Lucene search
K
LinuxLinux Kernel6.10.1

13 matches found

CVE
CVE
added 2025/04/01 3:40 p.m.148 views

CVE-2025-21916

CVE-2025-21916 is part of Unity Linux/Fedora kernel advisories describing a fix for a flaw in USB ATM CXACRU endpoint checking. The root cause was insufficient verification of USB endpoint addresses in cxacru_bind(), leading to incorrect URB handling (e.g., bogus urb xfers). The mitigation is to ...

5.5CVSS7.1AI score0.002EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.82 views

CVE-2025-38154

CVE-2025-38154 affects the Linux kernel sockmap path (bpf/sockmap) where sk->sk_socket can be used after free due to a race with backlog/thread close paths. The description in the connected documents explains that sk_socket is not locked/referenced in the backlog, enabling a race with the rele...

7.8CVSS7.2AI score0.00154EPSS
CVE
CVE
added 2026/03/25 10:33 a.m.34 views

CVE-2026-23394

CVE-2026-23394 – af_unix GC race with MSG_PEEK (Linux kernel) : A race between MSG_PEEK and garbage collection can cause the GC to incorrectly GC dead sockets, since MSG_PEEK silently bumps a file refcount. The issue originates from a change in the current GC algorithm and the removal of the lock...

4.7CVSS5.7AI score0.00089EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.29 views

CVE-2026-46143

The CVE-2026-46143 issue affects the Linux kernel’s ASoC component, specifically qcom: q6apm-lpass-dai. Root cause: prepare may be invoked multiple times, causing multiple graph opens in the playback path and resulting memory leaks. Mitigation in the public documents is a patch that adds a check ...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2026/05/08 2:22 p.m.28 views

CVE-2026-43471

Summary (mode C): The CVE-2026-43471 issue affects the Linux kernel’s SCSI UFS core, specifically a NULL pointer dereference in ufshcd_add_command_trace() when hwq is NULL, which can occur if ufshcd_mcq_req_to_hwq() returns NULL. A patch adds a NULL check for hwq before accessing hwq->id to pr...

5.5CVSS5.8AI score0.00114EPSS
CVE
CVE
added 2026/04/02 11:40 a.m.26 views

CVE-2026-23413

The CVE-2026-23413 entry concerns the Linux kernel: a use-after-free in the clsact qdisc during init/destroy rollback caused by asymmetrical initialization between ingress and egress sides. A failed replacement during clsact_init() (e.g., via tcf_block_get_ext()) could leave both ingress and egre...

7.8CVSS5.8AI score0.00119EPSS
CVE
CVE
added 2025/09/24 11:2 a.m.23 views

CVE-2024-58241

CVE-2024-58241 is a Linux kernel vulnerability affecting the Bluetooth stack. The issue arises in Bluetooth: hci_core where, on hci_unregister_dev, submissions using disable_work_* are not disablable because the associated hci_dev is about to be freed. The provided connected documents confirm the...

5.5CVSS6.1AI score0.00119EPSS
CVE
CVE
added 2026/04/24 2:45 p.m.23 views

CVE-2026-31666

CVE-2026-31666 affects the Linux kernel’s btrfs filesystem. A defect in lookup_extent_data_ref() caused an incorrect return value when transitioning between leaves, due to merged err/ret handling: if btrfs_next_leaf() returns 0, ret could be overwritten from -ENOENT to 0, making a non-matching ke...

7.8CVSS5.4AI score0.0012EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.19 views

CVE-2026-23385

In the Linux kernel netfilter nf_tables subsystem, CVE-2026-23385 describes a vulnerability where cloning a set during a flush operation could trigger a GFP_KERNEL memory allocation failure, producing a WARN splat and potentially destabilizing the system. The fix tightens clone handling by restri...

5.5CVSS5.7AI score0.00135EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.18 views

CVE-2026-23445

Summary of CVE-2026-23445 (Linux kernel igc driver) Affected component: igc network driver in the Linux kernel, specifically the XDP TX timestamping path. Root cause: during shutdown of the TX ring, the code leaves behind stale xsk_meta pointers, causing the IRQ handler to touch invalid pointers ...

7.8CVSS5.7AI score0.00129EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.17 views

CVE-2026-31558

The CVE-2026-31558 issue affects the Linux kernel LoongArch KVM component. The vulnerable code is kvm_get_vcpu_by_cpuid(), which accepts a cpuid as int; if cpuid is negative, the function could access kvm_arch::phyid_map::phys_map[] out of bounds. The documented fix makes kvm_get_vcpu_by_cpuid() ...

8.8CVSS5.4AI score0.00129EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.15 views

CVE-2025-71134

CVE-2025-71134: In the Linux kernel, mm/page_alloc: when coalescing pages, the migrate type of all pageblocks is not updated, updating only the first pageblock causes inconsistency between the page and its pageblocks. This triggers warnings in expand() and related paths. The issue is resolved in ...

5.5CVSS6.1AI score0.00115EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.13 views

CVE-2026-23380

CVE-2026-23380 (Linux kernel) describes a local vulnerability in tracing buffers memory management. When a process forks, the child’s VMAs copy the parent’s without incrementing user_mapped, so exiting both processes may cause tracing_buffers_mmap_close() to run twice; on the second call user_map...

5.5CVSS5.6AI score0.00114EPSS