Lucene search
K
LinuxLinux Kernel5.9

115 matches found

CVE
CVE
added 2025/09/15 2:49 p.m.23 views

CVE-2022-50337

The CVE-2022-50337 issue affects the Linux kernel OCXL path: get_function_0() calls pci_get_domain_bus_and_slot(), which returns a PCI device with an incremented refcount. If pci_dev_put() is not called, a refcount leak can occur. The fixes add device reference handling and ensure calls to pci_de...

5.5CVSS6AI score0.00145EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.22 views

CVE-2026-43153

CVE-2026-43153 affects the Linux kernel’s XFS attribute handling: the function xfs_attr_leaf_hasname has an problematic calling convention that can mishandle buffers. The fix is to open-code xfs_attr_leaf_hasname in callers so each caller of xfs_attr3_leaf_read manages buffer release. The issue i...

7.8CVSS5.7AI score0.00138EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.21 views

CVE-2023-53492

The CVE-2023-53492 entry describes a Linux kernel nf_tables issue: when adding a rule that refers to a chain by ID, Genmask was ignored if the chain had been deleted in the same batch, causing the rule to reference a deleted chain and trigger a warning. The root cause is nf_tables_lookup_byid ign...

7.8CVSS6AI score0.00153EPSS
CVE
CVE
added 2025/10/04 3:44 p.m.21 views

CVE-2023-53610

The CVE-2023-53610 issue affects the Linux kernel and is tied to irqchip/refcount handling in platform_irqchip_probe. Specifically, of_irq_find_parent() returns a node pointer with an incremented refcount, and the advisory notes that of_node_put() must be invoked when the node is no longer needed...

5.5CVSS6AI score0.00135EPSS
CVE
CVE
added 2025/10/20 3:26 p.m.21 views

CVE-2025-40005

The CVE-2025-40005 entry concerns the Linux kernel’s cadence-quadspi driver. Technical detail from connected documents shows that the vulnerability arises when the indirect read/write path and force device removal (unbind) could crash the kernel during operation. The fix implements a refcount to ...

5.5CVSS6AI score0.00181EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.21 views

CVE-2026-31454

Summary: CVE-2026-31454 affects the Linux kernel's XFS code. In xfs_inode_item_push() and xfs_qm_dquot_logitem_push(), the AIL lock is dropped to perform buffer IO, which can allow a log item to be freed during reclaim. A subsequent spin_lock() may dereference lip->li_ailp, causing a use-after...

7.8CVSS5.7AI score0.00126EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.20 views

CVE-2026-31455

CVE-2026-31455 pertains to the Linux kernel, specific to the XFS unmount path. During unmount, in xfs_unmount_flush_inodes(), the AIL is pushed while background reclaim and inodegc may still be running, which can lead to inodes being dirtied or re-queued into the AIL. The provided fix reorders th...

7.8CVSS5.6AI score0.00126EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.20 views

CVE-2026-31617

CVE-2026-31617 in the Linux kernel Usb Gadget CDC-NCM path (f_ncm) allowed a host to supply a too-small NTB block_len, triggering an underflow in block_len - ndp_size/dpe_size checks and enabling memory exposure during skb_copy. The fix clamps block_len to only those values that can hold the NTB ...

7CVSS5.3AI score0.00129EPSS
CVE
CVE
added 2025/10/01 11:42 a.m.19 views

CVE-2023-53462

CVE-2023-53462 affects the Linux kernel with the HSR driver. The issue was an uninitialized value access in fill_frame_info() that could occur during VLAN handling. The provided fix states that VLAN (ETH_P_8021Q) is not yet supported by the hsr driver and instructs returning an error from fill_fr...

5.5CVSS6.1AI score0.00145EPSS
CVE
CVE
added 2025/10/04 3:44 p.m.19 views

CVE-2023-53600

CVE-2023-53600 relates to the Linux kernel, where a KASAN slab-out-of-bounds condition could occur when the kernel emits an ICMP error in response to a nonlinear skb in tunnels (e.g., VXLAN PMTU path). The root cause is that ip_compute_csum() cannot handle nonlinear skbs, leading to a read of siz...

7.1CVSS6.1AI score0.0014EPSS
CVE
CVE
added 2026/06/25 8:39 a.m.18 views

CVE-2026-53216

The CVE-2026-53216 issue affects the Linux kernel mvpp2 XDP path. Short pool buffers can be smaller than PAGE_SIZE, yet XDP initially sets every xdp_buff frame size to PAGE_SIZE. The XDP helpers then use frame_sz to validate tail growth, which, with an oversized frame, can allow bpf_xdp_adjust_ta...

9.8CVSS6AI score0.00546EPSS
CVE
CVE
added 2026/04/22 1:53 p.m.17 views

CVE-2026-31453

The CVE-2026-31453 issue affects the Linux kernel XFS path. The root cause is use-after-free-like behavior: after xfsaild_push_item() calls iop_push(), the log item could be freed if the AIL lock is dropped, allowing a freed log item to be dereferenced by tracepoints in the switch that follow. Th...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/05/06 11:27 a.m.17 views

CVE-2026-43143

In the Linux kernel, CVE-2026-43143 fixes a concurrency issue in the multi-function device (mfd) core: access/modification of the mfd_of_node_list was not mutex-protected, risking unsafe list manipulation and potential crashes. The fix adds a mutex to guard this list, reducing crash likelihood. P...

5.5CVSS5.8AI score0.00128EPSS
CVE
CVE
added 2025/10/01 11:45 a.m.15 views

CVE-2022-50459

CVE-2022-50459 affects the Linux kernel’s iSCSI TCP path (scsi: iscsi: iscsi_tcp) where a NULL pointer dereference can occur if a socket is freed while accessed via sysfs. Details describe the sequence: sock_hold() on struct sock, then sockfd_put() frees the socket, __sock_release() clears sock-&...

5.5CVSS6.3AI score0.00153EPSS
CVE
CVE
added 2026/04/24 2:42 p.m.13 views

CVE-2026-31590

The CVE-2026-31590 issue affects the Linux kernel KVM SEV path: sev_pin_memory() would WARN when npages overflowed an int due to KVM_MEMORY_ENCRYPT_REG_REGION with a large size, enabling a local user to trigger a harmless warning via userspace input (e.g., addr=0, size=-1ul). The root cause is th...

5.5CVSS5.4AI score0.00125EPSS
Total number of security vulnerabilities115