Lucene search
K
LinuxLinux Kernel5.19.1

15 matches found

CVE
CVE
added 2024/12/02 1:44 p.m.127 views

CVE-2024-53106

CVE-2024-53106 concerns the Linux kernel ima subsystem: a buffer overrun in ima_eventdigest_init_common triggered by HASH_ALGO__LAST indexing hash_digest_size[]. Root cause is inadequate handling of HASH_ALGO__LAST; a conditional prevents the overread. A fix is included in kernel updates (commit ...

7.8CVSS6.6AI score0.00242EPSS
CVE
CVE
added 2025/06/08 10:34 a.m.121 views

CVE-2025-38003

CVE-2025-38003 affects the Linux kernel: the bcm subsystem generates procfs content for bcm_op objects, and removal without proper rcu protection could expose use-after-free data. The patch adds missing rcu_read_lock() and ensures list entries are removed under RCU, addressing UAF in procfs outpu...

5.5CVSS6.5AI score0.002EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.103 views

CVE-2022-50035

CVE-2022-50035 affects the Linux kernel DRM AMDGPU path. The issue is a use-after-free in amdgpu_bo_list mutex handling caused by double-unlocking of bo_list_mutex when amdgpu_cs_vm_handling returns non-zero, which can lead to a refcount underflow (as shown in the trace). The vulnerability is dem...

7.8CVSS6.5AI score0.00153EPSS
CVE
CVE
added 2024/04/28 1:0 p.m.90 views

CVE-2022-48652

In CVE-2022-48652, the Linux kernel ICE driver fixes a crash when TC/channels are updated beyond allocated queues. The issue occurred when less queues were configured than TCs and later more TCs were added (e.g., via LLDP), leaving dirty num_txq/rxq and tc_cfg in the VSI and risking invalid point...

5.5CVSS6.6AI score0.00197EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.86 views

CVE-2022-50041

CVE-2022-50041 (Linux kernel, ice driver) : The issue arises from a WARN_ON() checking for a null VSI in ice_reset_vf during VF reset, which can trigger a call trace under stress (VF attach/detach with spoofcheck/trust changes). The connected advisories and Nessus/NVL references confirm the fix: ...

5.5CVSS6.7AI score0.00198EPSS
CVE
CVE
added 2025/07/25 12:53 p.m.84 views

CVE-2025-38393

CVE-2025-38393 affects the Linux kernel (NFSv4/pNFS) where a race to wake on NFS_LAYOUT_DRAIN could occur. The issue occurs when multiple tasks wait for a page lock during writeback and a waiter/waker race with pnfs_update_layout() occurs while pnfs_layout_hdr’s plh_outstanding count is zero. The...

4.7CVSS6.3AI score0.00123EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.82 views

CVE-2023-53088

CVE-2023-53088 affects the Linux kernel’s mptcp subsystem, specifically a use-after-free (UaF) in the listener shutdown path caused by a refactor of passive socket initialization. The issue could manifest during shutdown of msk (multipath TCP) listener sockets, with a stack trace involving _raw_s...

7.8CVSS6.3AI score0.00168EPSS
CVE
CVE
added 2025/08/16 10:55 a.m.43 views

CVE-2025-38520

In CVE-2025-38520, the Linux kernel’s DRM/AMDKFD path could deadlock during MMU notifier callbacks when a process exits, potentially leaking VRAM. The root cause was calling mmput from the MMU notifier callback, risking release of the mm struct and exit_mmap/free_pgtable. The fix takes a non-zero...

5.5CVSS6.5AI score0.00107EPSS
CVE
CVE
added 2025/09/15 2:45 p.m.28 views

CVE-2022-50302

CVE-2022-50302: Linux kernel vulnerability where lockd/vfs_lock_file() assumes a fully initialised struct file_lock; if fl_file is NULL (notably with re-exported NFSv3), the caller may Oops. Affected: Linux kernel (details describe the unlocking path in lockd and vfs_lock_file). Impact per source...

5.5CVSS6.1AI score0.00145EPSS
CVE
CVE
added 2026/01/31 11:42 a.m.26 views

CVE-2025-71189

Technical details for CVE-2025-71189 are not provided in the connected documents; the available sources only reference the vulnerability and fix at a high level. Monitor for updates.

5.5CVSS5.8AI score0.00183EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.22 views

CVE-2025-71138

CVE-2025-71138 pertains to the Linux kernel DRM MSM DPU, where a missing NULL pointer check for the pingpong interface was fixed. The vulnerability is addressed by upstream patch 693860, with the issue occurring in dpu_encoder_phys_wb_setup_ctl() and related code paths. Affected environments refe...

5.5CVSS6.1AI score0.00116EPSS
CVE
CVE
added 2025/09/15 2:2 p.m.21 views

CVE-2022-50257

The CVE-2022-50257 issue is in the Linux kernel Xen grant handling (xen/gntdev) where partial grant mapping failures could leak grants. In paravirtualized domains (use_ptemod = true), alloced was not updated for all successful map_ops or kmap_ops, risking incorrect live_grants and leaks. The fix ...

5.5CVSS6.1AI score0.00149EPSS
CVE
CVE
added 2026/05/06 11:28 a.m.21 views

CVE-2026-43239

The CVE-2026-43239 issue concerns the Linux kernel SMB client where two concurrent operations could race while updating network interfaces via query_interfaces(), risking an inconsistent state. The root cause is improper synchronization of iface_last_update under iface_lock. Public advisories con...

8.8CVSS5.7AI score0.00354EPSS
CVE
CVE
added 2025/10/07 3:19 p.m.19 views

CVE-2022-50517

CVE-2022-50517 relates to the Linux kernel THP handling in mm/huge_memory, where a swap page entry (swp_entry_t) could be clobbered during THP split if the head page wasn’t swapped, a bug identified and fixed by the commit b653db77350c. Affected behavior was observed under stress-ng mmap workload...

5.5CVSS6.1AI score0.00129EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.19 views

CVE-2026-23327

The CVE-2026-23327 issue is a Linux kernel vulnerability in the CXL mailbox driver (cxl/mbox). The root cause is that cxl_payload_from_user_allowed() casts and dereferences the user payload without validating its size, allowing an undersized mailbox command to trigger a read past the allocated bu...

7.1CVSS5.6AI score0.00124EPSS