Lucene search
K
LinuxLinux Kernel5.19.2

17 matches found

CVE
CVE
added 2024/05/17 11:50 a.m.7688 views

CVE-2024-27410

CVE-2024-27410 (Linux kernel) relates to a race in wifi nl80211 where mesh ID changes during an iftype change could overwrite wdev data. The issue is resolved by disallowing mesh ID changes while changing the interface type (i.e., disallow iftype changes when mesh ID is being set). Astra Linux no...

5.5CVSS6.7AI score0.00247EPSS
CVE
CVE
added 2024/12/27 3:6 p.m.159 views

CVE-2024-56663

CVE-2024-56663 describes a Linux kernel vulnerability in wifi nl80211 where NL80211_ATTR_MLO_LINK_ID could be misvalidated due to an off-by-one error in the attribute range. The issue manifests as a potential out-of-bounds access (demonstrated by a KASAN wild-memory-access bug in ieee80211_tx_con...

7.1CVSS6.5AI score0.00223EPSS
CVE
CVE
added 2024/12/27 3:2 p.m.143 views

CVE-2024-56651

CVE-2024-56651 affects the Linux kernel hi311x CAN driver (hi3110_can_ist). The issue is a potential use-after-free: error count data added to the CAN frame after netif_rx() could reference a skb that is freed or reused. Root cause: reporting of rxerr/txerr persisted during non-bus-off operation,...

7.8CVSS6.3AI score0.00228EPSS
CVE
CVE
added 2024/04/03 2:54 p.m.133 views

CVE-2024-26695

CVE-2024-26695 affects the Linux kernel crypto: ccp and fixes a null pointer dereference in __sev_platform_shutdown_locked when the SEV platform device is shutdown with a null psp_master (e.g., DEBUG_TEST_DRIVER_REMOVE). The issue was observed via KASAN, showing a null-deref in __sev_platform_shu...

5.5CVSS6.3AI score0.00242EPSS
CVE
CVE
added 2024/12/28 9:46 a.m.132 views

CVE-2024-56683

Technical details for CVE-2024-56683 are not publicly available in the provided documents. No connected document confirms affected products, root cause, impact, or remediation. Monitor for updates from kernel/changelogs and trusted advisories.

5.5CVSS6.6AI score0.00216EPSS
CVE
CVE
added 2024/05/20 9:41 a.m.126 views

CVE-2024-35955

CVE-2024-35955 : Linux kernel vulnerability in kprobe registration that could cause a use-after-free if module unload changes MODULE_STATE from LIVE/GOING to UNFORMED between address checks. The fix switches to using only __module_text_address() and performs try_module_get(module) while MODULE_ST...

8.8CVSS6.7AI score0.01167EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.122 views

CVE-2023-53113

The CVE-2023-53113 entry concerns the Linux kernel wifi NL80211 offchannel check. A NULL-pointer dereference could occur when a link was created by userspace in AP mode but not activated yet, resulting in a chandef that is invalid or has no channel. The vulnerability arises from dereferencing thi...

5.5CVSS6.5AI score0.00163EPSS
CVE
CVE
added 2024/04/04 8:20 a.m.102 views

CVE-2024-26745

CVE-2024-26745 pertains to the Linux kernel on pSeries POWER systems where the IOMMU table is not initialized for kdump over SR-IOV, causing a NULL pointer dereference when the kdump kernel initializes IOMMU/TCEs for SR-IOV devices. The root cause is IOMMU table initialization logic that only con...

4.4CVSS5.6AI score0.0022EPSS
CVE
CVE
added 2025/06/18 10:54 a.m.101 views

CVE-2022-49940

CVE-2022-49940 concerns the Linux kernel tty/n_gsm subsystem. The vulnerability arises when gsmld_receive_buf() may call gsm->receive() even if gsm->receive is not initialized, leading to a NULL pointer dereference. The fix adds a sanity check to avoid invoking gsm->receive() if the func...

5.5CVSS6.4AI score0.00186EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.86 views

CVE-2022-49973

The CVE-2022-49973 entry concerns a Linux kernel vulnerability in sk_msg_recvmsg triggered by an incorrect last scatter-gather (sg) check. The root cause is a change to the last sg validation (to sg_is_last()) in sk_msg_recvmsg(), but the end of the scatterlist was not marked in sockmap redirecti...

5.5CVSS6.4AI score0.00195EPSS
CVE
CVE
added 2025/07/25 12:47 p.m.86 views

CVE-2025-38354

CVE-2025-38354 (Linux kernel, DRM/MSM GPU): A crash can occur when throttling GPU immediately during boot if the GPU is already hot, because of an early call to of_devfreq_cooling_register() that may access GMU registers before initialization. The root cause is that msm_devfreq_init may suspend d...

5.5CVSS6.2AI score0.00156EPSS
CVE
CVE
added 2024/05/21 3:32 p.m.84 views

CVE-2023-52872

CVE-2023-52872 affects the Linux kernel in the tty/n_gsm subsystem. A race condition during status line changes on dead connections in gsm_cleanup_mux() could lead to a kernel panic after the cleanup sequence closes DLCIs, stops timers, and clears queues, while the outgoing data queue continues t...

5.5CVSS7AI score0.00172EPSS
CVE
CVE
added 2025/06/18 11:1 a.m.81 views

CVE-2022-50045

CVE-2022-50045 is a Linux kernel issue affecting the powerpc/pci path. The vulnerability arose from a locking interaction in get_phb_number(), which could cause a DEBUG_ATOMIC_SLEEP warning when sleep-prone OF routines are called while a hose_spinlock is held. The resolution involves modifying ge...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2025/06/18 11:0 a.m.53 views

CVE-2022-49970

CVE-2022-49970 concerns a Linux kernel vulnerability in the bpf/cgroup path, where an invalid opcode triggers a kernel BUG during purge_effective_progs when detaching BPF programs from nested cgroups. Reproduction steps described in multiple sources involve attaching prog2 to cg2, prog1 to cg1, w...

7.1CVSS6.5AI score0.00228EPSS
CVE
CVE
added 2025/09/15 2:6 p.m.26 views

CVE-2023-53198

CVE-2023-53198 affects the Linux kernel raw socket handling (net/ipv4/raw.c). The vulnerability is a NULL dereference in raw_get_next(), triggered by races where a socket in one netns is freed while another thread iterates SOCK_RAW sockets. The root cause involves using RCU-based iteration with h...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2025/10/07 3:21 p.m.19 views

CVE-2022-50546

The CVE-2022-50546 issue affects the Linux kernel ext4 subsystem, specifically ext4_alloc_inode() and the __ext4_new_inode() path. Syzbot reported a KMSAN uninitialized value in ext4_evict_inode, caused by not initializing ei->i_flags during ext4_alloc_inode() when a new inode creation fails b...

7.8CVSS6AI score0.00202EPSS
CVE
CVE
added 2025/10/04 3:44 p.m.17 views

CVE-2023-53603

CVE-2023-53603 affects the Linux kernel SCSI QLA2XXX path. The issue is a potential NULL pointer dereference where a fcport pointer may be dereferenced if sa_ctl is NULL and fcport is allocated after an exit path. The documented fix is to exit the routine when sa_ctl is NULL, preventing the NULL ...

5.5CVSS6.1AI score0.00136EPSS