Lucene search
K
LinuxLinux Kernel5.5.0

68 matches found

CVE
CVE
added 2024/02/20 6:34 p.m.1510 views

CVE-2023-52436

CVE-2023-52436 affects the Linux kernel in the f2fs file system. The issue arises when setting an extended attribute (xattr) because the xattr list was not guaranteed to be zeroed in unused space; the fix explicitly terminates the xattr list to avoid relying on zeroed unused space. The descriptio...

7.8CVSS7.5AI score0.00302EPSS
CVE
CVE
added 2024/02/23 9:9 a.m.1476 views

CVE-2024-26593

CVE-2024-26593: In the Linux kernel, i2c: i801: Fix block process call transactions. The issue was that the driver did not reset the block buffer index a second time before reading the incoming data, per Intel datasheets, causing reading the wrong portion of the block buffer. The advisory notes t...

7.1CVSS7.4AI score0.00285EPSS
CVE
CVE
added 2024/02/23 2:46 p.m.1461 views

CVE-2023-52464

CVE-2023-52464 affects the Linux kernel EDAC/thunderx driver. The issue is a potential out-of-bounds string access in thunderx_ocx_com_threaded_isr due to repeated use of strncat with an incorrect buffer size, which mimics a strlcat-like pattern but uses the wrong bound. The root cause is the mis...

7.8CVSS7.3AI score0.00266EPSS
CVE
CVE
added 2024/02/23 2:46 p.m.1431 views

CVE-2024-26597

CVE-2024-26597 affects the Linux kernel, specifically the Qualcomm RMNET netlink policy driver. The vulnerability arises from assigning a larger maxtype to rmnet_link_ops, causing a global out-of-bounds read when parsing netlink attributes. The bug is mapped to the rmnet_policy variable and is fi...

7.1CVSS6.7AI score0.00257EPSS
CVE
CVE
added 2024/02/25 8:16 a.m.1301 views

CVE-2023-52469

CVE-2023-52469 : The Linux kernel vulnerability resides in drivers/amd/pm where a use-after-free occurs in kv_parse_power_table. When kzalloc returns NULL, kv_parse_power_table frees adev->pm.dpm.ps and the object is then (incorrectly) used in kv_dpm_fini, causing a use-after-free. This is doc...

7.8CVSS7.9AI score0.00291EPSS
CVE
CVE
added 2024/02/24 2:56 p.m.1301 views

CVE-2024-26600

CVE-2024-26600 details (Linux kernel): A NULL pointer dereference in the TI PHY/OMAP USB2 PHY driver could be triggered when an external phy does not implement send_srp(), causing a wakeup path to call a NULL function. The issue manifests during idle Ethernet gadget wakeups and leads to a kernel ...

5.5CVSS6.4AI score0.00295EPSS
CVE
CVE
added 2024/02/25 8:16 a.m.1299 views

CVE-2023-52470

CVE-2023-52470: Linux kernel vulnerability fixed in drm/radeon driver. The issue was a potential NULL pointer dereference in radeon_crtc_init() if the alloc_workqueue call failed. The published fix adds a check for the alloc_workqueue return value to avoid dereferencing a NULL pointer. Affected c...

5.5CVSS6.6AI score0.0029EPSS
CVE
CVE
added 2024/02/25 2:3 p.m.1216 views

CVE-2021-46904

CVE-2021-46904 affects the Linux kernel net: hso subsystem. The issue was a null pointer dereference during tty device unregistration caused by multiple ttys claiming the same minor number. The root cause was that get_free_serial_index() returned an available minor but did not assign it immediate...

5.5CVSS6.2AI score0.00256EPSS
CVE
CVE
added 2024/02/25 2:3 p.m.1193 views

CVE-2021-46905

CVE-2021-46905 : Linux kernel vulnerability where a NULL-pointer dereference was introduced in net: hso during tty device unregistration after a minor was released. The issue arose because the serial device table could be accessed post-release of the minor by hso_serial_tty_unregister(), leading ...

5.5CVSS6.2AI score0.00261EPSS
CVE
CVE
added 2024/02/23 2:46 p.m.1182 views

CVE-2023-52454

CVE-2023-52454 affects the Linux kernel nvmet-tcp component; a host data command H2CData with invalid DATAL could crash nvmet_tcp_build_pdu_iovec(), risking a kernel NULL pointer dereference. The fix raises a fatal error when DATAL is not coherent with the packet size and ensures PDU length never...

5.5CVSS6.4AI score0.00228EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.1170 views

CVE-2019-25162

CVE-2019-25162: In the Linux kernel, an information-leak/UAF issue was fixed in the i2c subsystem. The patch fixes a potential use-after-free by ensuring the adap structure is freed only after it is no longer in use; specifically, put_device() is moved down to avoid freeing the adapter too early....

7.8CVSS7.4AI score0.00378EPSS
CVE
CVE
added 2024/02/26 2:39 p.m.1111 views

CVE-2024-26606

CVE-2024-26606 affects the Linux kernel binder subsystem. In (e)poll mode, a binder thread that issues a BINDER_WRITE_READ without a read buffer may later rely on epoll_wait to process responses, but if the epoll/wakeup signaling is not triggered for the thread’s own enqueued work, the thread can...

5.5CVSS6.4AI score0.00242EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.1077 views

CVE-2020-36775

CVE-2020-36775 affects the Linux kernel’s f2fs subsystem. The vulnerability was tied to a potential deadlock in the f2fs_write_compressed_pages() path, mitigated by using f2fs_trylock_op() (consistent with the approach used in f2fs_write_single_data_page()) to avoid deadlocks. The concrete fix is...

5.5CVSS5.3AI score0.0017EPSS
CVE
CVE
added 2024/02/26 5:20 p.m.968 views

CVE-2021-46906

CVE-2021-46906 — Linux kernel HID (usbhid) info leak fix : The vulnerability arises in hid_submit_ctrl where report->size of zero caused transfer_buffer_length to be calculated as 16384, enabling an information leak. The root cause is the calculation in hid_report_len() not handling a zero-siz...

5.5CVSS6.1AI score0.00245EPSS
CVE
CVE
added 2024/02/24 2:56 p.m.767 views

CVE-2024-26602

CVE-2024-26602 affects the Linux kernel’s membarrier path. The fix targets the sys_membarrier interface by introducing a lock on the path to serialize accesses and prevent extremely high call frequency, which could otherwise cause global slowdowns. Affected component: sched/membarrier. Root cause...

5.5CVSS6.6AI score0.00316EPSS
CVE
CVE
added 2024/02/20 6:34 p.m.742 views

CVE-2023-52439

CVE-2023-52439 is a Linux kernel UIO subsystem use-after-free vulnerability. The issue occurs in a race between core-1 (uio_unregister_device) and core-2 (uio_open) where device_unregister frees idev, then core-2 may still access idev, leading to use-after-free and potential double free of idev v...

7.8CVSS7.8AI score0.00299EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.739 views

CVE-2021-46939

CVE-2021-46939 affects the Linux kernel where tracing changes to trace_clock_global() could deadlock due to recursive locking during tracing; the fix uses a trylock and retry semantics to avoid blocking. Public details in connected advisories (MiracleLinux UTSA, Nessus plugin) describe the same i...

5.5CVSS6.6AI score0.00246EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.684 views

CVE-2021-46929

CVE-2021-46929 describes a Linux kernel SCTP use-after-free related issue in endpoint destruction, resolved by delaying endpoint free with call_rcu() and moving sock_put/ep free into sctp_endpoint_destroy_rcu(). The patch ensures the endpoint (ep) remains alive under rcu_read_lock during certain ...

5.5CVSS6.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 6:53 a.m.669 views

CVE-2021-46915

The CVE-2021-46915 issue is in the Linux kernel’s netfilter nft_limit code. nft_limit_init attempted to divide a 64-bit value by a 64-bit expectation but used div_u64 (dividing 64-bit by 32-bit), risking a divide error. The fix changes nft_limit_init to use the correct 64-bit division function (d...

5.5CVSS6.1AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:53 a.m.667 views

CVE-2021-46909

Mode C (normal, concrete details available) CVE-2021-46909 affects the Linux kernel PCI subsystem (ARM) and is resolved by a PCI interrupt/mapping fix in ARM: footbridge. The root cause was that after commit 30fdfb929e82, the kernel started mapping PCI IRQs whenever a PCI driver is probed via pci...

5.5CVSS6.9AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.659 views

CVE-2020-36777

CVE-2020-36777 is a Linux kernel issue where media: dvbdev had a memory leak in dvb_media_device_free(), documented as freeing dvbdev->adapter->conn before NULL-ing it. The connected MiracleLinux advisory (AXSA-2024-8481:17) lists this CVE among others and confirms a fix/vendor advisory. Th...

5.5CVSS6.1AI score0.00242EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.655 views

CVE-2021-46936

CVE-2021-46936 affects the Linux kernel (net: fix use-after-free in tw_timer_handler). The flaw allowed use-after-free on net->mib.net_statistics when destroying a net namespace if inflight time-wait timers exist; it is triggered during path of timer handling and ip/mib teardown. The fix reloc...

7.8CVSS7.4AI score0.00244EPSS
CVE
CVE
added 2022/10/17 12:0 a.m.619 views

CVE-2022-3564

CVE-2022-3564 is a high-severity Linux kernel vulnerability involving a use-after-free in the Bluetooth subsystem, specifically the function l2cap_reassemble_sdu() in net/bluetooth/l2cap_core.c . Connected advisories (CentOS, AlmaLinux, AlmaLinux-RT, Astra Linux, and others) confirm the same weak...

7.1CVSS6.9AI score0.0129EPSS
CVE
CVE
added 2024/02/20 6:27 p.m.601 views

CVE-2023-52435

CVE-2023-52435 affects the Linux kernel’s net/ skb_segment() and can overflow MSS when computing mss = mss * partial_segs, risking a crash (e.g., GSO_BY_FRAGS) and triggering NULL pointer dereferences in some traces. The fix adds a guard to ensure the new MSS is smaller than GSO_BY_FRAGS, prevent...

5.5CVSS6.6AI score0.00231EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.581 views

CVE-2021-46935

CVE-2021-46935 : Linux kernel binder vulnerability where async_free_space accounting for empty parcels leaked up to 8 bytes per 8-byte-or-smaller async transaction. Root cause: after a patch fixing visibility (Android binder buffer moved out of user space), the free operation didn’t add back size...

5.5CVSS5.2AI score0.00229EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.576 views

CVE-2021-46953

The CVE-2021-46953 issue affects the Linux kernel ACPI GTDT driver. If a probe fails due to invalid firmware properties, the driver may unmap an interrupt it mapped earlier without verifying that the mapping succeeded, and if the firmware reports an interrupt number overlapping the GIC SGI range,...

6.7CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.566 views

CVE-2021-46938

CVE-2021-46938 affects the Linux kernel in the device-mapper (dm-mq) path for request-based mapped devices. When loading a device-mapper table, if the allocation/initialization of blk_mq_tag_set for the device fails, a subsequent dev_remove can trigger a double free during cleanup because the poi...

7.8CVSS7.2AI score0.00248EPSS
CVE
CVE
added 2024/02/27 9:36 a.m.546 views

CVE-2021-46921

CVE-2021-46921 affects the Linux kernel’s locking/qrwlock code. The vulnerability arises in queued_write_lock_slowpath while the wait_lock is held: a reader can observe values before the writer has truly acquired the lock, due to an ordering gap between atomic_cond_read_acquire() and the subseque...

5.5CVSS6AI score0.00228EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.541 views

CVE-2021-46933

The CVE-2021-46933 issue affects the Linux kernel USB gadget f_fs component. It occurred when ffs_data_clear was invoked indirectly via ffs_fs_kill_sb/ffs_ep0_release, causing eventfd_ctx_put to be called multiple times and leading to a refcount underflow. The documented fix zeroes out ffs_eventf...

5.5CVSS6.1AI score0.00233EPSS
CVE
CVE
added 2022/01/18 4:51 p.m.528 views

CVE-2021-4083

CVE-2021-4083 is a read-after-free in Linux kernel Unix domain socket GC triggered by a race between close() and fget(). Affected kernels are prior to 5.16-rc4. Local users could crash the system or escalate privileges. Affected products include upstream kernel and Linux distributions (Astra Linu...

7CVSS6.9AI score0.0031EPSS
CVE
CVE
added 2022/03/03 10:4 p.m.512 views

CVE-2021-3640

The CVE-2021-3640 entry is confirmed with concrete technical details in Connected documents: a use-after-free in the Linux kernel HCI sco_sock_sendmsg() is triggered by user actions around UFFDIO_REGISTER and related race with sco_conn_del(). The flaw allows a local privileged user to crash the s...

7CVSS7.1AI score0.0037EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.499 views

CVE-2021-46934

CVE-2021-46934 affects the Linux kernel i2c subsystem, specifically the compat ioctl path. The issue was that wrong user data could cause warnings in i2c_transfer(); userspace might trigger warnings through the compat ioctl. The patch adds validation of user data in the compat ioctl to prevent re...

3.3CVSS5.3AI score0.00233EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.471 views

CVE-2021-46924

CVE-2021-46924 affects the Linux kernel NFC driver st21nfca. The issue is a memory leak caused by phy->pending_skb being allocated during device probe but not freed on error or remove paths. The connected Astra Linux bulletin and referenced kernel commits confirm the root cause and the remedia...

5.5CVSS6.1AI score0.00226EPSS
CVE
CVE
added 2024/02/27 9:44 a.m.461 views

CVE-2021-46932

CVE-2021-46932 affects the Linux kernel’s input subsystem (Input: appletouch). The root cause is that input_dev->close() can cancel_work_sync(&dev->work) before dev->work is initialized (initialized after input_register_device()), causing a risk of a NULL work function in __flush_work()....

5.5CVSS6.1AI score0.00228EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.456 views

CVE-2021-46943

CVE-2021-46943 : Linux kernel vulnerability in media: staging/intel-ipu3 where a faulty set_fmt error handling could cause mis-updated sizes, enabling a local exploit path that, without the fix, could trigger excessive RAM use (up to 4 GiB) and an OOPS. The issue stems from overwriting previous v...

7.8CVSS7.5AI score0.00234EPSS
CVE
CVE
added 2024/02/22 4:21 p.m.422 views

CVE-2023-52451

CVE-2023-52451 affects the Linux kernel on POWER architectures, where a bounds check oversight in pseries hot-add/hot-remove memory logic allowed potential out-of-bounds access in the drmem lmb array when a DRC index lookup failed. The issue manifested as a dereference of a cursor pointing past t...

7.8CVSS7.6AI score0.00246EPSS
CVE
CVE
added 2022/05/12 12:0 a.m.415 views

CVE-2022-30594

The CVE-2022-30594 issue affects the Linux kernel prior to 5.17.2, where the PTRACE_SEIZE path could bypass the PT_SUSPEND_SECCOMP restrictions and allow a local attacker to bypass seccomp-related restrictions. Connected advisories (Astra Linux, AlmaLinux advisories) confirm the same vulnerabilit...

7.8CVSS7.7AI score0.00798EPSS
CVE
CVE
added 2022/09/01 12:0 a.m.402 views

CVE-2022-1729

CVE-2022-1729 describes a race condition in the Linux kernel perf_event_open() within the perf subsystem. An unprivileged local user could exploit this to gain root privileges, with potential follow-on impacts such as information leaks or arbitrary code execution as implied by multiple sources. C...

7CVSS7.3AI score0.0031EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.398 views

CVE-2021-46951

CVE-2021-46951 (Linux kernel) concerns a local vulnerability in TPM support where tpm_read_log_efi could trigger integer underflow of efi_tpm_final_log_size when a TPM2 driver is loaded/unloaded repeatedly. The issue arises from subtracting final_events_preboot_size from a global final log size, ...

5.5CVSS6AI score0.00235EPSS
CVE
CVE
added 2024/02/22 4:21 p.m.398 views

CVE-2023-52448

CVE-2023-52448 affects the Linux kernel gfs2 subsystem. Syzkaller reported a NULL pointer dereference in gfs2_rgrp_dump when rgd->rd_rgl is accessed, potentially after rgd->rd_gl creation fails in read_rindex_entry(). The fix adds a NULL pointer check in gfs2_rgrp_dump() to prevent derefere...

5.5CVSS6.4AI score0.00244EPSS
CVE
CVE
added 2023/04/28 12:0 a.m.389 views

CVE-2023-31436

Summary: CVE-2023-31436 affects the Linux kernel net/sched/qfq subsystem (qfq_change_class in net/sched/sch_qfq.c). The flaw allows a heap/out-of-bounds write because lmax can exceed QFQ_MIN_LMAX, leading to information disclosure, privilege escalation, or denial of service as described in public...

7.8CVSS7.6AI score0.00582EPSS
CVE
CVE
added 2021/03/23 5:45 p.m.384 views

CVE-2021-3444

CVE-2021-3444 affects the Linux kernel’s eBPF verifier, where mod32 destination register truncation can be mishandled when the source is known to be zero. This enables a local attacker loading BPF programs to read kernel memory (information disclosure) and potentially perform out-of-bounds writes...

7.8CVSS7.5AI score0.0061EPSS
CVE
CVE
added 2024/02/22 4:21 p.m.356 views

CVE-2023-52449

The CVE refers to a Linux kernel issue where, if both ftl.ko and gluebi.ko are loaded, the ftl notifier may dereference gluebi->desc during gluebi_read(), causing a NULL pointer dereference in the MTD/UBI gluebi flow. Root cause described: gluebi_get_device() is not invoked early enough in the...

5.5CVSS6.4AI score0.00242EPSS
CVE
CVE
added 2022/03/03 6:24 p.m.355 views

CVE-2021-3609

CVE-2021-3609 is a local privilege-escalation flaw in the Linux kernel CAN BCM subsystem. A race in net/can/bcm.c between bcm_rx_handler() and bcm_release() can free bcm_op/bcm_sock structures while the handler runs, enabling use-after-free and root access. Public advisories consistently describe...

7CVSS7.2AI score0.00431EPSS
CVE
CVE
added 2024/02/22 4:21 p.m.340 views

CVE-2023-52445

The CVE-2023-52445 vulnerability (Linux kernel, media: pvrusb2) stems from a use-after-free when a context is disconnected during module load; a kthread may call pvr2_context_destroy and free the context before usb hub_event notification. The patch adds a sanity check to prevent the invalid read ...

7.8CVSS7.7AI score0.00246EPSS
CVE
CVE
added 2022/03/02 10:17 p.m.331 views

CVE-2021-3715

CVE-2021-3715 affects the Linux kernel Traffic Control routing classifier. The flaw is a use-after-free in route4_change() within net/sched/cls_route.c, triggered by changes to classification filters, enabling a local unprivileged user to escalate privileges. The issue is addressed by a kernel fi...

7.8CVSS7.4AI score0.00353EPSS
CVE
CVE
added 2022/09/02 12:0 a.m.324 views

CVE-2022-39189

CVE-2022-39189 affects the Linux kernel KVM/x86, where unprivileged guest users can compromise the guest kernel due to mishandled TLB flushes in certain KVM_VCPU_PREEMPTED situations. The issue is documented across multiple advisories (e.g., Debian, Amazon Linux ALAS2KERNEL, Astra Linux) and is m...

7.8CVSS7.3AI score0.00323EPSS
CVE
CVE
added 2024/02/27 6:40 p.m.319 views

CVE-2021-46944

CVE-2021-46944 : Linux kernel vulnerability in media: staging/intel-ipu3 where a memory reference leak in imu_fmt occurs due to misordered checks; patch fixes memory leak by changing check order. Impact limited to memory leak; no exploitation details provided in the documents. Remediation: apply ...

5.5CVSS5.8AI score0.00225EPSS
CVE
CVE
added 2020/10/22 8:33 p.m.313 views

CVE-2020-27673

CVE-2020-27673 is described in connected advisories as a Linux kernel race-condition bug in Xen event handling, permitting a guest (domU) to cause a denial of service or host hang in dom0 when exposed to high event rates. Affected scope: Linux kernel up to 5.9.1, used with Xen through 4.14.x. The...

5.5CVSS6.2AI score0.0041EPSS
CVE
CVE
added 2024/02/27 9:43 a.m.313 views

CVE-2021-46930

CVE-2021-46930 details from connected docs: In the Linux kernel, the usb mtu3 subsystem had a fix for a list_head check warning caused by uninitialized list_head, leading to a KASAN use-after-free in __list_del_entry_valid and an observed call trace through mtu3, mtu3_req_complete, mtu3_gadget_st...

5.5CVSS6.1AI score0.00216EPSS
Total number of security vulnerabilities68