.7789 views

CVE-2024-26897

CVE-2024-26897 — Linux kernel (ath9k/ath9k_htc): A race in the ath9k_wmi_event_tasklet can occur due to init-order data-structure initialization exposed to USB before driver init completes. This may cause NULL-pointer dereferences under certain WMI commands. A partial fix existed (aborting WMI_TX...

4.7CVSS6.5AI score0.00188EPSS
CVE
CVE
added 2024/06/19 1:35 p.m.127 views

CVE-2024-38556

CVE-2024-38556 affects the Linux kernel net/mlx5 code. The vulnerability arises from how the command queue semaphore timeout handling can allow an entry to be processed before an index is allocated, risking an out-of-bounds access at idx = -22 if the completion path proceeds without proper synchr...

7.8CVSS6.7AI score0.00259EPSS
CVE
CVE
added 2024/05/03 5:45 p.m.93 views

CVE-2022-48705

CVE-2022-48705 concerns the Linux kernel WiFi driver mt76 mt7921e. When a device driver fails during a chip reset, the reset sequence may loop, leaving tx_napi disabled/waiting for a state change and potentially causing a system crash. The fix changes the reset flow to avoid waiting on napi state...

5.5CVSS6.6AI score0.00193EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.85 views

CVE-2022-48752

CVE-2022-48752 affects the Linux kernel on PowerPC power_pmu_disable handling. The fix (commit 2c9ac51b850d) calls clear_pmi_irq_pending only if PMI is pending to avoid clearing PMI when an overflown PMC is detected, addressing a PMI/PMC race in power_pmu_disable triggered under CONFIG_PPC_IRQ_SO...

5.5CVSS6.6AI score0.0021EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.84 views

CVE-2022-48806

The CVE-2022-48806 issue is confirmed in the Linux kernel under ee1004 EEPROM reads. The root cause was that ee1004_eeprom_read() could read more than the i2c block data limit because i2c_smbus_read_i2c_block_data_or_emulated() uses an unsigned 8-bit length; if the requested read spanned a 256-by...

5.5CVSS6.4AI score0.00281EPSS
CVE
CVE
added 2025/02/26 2:12 a.m.83 views

CVE-2022-49400

CVE-2022-49400 concerns a Linux kernel RAID subsystem issue where in reshape the code path freed the mddev and set mddev->private to NULL, causing NULL dereference when a new raid tried to reuse mddev. The fix is to remove the code path that sets mddev->private to NULL in raid0_free, preven...

5.5CVSS5.3AI score0.00273EPSS
CVE
CVE
added 2024/07/16 11:43 a.m.81 views

CVE-2022-48787

The CVE-2022-48787 vulnerability concerns iwlwifi use-after-free in the Linux kernel. When no firmware is present or parsing fails, device_release_driver()/remove()/iwl_drv_stop() may free the drv struct, but the code can still access it. The fix involves avoiding the access after the object is f...

7.8CVSS8.2AI score0.00242EPSS
CVE
CVE
added 2025/02/26 2:11 a.m.81 views

CVE-2022-49384

CVE-2022-49384 is a Linux kernel vulnerability in the md (memory descriptor) subsystem where io_acct_set bioset could be freed twice. The fix relocates allocation/free of io_acct_set to the personality path and removes freeing in md_free and md_stop. Connected advisories (Astra Linux SUSE securit...

7.8CVSS5.5AI score0.00259EPSS
CVE
CVE
added 2025/02/26 1:56 a.m.80 views

CVE-2022-49244

CVE-2022-49244 concerns the Linux kernel ASoC path for the mediatek mt8192-mt6359 driver. The issue arises from improper reference counting of the device_node returned by of_parse_phandle(): the code increments the refcount, but only calls of_node_put() on the success path, creating a refcount le...

5.5CVSS6.5AI score0.00252EPSS
CVE
CVE
added 2024/07/16 11:13 a.m.76 views

CVE-2022-48778

CVE-2022-48778 concerns a Linux kernel issue in mtd: rawnand gpmi where a PM runtime reference could leak in the error path if gpmi_nfc_apply_timings() fails. The provided documents consistently describe the vulnerability and its resolution, noting that the PM runtime usage counter must be droppe...

7.8CVSS8.1AI score0.00234EPSS
CVE
CVE
added 2025/06/18 11:2 a.m.74 views

CVE-2022-50118

CVE-2022-50118 describes a Linux kernel issue in the PowerPC perf PMU path. A new pmi_irq_pending check in hw_irq.h is used by power_pmu_disable to warn if PMI is pending when no counter overflows. The patch set removes the WARN_ON for PMI in this scenario and adds an optimization to clear pendin...

5.5CVSS6.6AI score0.00155EPSS
CVE
CVE
added 2024/08/22 1:32 a.m.72 views

CVE-2022-48914

CVE-2022-48914 affects the Linux kernel’s xen_netfront/xennet_destroy_queues path. The vulnerability arises because xennet_destroy_queues() relies on netdev->real_num_tx_queues, which is cleared after unregister_netdev() due to net-sysfs changes, causing a NULL dereference when freeing queues ...

5.5CVSS6.2AI score0.00215EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.68 views

CVE-2022-48764

CVE-2022-48764 concerns the Linux kernel KVM x86 CPUID handling. The provided documents consistently describe a memory-leak issue where the kernel did not free the kvm_cpuid_entry2 array after successful post-KVM_RUN KVM_SET_CPUID{,2} calls, potentially leaving an unreferenced 2048-byte object (e...

5.3CVSS5.1AI score0.00179EPSS
CVE
CVE
added 2026/04/13 1:40 p.m.65 views

CVE-2026-31419

Summary of CVE-2026-31419 : A use-after-free in the Linux kernel bonding driver is caused by a race in bond_xmit_broadcast() where the last slave determination can change during RCUs, leading to double-free of the original skb and a potential crash. The fix replaces the racy bond_is_last_slave() ...

7.8CVSS5.7AI score0.00124EPSS
Web
CVE
CVE
added 2026/05/27 12:58 p.m.32 views

CVE-2026-46092

CVE-2026-46092 relates to the Linux kernel's wifi rtw88 driver (8821CE) where pci_upstream_bridge() returns NULL for devices on a root bus, risking a crash during probe on certain PCI topologies. The fix is to explicitly check for the PCI upstream bridge before applying the workaround. A patch wa...

5.5CVSS5.8AI score0.00105EPSS
CVE
CVE
added 2025/09/15 2:48 p.m.26 views

CVE-2022-50317

CVE-2022-50317 affects the Linux kernel, specifically the DRM bridge driver for Megachips (stdp2690 and stdp4028). The issue is a null-pointer dereference that occurs when removing the module because the two bridges are not probed concurrently, causing ge_b850v3_register() not to be called for in...

5.5CVSS6AI score0.00146EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.18 views

CVE-2026-31522

CVE-2026-31522 affects the Linux kernel HID magicmouse driver. The root cause is in magicmouse_report_fixup(), which allocated a new buffer via kmemdup and failed to free it, while the caller does not own the returned pointer. This memory leak can enable local resource exhaustion, with the CVSS i...

5.5CVSS5.7AI score0.00123EPSS