Lucene search
K
LinuxLinux Kernel6.6.1

18 matches found

CVE
CVE
added 2024/06/21 11:18 a.m.181 views

CVE-2024-36481

CVE-2024-36481 affects the Linux kernel tracing/btf parsing: btf_find_struct_member() may return NULL or an ERR_PTR, but parse_btf_field() only checked NULL before. The fix uses IS_ERR() and propagates the error up the stack. Affected component is the kernel’s tracing probes; impact is a local vu...

5.5CVSS7.1AI score0.00211EPSS
CVE
CVE
added 2024/05/30 3:29 p.m.159 views

CVE-2024-36936

The CVE-2024-36936 issue affects the Linux kernel's memory-accept path under efi/unaccepted. The root cause was a soft lockup scenario caused by a spinlock held during memory acceptance, which could intermittently trigger a watchdog/softlockup on the CPU during large TD guest memory loads. The fi...

5.5CVSS6.4AI score0.00171EPSS
CVE
CVE
added 2024/05/17 1:41 p.m.151 views

CVE-2024-35831

CVE-2024-35831 (Linux kernel io_uring issue) : The vulnerability arises in the error path of __io_uaddr_map where, after pinning pages, the error handler may not release the pinned pages if the function fails. This can occur under memory fragmentation and results in improper cleanup. The base CVS...

5.5CVSS6.6AI score0.00207EPSS
CVE
CVE
added 2024/07/29 3:52 p.m.127 views

CVE-2024-42074

CVE-2024-42074 pertains to the Linux kernel’s ASoC AMD ACP driver. When the acp platform device creation is skipped, chip->chip_pdev can be NULL, leading to a potential NULL pointer dereference in snd_acp_resume. The connected Nessus/NASL entries confirm the root cause and describe the fix: ad...

5.5CVSS6.6AI score0.00224EPSS
CVE
CVE
added 2024/05/17 11:51 a.m.126 views

CVE-2024-27416

CVE-2024-27416 is a Linux kernel vulnerability: Bluetooth hci_event handling of HCI on_IO_CAPA_REQUEST when Read Remote Extended Features is pending could lead to an incorrect assumption that the remote supports SSP. The issue is addressed in kernel code by fixing the HCI_EV_IO_CAPA_REQUEST handl...

5.5CVSS6.7AI score0.00244EPSS
CVE
CVE
added 2024/05/17 1:27 p.m.111 views

CVE-2024-35825

Summary (CVE-2024-35825) : The issue in the Linux kernel USB gadget for CDC NCM NTB handling occurs when a zero wBlockLength is encountered. The code’s previous logic could repeatedly process the same NTB if block length is zero, risking a crash. The connected Astra Linux advisory confirms this v...

5.5CVSS6.6AI score0.0023EPSS
CVE
CVE
added 2024/05/21 3:31 p.m.69 views

CVE-2023-52839

CVE-2023-52839 describes a Linux kernel vulnerability in perf where broadcasting to other CPUs when starting a counter was removed as part of a fix (commit 3fec323339a4). Root cause: unnecessary broadcast in perf code could lead to a warning and potential instability; fix eliminates the broadcast...

3.3CVSS6.5AI score0.00209EPSS
CVE
CVE
added 2025/08/16 11:12 a.m.45 views

CVE-2025-38526

CVE-2025-38526 relates to the Linux kernel ice driver. The issue arises from missing NULL checks in eswitch lag checking: ice_lag_is_switchdev_running() may be invoked from outside the LAG event handler, causing lag->upper_netdev to be NULL and risking a NULL pointer dereference. A fix adds a ...

5.5CVSS6.5AI score0.00145EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.36 views

CVE-2026-31478

The CVE-2026-31478 issue affects ksmbd in the Linux kernel. The root cause is an incorrect calculation of the response buffer length in smb2_calc_max_out_buf_len(), where a hardcoded hdr2_len was used instead of the correct offset to the Buffer field. The security advisories describe that after a...

9.8CVSS5.8AI score0.00502EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.33 views

CVE-2026-23220

CVE-2026-23220 – Linux kernel ksmbd infinite loop fix : In ksmbd, when a signed SMB2 request fails verification, __process_request() triggers an error path that calls set_smb2_rsp_status() and resets next_smb2_rcv_hdr_off to zero. This loses the pointer to the next command in the chain, so is_cha...

5.5CVSS5.2AI score0.00118EPSS
CVE
CVE
added 2026/01/13 3:34 p.m.32 views

CVE-2025-71101

CVE-2025-71101 stems from the Linux kernel HP-BIOSCFG driver’s ACPI package parsing: hp_populate_*_elements_from_package() reads multi-element fields (PREREQUISITES, ENUM_POSSIBLE_VALUES) using offsets like enum_obj[elem + reqs] or enum_obj[elem + pos_values], but the bounds check only validated ...

7.1CVSS6.2AI score0.00117EPSS
CVE
CVE
added 2026/01/14 3:7 p.m.27 views

CVE-2025-71143

CVE-2025-71143 concerns a Linux kernel issue in clk: samsung: exynos-clkout where .num was initialized after .hws[] was accessed, triggering UBSAN_BOUNDS warnings. The fix moves the .num initialization before the first access of .hws[] (as noted in commit f316cdff8d67 and related annotations) to ...

7.8CVSS6AI score0.00122EPSS
CVE
CVE
added 2026/03/25 10:28 a.m.23 views

CVE-2026-23386

CVE-2026-23386 concerns the Linux kernel gve driver in QPL mode, where gve_tx_clean_pending_packets() could misinterpret the dma_addr_t array as buffer IDs, causing out-of-bounds/unmap errors. The root cause was an improper buffer cleanup path in gve_tx_clean_pending_packets() that could referenc...

5.5CVSS5.8AI score0.00121EPSS
CVE
CVE
added 2026/05/27 12:15 p.m.23 views

CVE-2026-45851

CVE-2026-45851 targets the Linux kernel EFI subsystem. The vulnerability arises in the reserve_unaccepted() memblock reservation: it aligns the table size but does not account for cases where the table’s start (efi.unaccepted) is not page-aligned. If the table begins mid-page and ends across the ...

7.1CVSS5.8AI score0.00159EPSS
CVE
CVE
added 2026/01/13 3:31 p.m.21 views

CVE-2025-71072

CVE-2025-71072 : In the Linux kernel, a rename/recovery issue in shmem was fixed. The root cause affected how maple_tree insertions and simple_offset_rename() pathways handled memory pressure and failure paths, including simple_offset_rename_exchange(). The fix involves how shmem_rename2() pre-in...

5.5CVSS6AI score0.00121EPSS
CVE
CVE
added 2026/01/14 3:6 p.m.21 views

CVE-2025-71119

CVE-2025-71119 affects the Linux kernel. The vulnerability arises in powerpc/kexec where, if SMT is disabled or in partial SMT state, loading a new kernel image for kexec and rebooting can trigger a warning (Waking offline cpu) because add_cpu() fails when cpu_bootable() rejects CPUs due to cpu_s...

5.5CVSS5.9AI score0.00122EPSS
CVE
CVE
added 2026/01/13 3:29 p.m.13 views

CVE-2025-68817

The CVE-2025-68817 entry concerns a Linux kernel ksmbd issue: a use-after-free in ksmbd_tree_connect_put under concurrent disconnect paths. Under high concurrency, a tcon (tree-connection object) can be freed on disconnect while another path still holds a reference and may later call *_put() or w...

7.8CVSS6.2AI score0.00159EPSS
CVE
CVE
added 2026/04/22 1:54 p.m.13 views

CVE-2026-31506

The CVE-2026-31506 issue concerns the Linux kernel bcmasp component where the Wake-on-LAN (WoL) IRQ handler could be double-freed. The problem stems from handling of the WoL irq; the patch indicates wol_irq does not need explicit freeing because it is allocated with devm_request_irq, and devres h...

7.8CVSS5.6AI score0.00129EPSS