Lucene search
K
LinuxLinux Kernel5.9

114 matches found

CVE
CVE
added 2024/04/17 10:27 a.m.6981 views

CVE-2024-26870

CVE-2024-26870 describes a Linux kernel vulnerability in NFSv4.2 where listxattr could trigger a kernel BUG in mm/usercopy.c when size handling is incorrect. The connected Astra Linux entry mirrors the issue and provides a concrete fix: modify nfs4_listxattr() so that if size > 0 and the funct...

5.5CVSS6.6AI score0.00272EPSS
CVE
CVE
added 2024/02/29 10:37 p.m.6849 views

CVE-2021-47055

CVE-2021-47055 — Linux kernel mtd ioctl protection bug Connected sources confirm a concrete Linux kernel vulnerability in the mtd subsystem: certain ioctls (MEMLOCK, MEMUNLOCK, OTPLOCK) modify protection bits and historically required write permission, with MEMLOCK potentially being write-once on...

5.5CVSS6.4AI score0.00196EPSS
CVE
CVE
added 2024/07/16 11:44 a.m.6380 views

CVE-2022-48817

CVE-2022-48817 is a Linux kernel issue affecting the ar9331 MDIO switch under the DSA subsystem. The root cause is that mdiobus registration was done under devres and could be freed by devm_mdiobus_free() via device core shutdown, leading to a panic if the bus was still registered. The advisory e...

5.5CVSS6.7AI score0.00268EPSS
CVE
CVE
added 2024/02/28 8:13 a.m.6058 views

CVE-2021-46987

CVE-2021-46987: Linux kernel/btrfs deadlock when cloning inline extents with qgroups. Root cause: while cloning, a transaction flush can occur with destination iotree range locked and delalloc flush needing the same range, potentially deadlocking. This occurs specifically when qgroups reserve met...

5.5CVSS6.5AI score0.00181EPSS
CVE
CVE
added 2024/02/28 8:13 a.m.6021 views

CVE-2021-46983

CVE-2021-46983 corresponds to a Linux kernel issue in nvmet-rdma where a NULL pointer dereference could occur when SEND completes with error. The root cause is that nvmet_rdma_error_comp attempted to access the cq_context to obtain the queue, but the cq_context is no longer valid after switching ...

5.5CVSS6.3AI score0.00236EPSS
CVE
CVE
added 2024/02/29 10:37 p.m.5235 views

CVE-2021-47060

CVE-2021-47060 affects the Linux kernel KVM MMIO coalesced zones. When kvm_io_bus_unregister_dev() fails to allocate memory for a new bus instance, unregister_dev() destroys all devices on the bus except the target, but does not notify the caller, which can lead to a deleted list entry being dere...

6CVSS6.6AI score0.00238EPSS
CVE
CVE
added 2024/05/01 12:54 p.m.3864 views

CVE-2024-27047

CVE-2024-27047 affects the Linux kernel: net: phy: fix phy_get_internal_delay accessing an empty array. The issue occurs when a driver calls phy_get_internal_delay without defining delay_values and rx-/tx-internal-delay-ps is 0 in device-tree, risking a NULL pointer dereference and kernel oops. A...

5.5CVSS6.1AI score0.00281EPSS
CVE
CVE
added 2024/05/01 12:54 p.m.3788 views

CVE-2024-27045

Summary: CVE-2024-27045 affects the Linux kernel DRM AMD display path (amdgpu_dm). The vulnerability is a potential buffer overflow in dp_dsc_clock_en_read() caused by unsafe snprintf usage. The patch tightens the snprintf output limit from 30 to 10 bytes, mitigating overflow. The issue is tied t...

7.8CVSS6.8AI score0.00303EPSS
CVE
CVE
added 2024/05/09 4:37 p.m.2708 views

CVE-2024-27393

CVE-2024-27393 involves the Linux kernel: xen-netfront missing skb_mark_for_recycle call due to history of page_pool_release_page usage. The root cause is that skb_mark_for_recycle() was introduced after fixes tag and a missing call to page_pool_release_page() in older revisions (v5.9–v5.14). Fro...

5.5CVSS6.5AI score0.00253EPSS
CVE
CVE
added 2020/12/02 12:0 a.m.486 views

CVE-2020-25704

CVE-2020-25704 describes a memory leak in the Linux kernel perf subsystem when using PERF_EVENT_IOC_SET_FILTER, enabling a local user to exhaust resources and cause a denial of service. The vulnerability is reiterated across multiple advisories (e.g., ALAS2KERNEL, ALAS-2020-1566, Debian/AlmaLinux...

5.5CVSS6AI score0.00348EPSS
CVE
CVE
added 2023/07/05 6:33 p.m.347 views

CVE-2023-31248

CVE-2023-31248 is a Linux kernel nf_tables (nftables) use-after-free vulnerability. The issue occurs in nf_tables when using nft_chain_lookup_byid, where a chain’s active state wasn’t properly checked, enabling a local attacker with CAP_NET_ADMIN in any user or network namespace to escalate privi...

7.8CVSS7.8AI score0.02033EPSS
CVE
CVE
added 2024/07/30 7:47 a.m.332 views

CVE-2024-42230

In CVE-2024-42230, the Linux kernel on pseries PowerPC is affected by a scv instruction crash when kexec is used. The root cause is that kexec on pseries disables AIL (reloc_on_exc), required for scv instruction support, before all CPUs have been shut down, allowing scv instructions to execute af...

4.4CVSS7AI score0.00205EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.264 views

CVE-2024-44989

CVE-2024-44989 is a Linux kernel vulnerability affecting bonding with xfrm offload, caused by setting real_dev to NULL (callbacks assume real_dev is always set). This can lead to a null-pointer dereference in offload/add SA paths (notably bond_ipsec_offload_ok/nsim_ipsec_offload_ok) when SA setup...

5.5CVSS6AI score0.00239EPSS
CVE
CVE
added 2024/09/04 7:54 p.m.257 views

CVE-2024-44990

CVE-2024-44990 is a Linux kernel vulnerability fixed in the bonding subsystem: the function bond_ipsec_offload_ok dereferenced a pointer without validating an active slave, risking a NULL pointer dereference. The connected docs confirm the root cause (checking for an active slave before dereferen...

5.5CVSS6.2AI score0.00239EPSS
CVE
CVE
added 2023/08/07 1:19 p.m.255 views

CVE-2023-4147

CVE-2023-4147 is a local-privilege-escalation use-after-free in the Linux kernel nf_tables/netfilter code. The flaw occurs when adding a rule with NFTA_RULE_CHAIN_ID, where nft_tables_delrule or related NFT rule handling can release objects in a way that leaves a dangling pointer, enabling local ...

7.8CVSS7.7AI score0.0056EPSS
CVE
CVE
added 2023/07/21 8:48 p.m.242 views

CVE-2023-3610

The CVE-2023-3610 issue is a use-after-free in the Linux kernel nf_tables (netfilter) logic, specifically in the NFT_MSG_NEWRULE abort path, caused by flawed error handling of bound chains. This vulnerability can enable local privilege escalation for an attacker possessing CAP_NET_ADMIN, within a...

7.8CVSS7.7AI score0.00259EPSS
CVE
CVE
added 2022/07/05 12:50 p.m.233 views

CVE-2022-33743

CVE-2022-33743 maps to a Xen netfront memory-handling issue in the Linux kernel where SKBs with retained references can be freed, caused by a label move while adding XDP support. This can lead to use-after-free in the network backend and a potential Denial of Service when interacting with the Xen...

7.8CVSS7.5AI score0.00349EPSS
CVE
CVE
added 2024/04/02 6:22 a.m.190 views

CVE-2024-26665

CVE-2024-26665 (Linux kernel) fixes a out-of-bounds access when constructing IPv6 PMTU ICMP errors in tunnels, triggered if the ICMPv6 error is built from a non-linear skb. The root cause is a slab-out-of-bounds read/write in the path that sums skb data (read of size 4) during PMTU error handling...

7.1CVSS6.2AI score0.00237EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.183 views

CVE-2024-26707

The connected documents provide concrete details for CVE-2024-26707: in the Linux kernel net/hsr code, WARN_ONCE() in send_hsr_supervision_frame() is removed and replaced with netdev_warn_once(), and a similar change is suggested for send_prp_supervision_frame() to quiet syzkaller warnings. This ...

5.5CVSS6AI score0.00226EPSS
CVE
CVE
added 2024/10/21 12:14 p.m.173 views

CVE-2024-47748

CVE-2024-47748: Linux kernel vhost_vdpa code fixes an irq bypass producer token life-cycle bug. The token formerly registered in vhost_vdpa_setup_vq_irq() could outlive the eventfd_ctx, risking use-after-free when the eventfd is released. The patch binds the token lifecycle to VHOST_SET_VRING_CAL...

7.8CVSS7.5AI score0.00213EPSS
CVE
CVE
added 2024/04/02 6:22 a.m.172 views

CVE-2024-26661

Public technical details for CVE-2024-26661 are not provided in the connected documents; monitor for updates from vendors/advisories.

5.5CVSS6.3AI score0.00227EPSS
CVE
CVE
added 2024/05/17 12:2 p.m.172 views

CVE-2024-27431

Technical details (affected products, impact, exploit info, and remediation specifics) are not publicly provided in the supplied documents. Monitor for official updates and vendor advisories for CVE-2024-27431.

5.5CVSS6.6AI score0.00223EPSS
CVE
CVE
added 2024/05/30 3:28 p.m.162 views

CVE-2024-36889

CVE-2024-36889 concerns the Linux kernel’s MPTCP code. The issue arises when a client falls back to TCP during connect, and snd_nxt is not initialized yet; an incoming ACK could copy that uninitialized value into snd_una. If the MPTCP worker then re-injects data, it may trigger a cleanup using a ...

5.5CVSS6.3AI score0.00267EPSS
CVE
CVE
added 2023/09/06 1:52 p.m.161 views

CVE-2023-4015

CVE-2023-4015 describes a use-after-free in the Linux kernel nf_tables component of netfilter, enabling local privilege escalation. The issue arises when building a nftables rule: deactivating immediate expressions in nft_immediate_deactivate() can unbind a chain and deactivate objects that are l...

7.8CVSS7.6AI score0.00285EPSS
CVE
CVE
added 2024/04/02 6:22 a.m.160 views

CVE-2024-26662

The CVE CVE-2024-26662 affects the Linux kernel DRM/AMD display path. A null pointer dereference could occur in dcn21_set_backlight_level() when panel_cntl is NULL, potentially crashing the GPU/display path. The fix introduces a null-check for panel_cntl before dereferencing and updates dcn21_hws...

5.5CVSS5.9AI score0.00225EPSS
CVE
CVE
added 2024/07/12 12:25 p.m.160 views

CVE-2024-40931

CVE-2024-40931 (Linux kernel) : Affected component is the kernel’s mptcp code. The issue arose when a Subflow key snd_una remained uninitialized on connect due to a sequencing bug (snd_nxt and write_seq initialization order). The root cause is triggered by syzkaller’s retransmit path after fallba...

5.5CVSS6.6AI score0.00253EPSS
CVE
CVE
added 2023/09/06 1:50 p.m.157 views

CVE-2023-3777

CVE-2023-3777 is a use-after-free in Linux kernel nf_tables (netfilter). When nf_tables_delrule() flushes table rules, it may release objects if the chain is bound, enabling local privilege escalation. Mitigation: upgrade past commit 6eaf41e87a223ae6f8e7a28d6e78384ad7e407f8 (Linux kernel versions...

7.8CVSS8.2AI score0.00413EPSS
CVE
CVE
added 2024/06/19 1:48 p.m.157 views

CVE-2024-38605

CVE-2024-38605 : In the Linux kernel, the ALSA core code fixed a NULL module pointer handling during snd_card initialization. The patch moves the assignment of card->module outside the MODULE check to ensure the driver’s module reference is correctly tracked when the core is built-in but the c...

8.8CVSS9AI score0.01088EPSS
CVE
CVE
added 2024/10/21 7:39 p.m.157 views

CVE-2024-50028

CVE-2024-50028 is confirmed in connected documents as a Linux kernel vulnerability related to the thermal subsystem. The flaw occurs in the thermal: core: Reference count handling in thermal_zone_get_by_id(), where the thermal zone object could be accessed after it may have been freed. The adviso...

5.5CVSS5.2AI score0.00204EPSS
CVE
CVE
added 2024/08/22 1:32 a.m.151 views

CVE-2022-48915

CVE-2022-48915 affects the Linux kernel thermal subsystem. The issue was a NULL pointer dereference in TZ_GET_TRIP when a thermal zone defines no trip, caused by an unsafe call path to get_trip_hyst(). The fix prevents calling get_trip_hyst() if the thermal zone lacks a trip, as described in the ...

5.5CVSS6.6AI score0.0021EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.150 views

CVE-2024-26718

CVE-2024-26718 concerns the Linux kernel. The description and connected Astra Linux bulletin confirm a memory-corruption risk in dm-crypt and dm-verity tasklets due to the tasklet handling path (tasklet_action_common calling tasklet_trylock, running the callback, then tasklet_unlock). The propose...

5.5CVSS6.7AI score0.00224EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.150 views

CVE-2025-23150

CVE-2025-23150 : In the Linux kernel, an off-by-one error in ext4’s do_split caused a use-after-free in ext4_insert_dentry from an out-of-bounds access during directory entry splitting. The issue can lead to a use-after-free in ext4_insert_dentry and related ext4/namei.c code paths when handling ...

5.5CVSS6.5AI score0.00171EPSS
CVE
CVE
added 2025/02/26 2:23 a.m.142 views

CVE-2022-49663

CVE-2022-49663 affects the Linux kernel in the tunneling path used by Genefe/IPv4 tunnels. The root cause is an assumption that skb->mac_header is set in skb_tunnel_check_pmtu(); debug added in a kernel commit triggered a warning in ndo_start_xmit() paths, since skb->data should point to th...

5.5CVSS6.3AI score0.00266EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.142 views

CVE-2025-23145

CVE-2025-23145 affects the Linux kernel (MPTCP) and describes a NULL-pointer dereference in the mptcp_can_accept_new_subflow path. The root cause is that subflow_req->msk ownership could be transferred to a subflow on the first path, creating a window where a second SYN-ACK could be processed ...

5.5CVSS6.8AI score0.00176EPSS
CVE
CVE
added 2025/02/26 1:55 a.m.138 views

CVE-2022-49160

CVE-2022-49160 affects the Linux kernel driver scsi: qla2xxx. Root cause: during purex packet handling, a pre-allocated structure was freed incorrectly; the fix skips freeing that entry. Impact: system crashes during module load/unload tests (as shown by the stack traces: sbitmap_init_node, blk_m...

5.5CVSS5.4AI score0.00273EPSS
CVE
CVE
added 2025/01/19 11:52 a.m.138 views

CVE-2024-57907

CVE-2024-57907 concerns the Linux kernel IIO ADC driver for Rockchip (rockchip_saradc). The vulnerability arises because the local data structure used to push data to userspace from a triggered buffer was not fully initialized; values for inactive channels were left undefined since only active ch...

7.1CVSS6.1AI score0.0021EPSS
CVE
CVE
added 2025/02/27 2:18 a.m.137 views

CVE-2025-21766

CVE-2025-21766 – Linux kernel: ipv4 PMTU update path uses RCU protection. __ip_rt_update_pmtu() must read the net structure under RCU to prevent reading a structure that can disappear. The connected documents confirm the root cause and indicate this has been resolved by introducing RCU protection...

5.5CVSS6.5AI score0.00196EPSS
CVE
CVE
added 2024/06/20 11:13 a.m.136 views

CVE-2022-48735

CVE-2022-48735 concerns a use‑after‑free in the Linux kernel ALSA hda LED class devices created by HD‑audio codec drivers. The issue arises because LED class devices are registered via devm_led_classdev_register() and tied to the codec device, but the devres release can execute before the devm ch...

7.8CVSS8.4AI score0.00234EPSS
CVE
CVE
added 2025/02/27 2:12 a.m.135 views

CVE-2025-21745

CVE-2025-21745 affects the Linux kernel blk-cgroup subsystem. The root cause was a leak of the subsystem refcount in blkcg_fill_root_iostats() caused by iterating devices with class_dev_iter_(init|next)() without class_dev_iter_exit(). The fix ends the iteration with class_dev_iter_exit(), preven...

5.5CVSS6.7AI score0.00218EPSS
CVE
CVE
added 2025/05/01 1:7 p.m.134 views

CVE-2025-37788

CVE-2025-37788 affects the Linux kernel cxgb4 memory handling: in cxgb4_init_ethtool_filters(), a memory leak can occur if loc_array is allocated but bmap allocation fails, because the free path only frees from (i-1) iterations. The fix frees loc_array in the bmap error path, mitigating the leak....

5.5CVSS6.5AI score0.00166EPSS
CVE
CVE
added 2024/06/21 10:18 a.m.130 views

CVE-2024-36244

CVE-2024-36244 (Linux kernel) affects the taprio scheduler under net/sched. The issue arises when the UAPI allows a cycle-time that can be shorter than the sum of entry intervals, allowing a subtle bypass of the fix in the blamed commit. The advisory adds a new restriction: the cycle time must be...

5.5CVSS6.6AI score0.00249EPSS
CVE
CVE
added 2024/12/27 2:11 p.m.127 views

CVE-2024-56538

Technical details for CVE-2024-56538 (Linux kernel drm: zynqmp_kms unplug before removal) are not publicly provided in the connected documents. Monitor for updates; none of the OpenVAS/USN entries include exact exploit specifics, affected versions, or fixes beyond referencing the CVE.

7.8CVSS6.5AI score0.0022EPSS
CVE
CVE
added 2024/02/29 10:37 p.m.125 views

CVE-2021-47061

CVE-2021-47061 : Concrete details in connected advisories show a Linux kernel/KVM issue where destroying an I/O bus device must occur after unregister, and after SRCU-synchronization. The root cause is a use-after-free risk if devices are destroyed before the bus is nullified, because readers exp...

7.8CVSS6.4AI score0.00241EPSS
CVE
CVE
added 2024/02/28 8:13 a.m.124 views

CVE-2021-47050

CVE-2021-47050 affects the Linux kernel memory/ Renesas Renesas-rpc-if path. The issue is a NULL pointer dereference: platform_get_resource_byname() can return NULL, and the code would immediately dereference it in resource_size(). The vulnerability’s root cause is dereferencing an unchecked NULL...

5.5CVSS6.6AI score0.00235EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.124 views

CVE-2025-22044

CVE-2025-22044 relates to a Linux kernel vulnerability in the ACPI NFIT handling (acpi_nfit_ctl). The issue arises from a narrowing conversion of a user-supplied 64‑bit value (call_pkg->nd_family) to int after a zero-check, which could allow an invalid argument to pass when the lower 32 bits a...

5.5CVSS6.4AI score0.00174EPSS
CVE
CVE
added 2025/05/01 2:9 p.m.117 views

CVE-2022-49827

Summary (CVE-2022-49827) : In the Linux kernel DRM stack, a possible null pointer dereference could occur during vblank cleanup when __drmm_add_action() fails and drm_vblank_init_release() runs for a vblank with a NULL worker, leading to kthread_destroy_worker() dereference. The fix adds a NULL c...

5.5CVSS6.5AI score0.00183EPSS
CVE
CVE
added 2025/05/02 3:55 p.m.117 views

CVE-2023-53077

CVE-2023-53077 affects the Linux kernel’s DRM AMD display path. The vulnerability arises in CalculateVMAndRowBytes when PTEBufferSizeInRequests is zero, causing UBSAN to warn due to dml_log2 returning an unexpectedly negative value (shift exponent 4294966273). The documented fix is to skip the dm...

7.8CVSS6.6AI score0.00174EPSS
CVE
CVE
added 2024/10/21 11:53 a.m.117 views

CVE-2024-47720

CVE-2024-47720 in the Linux kernel relates to the AMD display path (drm/amd/display) where dcn30_set_output_transfer_func dereferenced set_output_gamma without a null check. The patch adds a nullity check for set_output_gamma before calling it and logs an error if it is NULL, preventing a potenti...

5.5CVSS5.1AI score0.00219EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.116 views

CVE-2023-52846

The CVE-2023-52846 entry concerns a Linux kernel use-after-free in hsr's prp_create_tagged_frame, where prp_fill_rct() may fail and free the skb while the successful path returns the original skb. Impact is described as high for confidentiality, integrity, and availability with local access prere...

7.8CVSS6.9AI score0.00245EPSS
CVE
CVE
added 2025/05/08 6:26 a.m.115 views

CVE-2025-37820

CVE-2025-37820 : In the Linux kernel, xen-netfront may dereference a NULL result from xdp_convert_buff_to_frame() if the function fails to convert an XDP buffer to a frame. The return value may be NULL due to memory constraints, internal errors, or invalid data, and failing to check it can cause ...

5.5CVSS5.5AI score0.0015EPSS
Total number of security vulnerabilities114