Lucene search
K
LinuxLinux Kernel6.15.1

24 matches found

CVE
CVE
added 2025/07/19 6:46 a.m.124 views

CVE-2025-38350

CVE-2025-38350 affects the Linux kernel net/sched HFSC and other classful qdiscs. The issue arises when a child qdisc becomes empty during enqueue/dequeue interactions, potentially leading to a use-after-free on stale class pointers after backlog/backlog accounting. The known fix changes the back...

7.8CVSS6.6AI score0.0018EPSS
CVE
CVE
added 2025/07/03 8:35 a.m.80 views

CVE-2025-38151

Technical details about CVE-2025-38151 are not publicly provided in the supplied documents; no explicit information on affected kernel versions, root cause, impact, or patch is included. Monitor for updates.

5.5CVSS7AI score0.00147EPSS
CVE
CVE
added 2025/07/25 3:27 p.m.77 views

CVE-2025-38451

CVE-2025-38451 affects the Linux kernel’s md/md-bitmap code. The issue caused a GPF in bitmap_get_stats() when handling external or internal bitmaps due to missing super-block validation. The fix adds a super-block existence check for both internal and external cases, preventing the non-canonical...

5.5CVSS6.5AI score0.00147EPSS
CVE
CVE
added 2025/07/10 7:41 a.m.72 views

CVE-2025-38273

CVE-2025-38273 corresponds to a Linux kernel fix for a refcount warning in net/tipc: tipc_aead_encrypt, reported when get_net() could be called on a destroying network namespace. The patch replaces get_net() with maybe_get_net(), which checks the refcount and returns -ENODEV if the namespace is b...

5.5CVSS6.5AI score0.00161EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.59 views

CVE-2026-46124

CVE-2026-46124 affects the Linux kernel isofs filesystem. The vulnerability arises because isofs_fh_to_dentry/isofs_fh_to_parent pass an attacker-controlled block number from an NFS file handle to isofs_export_iget(), which only rejects block == 0 before calling isofs_iget and sb_bread. A crafted...

7.5CVSS5.8AI score0.00425EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.49 views

CVE-2025-38195

CVE-2025-38195 concerns the Linux kernel LoongArch code, where a NULL-PMD handling path in huge_pte_offset() could trigger a kernel-panic when processing huge pages, as shown by the error trace and mitigation notes. The issue affects the kernel’s page fault / madvise pathways, with a local attack...

5.5CVSS6.3AI score0.00146EPSS
CVE
CVE
added 2025/07/10 8:14 a.m.38 views

CVE-2025-38325

The CVE-2025-38325 entry covers a Linux kernel issue in the ksmbd subsystem. The vulnerability arises because the free_transport function for a TCP connection could be invoked via the smbdirect path, potentially triggering a kernel oops. The published patch adds free_transport ops to the ksmbd co...

5.5CVSS6.5AI score0.00155EPSS
CVE
CVE
added 2025/07/10 7:42 a.m.36 views

CVE-2025-38308

CVE-2025-38308 affects the Linux kernel ASoC Intel AVS path during hardware initialization. The root cause is a potential null pointer dereference in avs_dai_find_path_template(); the fix drops the search since the template is already known when avs_hw_constraints_init() fires. Affected/impacted:...

5.5CVSS6.7AI score0.0012EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.33 views

CVE-2025-39871

CVE-2025-39871 relates to the Linux kernel dmaengine idxd driver. The fix removes an improper idxd_free() call that could trigger a duplicate put_device() leading to refcount underflow and a use-after-free during module unload. The issue arises in idxd_remove() and during module exit when CONFIG_...

7.8CVSS6.2AI score0.0014EPSS
CVE
CVE
added 2025/07/04 1:37 p.m.32 views

CVE-2025-38224

CVE-2025-38224 concerns the Linux kernel’s can: kvaser_pciefd driver where echo_skb_max was defined as 17 (KVASER_PCIEFD_CAN_TX_MAX_COUNT) but later rounded to the next power of two (32). This caused potential slab-out-of-bounds in kvaser_pciefd_handle_ack_packet() when computing tx/rx indices, l...

7.1CVSS6.4AI score0.0014EPSS
CVE
CVE
added 2026/05/08 2:21 p.m.32 views

CVE-2026-43376

CVE-2026-43376 affects ksmbd in the Linux kernel. The vulnerability arises from freeing oplock_info with kfree() while it can still be accessed under RCU read-side critical sections (e.g., opinfo_get), allowing a use-after-free. The fixes across connected reports switch to deferred freeing via ca...

9.8CVSS5.8AI score0.00444EPSS
CVE
CVE
added 2025/08/16 11:12 a.m.24 views

CVE-2025-38522

CVE-2025-38522 fixes a Linux kernel issue in sched/ext where update_locked_rq() could be called with a NULL runqueue (rq). The patch ensures update_locked_rq() is invoked only when rq is non-NULL, preventing unsafe __this_cpu_write() usage in preemptible contexts. The vulnerability description no...

5.5CVSS6.5AI score0.00128EPSS
CVE
CVE
added 2026/02/14 4:27 p.m.23 views

CVE-2026-23192

Summary (CVE-2026-23192) : This is a use-after-free in the Linux kernel’s linkwatch subsystem. When a network device is deleted while linkwatch events are pending, the device reference may be freed prematurely (in linkwatch_do_dev), allowing __linkwatch_run_queue to access a freed device. The fix...

7.8CVSS5.3AI score0.00125EPSS
CVE
CVE
added 2025/09/23 6:0 a.m.22 views

CVE-2025-39870

Mode C: The CVE-2025-39870 is a Linux kernel vulnerability in dmaengine: idxd, where a double free could occur in idxd_setup_wqs() due to error handling paths (conf_dev uninitialized when max_wqs

7.8CVSS6.2AI score0.00144EPSS
CVE
CVE
added 2025/09/07 3:16 p.m.21 views

CVE-2025-39733

CVE-2025-39733 affects the Linux kernel where the issue centers on protecting the team network device. The root cause is ordering issues with lower instance locks and the team lock; the fix switches to using the rtnl lock (as done for bonding) to guard the team device, based on a patch by Tetsuo ...

5.5CVSS5.9AI score0.00134EPSS
CVE
CVE
added 2026/05/27 12:57 p.m.20 views

CVE-2026-46061

Summary: CVE-2026-46061 is a Linux kernel issue in jbd2/journal handling that can cause an ABBA deadlock when filesystem blocksize is smaller than pagesize. The root cause is a lock-order conflict introduced by switching to __find_get_block_nonatomic() which can hold folio and buffer locks in the...

5.5CVSS5.7AI score0.00094EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.19 views

CVE-2026-31475

In CVE-2026-31475, the Linux kernel ASoC sma1307 component had a double-free issue: mode_set entries allocated with devm_kzalloc() were (incorrectly) freed with kfree() in an error path. The remedy documented across multiple sources is to drop the manual kfree() loop and rely on device resource m...

7.8CVSS5.6AI score0.00127EPSS
CVE
CVE
added 2026/05/06 7:40 a.m.19 views

CVE-2026-43102

CVE-2026-43102 affects the Linux kernel net/airoha driver: a memory leak in the airoha_qdma_rx_process() when processing subsequent buffers in the non-linear skb portion. If an error occurs, the page_pool fragment may fail to be linked back to the skb, preventing it from being returned to the poo...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/08 1:11 p.m.19 views

CVE-2026-43286

The CVE-2026-43286 entry is resolved in the Linux kernel’s hugetlb subsystem (mm/hugetlb). A fix for an underflow in hstate->resv_huge_pages was introduced by commit a833a693a490 to correct fallback behavior for subpools, but it created a new issue where the subpool’s used_hpages could remain ...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/03/25 10:27 a.m.18 views

CVE-2026-23362

CVE-2026-23362 affects the Linux kernel component can/bcm locking during bcm_op runtime updates (bcm_tx_setup/bcm_rx_setup). Connected OSV records show Root (rootio-linux) has patched this CVE in Root:Debian:11/12/13 with multiple fixed versions across Debian/Ubuntu and Mageia advisories, indicat...

5.5CVSS5.7AI score0.00095EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.17 views

CVE-2025-71128

CVE-2025-71128 is a Linux kernel vulnerability affecting GRE ERSPAN processing. The issue stems from the ip_tunnel_info structure’s flexible array member options, protected by a count options_len, where the counter must be initialized before first referencing options. The GRE ERSPAN code performe...

5.5CVSS6.2AI score0.00124EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.16 views

CVE-2025-71142

CVE-2025-71142 : In the Linux kernel, a warning is triggered when disabling a remote cpuset partition under certain CPU-hotplug scenarios, due to an incorrect relationship between effective_xcpus and subpartitions_cpus. The fix per the advisory and related documents changes the warning logic to o...

5.5CVSS6AI score0.00102EPSS
CVE
CVE
added 2026/04/24 2:35 p.m.15 views

CVE-2026-31571

The CVE-2026-31571 entry concerns the Linux kernel DRM/I915: unlink_nv12_plane() could clobber plane state after plane_atomic_check() when a Y-plane is repurposed as a normal plane. The fix is to unlink the NV12 planes before computing the new plane state, preventing the race condition that could...

5.5CVSS5.4AI score0.00121EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.13 views

CVE-2026-31501

The CVE-2026-31501 issue affects the Linux kernel net: ti: icssg-prueth driver and is a use-after-free in the RX path. cpp i5_hdesc_get_psdata() returns a pointer into the CPPI descriptor, and the descriptor is freed via k3_cppi_desc_pool_free() before psdata[0]/psdata[1] are used by emac_rx_time...

9.8CVSS5.6AI score0.00379EPSS