Lucene search
K
LinuxLinux Kernel6.13.1

30 matches found

CVE
CVE
added 2025/05/08 6:26 a.m.122 views

CVE-2025-37815

CVE-2025-37815 concerns the Linux kernel’s misc: microchip: pci1xxxx IRQ handling. The patch fixes a kernel panic during IRQ handler registration by acquiring the spinlock and saving the current interrupt state before processing the IRQ via generic_handle_irq. A previous fix substituted generic_h...

5.5CVSS5.2AI score0.0015EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.121 views

CVE-2025-22093

Summary (CVE-2025-22093) The Linux kernel DRM for AMD displays had a NULL pointer dereference risk when DMUB is unsupported on the ASIC. Specifically, ctx->dmub_srv could be NULL (tested in dm_dmub_sw_init) but was dereferenced in dmub_hw_lock_mgr_cmd if should_use_dmub_lock returned true. The...

5.5CVSS6.3AI score0.00176EPSS
CVE
CVE
added 2025/05/08 6:26 a.m.119 views

CVE-2025-37811

CVE-2025-37811 is a Linux kernel vulnerability in the USB chipidea ci_hdrc_imx driver. The root cause is an unsafe dereference of data->usbmisc_data when usbmisc is NULL; the fix adds a guard before dereferencing the pointer. Reported under CVSSv3.1: AV Local, AC Low, PR Low, UI None, S U, C a...

5.5CVSS5.3AI score0.0015EPSS
CVE
CVE
added 2025/04/16 2:11 p.m.109 views

CVE-2025-22030

CVE-2025-22030 involves a deadlock in the Linux kernel zswap path. The root cause: zswap_cpu_comp_dead() can call crypto_free_acomp() while holding the per-CPU acomp_ctx mutex, while crypto_free_acomp() may attempt to acquire scomp_lock via crypto_exit_scomp_ops_async(), and crypto_alloc_acomp_no...

5.5CVSS6.5AI score0.00174EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.97 views

CVE-2025-22077

CVE-2025-22077 relates to the Linux kernel CIFS/SMB client TCP timer deadlock fix. The description explains that a prior patch intended to fix a null-pointer dereference (related to CVE-2024-54680) was reverted, which in turn revived a real issue with TCP sockets for CIFS connections. The root ca...

5.5CVSS5.2AI score0.00129EPSS
CVE
CVE
added 2025/05/01 1:7 p.m.96 views

CVE-2025-37784

CVE-2025-37784 affects the Linux kernel ICSS IEP driver (net: ti: icss-iep). The vulnerability was caused by a NULL pointer dereference when disabling PPS/PEROUT during icss_iep_exit(), due to lingering perout state referenced by icss_iep_perout_enable_hw. The fix updates icss_iep_perout_enable_h...

5.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2025/02/27 8:4 p.m.93 views

CVE-2025-21819

Technical details for CVE-2025-21819 are not provided in the supplied documents; no affected product/version or remediation information is disclosed. Monitor for updates.

5.5CVSS6.7AI score0.00181EPSS
CVE
CVE
added 2025/05/20 3:21 p.m.75 views

CVE-2025-37895

The CVE affects the Linux kernel BNXT Ethernet driver (bnxt_en). The root cause is in bnxt_init_chip() where a failure path triggers cancel_work_sync() on uninitialized dim work because BNXT_STATE_NAPI_DISABLED is not set during bnxt_open(). The fix sets BNXT_STATE_NAPI_DISABLED during initializa...

5.5CVSS6.5AI score0.00157EPSS
CVE
CVE
added 2025/02/27 8:4 p.m.61 views

CVE-2025-21813

CVE-2025-21813 affects the Linux kernel timers/migration code. The root cause is an off-by-one mis-count during the migration of the top CPU group to a new root, where the old root is pre-accounted as a child of the new root. After attaching the upcoming CPU’s top group, the expected children cou...

5.5CVSS6.4AI score0.00179EPSS
CVE
CVE
added 2025/06/18 9:33 a.m.39 views

CVE-2025-38032

The CVE pertains to the Linux kernel (CVE-2025-38032) where a splat was reported in the ipmr netns cleanup path due to ipmr_can_free_table() checks in net/ipv4/ipmr.c. The issue was addressed by consolidating the relevant sanity check in a single helper and reusing it for both IPv4 and IPv6 code ...

5.5CVSS6.3AI score0.00137EPSS
CVE
CVE
added 2026/05/28 9:40 a.m.32 views

CVE-2026-46219

CVE-2026-46219 concerns a use-after-free in the SPI mpc52xx path of the Linux kernel. The description indicates the state machine work is scheduled by the interrupt handler and must be cancelled after interrupts are disabled to avoid use-after-free. Connected OSV entries show patches in rootio-li...

7.8CVSS5.7AI score0.00135EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.31 views

CVE-2026-46130

CVE-2026-46130 concerns the Linux kernel’s dm-verity-fec component. The root cause is an incorrect assumption about parity data layout: when reading parity bytes across blocks, parity bytes for the first RS codeword can be split across parity blocks, causing an out-of-bounds read under certain no...

7.1CVSS5.8AI score0.00117EPSS
CVE
CVE
added 2026/02/04 4:8 p.m.29 views

CVE-2026-23100

The CVE-2026-23100 entry concerns the Linux kernel mm/hugetlb code and a fix for hugetlb_pmd_shared(). The vulnerability stemmed from how shared PMD tables were detected; the patch set switches to using an independent shared count and the ptdesc_pmd_is_shared() check, so that shared PMD tables ar...

5.5CVSS5.3AI score0.00114EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.25 views

CVE-2026-23010

CVE-2026-23010 is a Linux kernel use-after-free affecting inet6_addr_del() in IPv6 address deletion. The issue arises from the commit that moved ipv6_del_addr() for temporary addresses before reading the ifp->flags, causing a UAF in inet6_addr_del() when handling inet6_ifaddr during address de...

7.8CVSS5.2AI score0.00182EPSS
CVE
CVE
added 2026/01/31 11:38 a.m.25 views

CVE-2026-23015

CVE-2026-23015 relates to the Linux kernel gpio_mpsse driver: a reference leak in gpio_mpsse_probe() error paths due to usb_get_dev() not being released. The fix uses device-managed helper functions and removes the usb_put_dev() call in the disconnect path, allowing automatic release of the refer...

5.5CVSS5.7AI score0.00128EPSS
CVE
CVE
added 2025/09/11 4:56 p.m.24 views

CVE-2025-39775

CVE-2025-39775: In the Linux kernel, mm/mremap: fix WARN with uffd that has remap events disabled. Root cause: during an mremap recovery, recursion recurses on the original page-table move but not the recovery move, triggering a WARN in mremap.c. The fix adds a double-VMAs PMD/PUD level check (be...

5.5CVSS6.2AI score0.00119EPSS
CVE
CVE
added 2026/01/23 2:15 p.m.24 views

CVE-2025-71150

CVE-2025-71150 relates to a Linux kernel KSMD (ksmbd) refcount leak: when a session is found during session lookup but SMB2_SESSION_VALID is not set, the reference count for that session is not decremented. The patch fixes this by explicitly calling ksmbd_user_session_put to release the reference...

5.5CVSS5.2AI score0.00118EPSS
CVE
CVE
added 2026/04/03 1:24 p.m.24 views

CVE-2026-23423

CVE-2026-23423 concerns memory management in the Linux kernel’s btrfs_uring_read_extent() path. The issue: the 'pages' object allocated during read operations is not freed in error scenarios, under the hopeful path that it will be reclaimed by btrfs_uring_read_finished() later. If errors occur (e...

5.5CVSS5.8AI score0.0012EPSS
CVE
CVE
added 2026/01/13 3:31 p.m.22 views

CVE-2025-71076

Technical details for CVE-2025-71076 are not publicly provided in the supplied documents. Monitor for updates for affected products, versions, exploitability, and remediation specifics.

5.5CVSS6.1AI score0.00121EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.22 views

CVE-2026-23326

The CVE-2026-23326 issue is a Linux kernel XSK fragment handling flaw that caused a buffer leak. After commit b692bf9a..., the xskb_list_node reuse between the xskb pool list and the buffer free list meant xp_free() could skip adding a freed buffer to the free list because list_del() did not rein...

7.8CVSS5.9AI score0.00129EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.22 views

CVE-2026-43012

CVE-2026-43012 refers to a Linux kernel issue in the net/mlx5 driver where a failed switchdev mode rollback could cause a kernel panic during an attempted rollback to legacy mode. The public descriptions from NVD/SUSE/Red Hat detail that if switchdev mode initialization/transition fails, the code...

5.5CVSS5.8AI score0.00122EPSS
CVE
CVE
added 2026/05/01 2:15 p.m.20 views

CVE-2026-31772

The CVE-2026-31772 issue affects the Linux kernel Bluetooth HCI path. The root cause is a stack buffer overflow in hci_le_big_create_sync where DEFINE_FLEX allocates a stack struct for BIS entries with room for 17, but conn->num_bis can be up to 31, leading to a memcpy that can write beyond th...

7.8CVSS5.9AI score0.00142EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.19 views

CVE-2025-71135

CVE-2025-71135 (Linux kernel md/raid5): The issue is a possible NULL pointer dereference in raid5_store_group_thread_cnt() when mddev->private (conf) is NULL. The fix prevents using conf by returning early/unlocking before raid5_quiesce() if conf is NULL, as described in the Astra Linux and re...

5.5CVSS6.2AI score0.0015EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.16 views

CVE-2026-23345

The CVE-2026-23345 issue affects the Linux kernel on ARM64 with Graphics Control System (GCS) mappings when FEAT_LPA2 is enabled. The root cause is incorrect handling of PTE_SHARED bits in GCS memory mappings, which can trigger a kernel panic (DoS) due to a bad page table translation. The recomme...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.16 views

CVE-2026-23437

CVE-2026-23437 (Linux kernel) concerns the net: shaper module. A missing liveness check occurs when a netdev is looked up during prep of Netlink operations, a reference is taken, and later the code uses the netdev’s lock or RCU protections. The conversion from a ref to a locked netdev may proceed...

7.8CVSS5.7AI score0.00127EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.15 views

CVE-2026-23331

The CVE-2026-23331 issue concerns the Linux kernel UDP 4-tuple hash table: when an auto-bound UDP socket is bound, connected, and then disconnected, the socket may be moved to a new hash slot without removing the old entry, leaving garbage in the 4-tuple chain. The fix is to remove such a socket ...

5.5CVSS5.6AI score0.00121EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.14 views

CVE-2025-71115

CVE-2025-71115 pertains to the Linux kernel where cpu_tasks[] is not initialized early enough, causing a NULL current in certain init paths (notably with KCOV enabled) and potential crashes. The available connected docs confirm the vulnerability arises from initializing cpu_tasks[] in uml_finishs...

5.5CVSS6.3AI score0.00108EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.14 views

CVE-2026-31569

The CVE-2026-31569 issue affects the Linux kernel’s LoongArch KVM path, where EIOINTC's coremap can be empty in eiointc_update_sw_coremap(), causing an out-of-bounds access to kvm_arch::phyid_map::phys_map[]. The described impact is system instability or a crash, with potential information disclo...

7.3CVSS5.4AI score0.0012EPSS
CVE
CVE
added 2026/04/03 3:15 p.m.11 views

CVE-2026-23436

The CVE-2026-23436 issue affects the Linux kernel's net: shaper component. A race could occur when a netdev is unregistered between taking a reference during Netlink prep and locking/RCU in the callback, potentially leaking the hierarchy after a flush. The fix applies the instance lock in pre- st...

5.5CVSS5.7AI score0.00121EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.9 views

CVE-2025-71124

CVE-2025-71124 —Linux kernel DRM MSM A6XX path fix: moved preempt_prepare_postamble() to after validating preempt_postamble_ptr to prevent NULL pointer dereference when postamble allocation fails. Impact described as crash risk; patch available in Patchwork 687659; no exploitation details provide...

5.5CVSS6.1AI score0.00137EPSS