Lucene search
K
LinuxLinux Kernel6.6.14

13 matches found

CVE
CVE
added 2024/03/06 6:45 a.m.4775 views

CVE-2024-26626

CVE-2024-26626 affects the Linux kernel and concerns a multicast route handling bug in ip_mr_forward that could cause a kernel panic via a NULL pointer dereference when forwarding multicast packets. The provided stacktrace and code reference ipmr.c:1985 document the root cause in ip_mr_forward, w...

5.5CVSS6.1AI score0.00227EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.316 views

CVE-2026-22998

CVE-2026-22998 affects the Linux kernel’s NVMe over Fabrics NVMe-TCP path. The issue is a NULL pointer dereference in nvmet_tcp_build_pdu_iovec triggered by H2C_DATA PDUs when command data structures are uninitialized or partially initialized. Specifically, nvmet_tcp_handle_h2c_data_pdu() could p...

7.5CVSS5.3AI score0.0071EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.183 views

CVE-2024-35905

CVE-2024-35905 is a Linux kernel issue where a patch re-introduced protection against negative stack-access sizes in BPF code. The fix guards against out-of-bounds accesses in check_stack_range_initialized() when an access size can overflow its signed int representation. The vulnerability was mit...

7.8CVSS7.1AI score0.00223EPSS
CVE
CVE
added 2024/05/01 12:49 p.m.152 views

CVE-2024-27023

In CVE-2024-27023, the Linux kernel md subsystem (md) had a flaw where active_io was not released when flush_pending fell to zero, causing mddev_suspend() to wait forever. The fix releases active_io in submit_flushes() as soon as flush_pending transitions to zero, preventing the hang. The descrip...

5.5CVSS6.5AI score0.00272EPSS
CVE
CVE
added 2024/07/12 12:37 p.m.144 views

CVE-2024-41000

CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...

7.8CVSS8.4AI score0.00299EPSS
CVE
CVE
added 2026/03/18 5:54 p.m.136 views

CVE-2026-23270

CVE-2026-23270 pertains to the Linux kernel net/sched subsystem. The fix restricts the use of TC action act_ct to only bind to clsact/ingress qdiscs and shared blocks, preventing its use on the egress path. The change addresses a scenario where classify could return TC_ACT_CONSUMED while the skb ...

7.8CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2025/03/06 4:4 p.m.133 views

CVE-2025-21826

CVE-2025-21826 affects the Linux kernel nf_tables: a mismatch between field_len-derived key field lengths and the total set key length can be rejected, allowing mismatched values to slip through due to register-based arithmetic. The issue has been resolved in the Linux kernel; the provided source...

5.5CVSS7.1AI score0.00176EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.132 views

CVE-2024-26710

CVE-2024-26710 affects the Linux kernel on PowerPC with KASAN. The issue was that KASAN’s thread stack size increase was doubled, which could push a 32KB stack to 64KB and trigger build errors (arch/powerpc/kernel/switch.S). The resolved approach limits the stack size increase to cases where the ...

5.5CVSS6.9AI score0.00245EPSS
CVE
CVE
added 2024/05/17 1:27 p.m.122 views

CVE-2024-35826

CVE-2024-35826 — Linux kernel: fix page refcounts for unaligned buffers in __bio_release_pages(). This patch corrects the number of pages released for buffers that do not start at the beginning of a page, addressing a vulnerability in block I/O handling. Impact, as described in the FP: local acce...

5.5CVSS6.7AI score0.00209EPSS
CVE
CVE
added 2024/10/21 6:2 p.m.117 views

CVE-2024-49947

CVE-2024-49947 affects the Linux kernel net stack, specifically a vulnerability in virtio_net_hdr_to_skb() where an incorrectly set skb->csum_start could place the transport header before or after the network header when processing injected packets via af_packet. Syzbot-triggered warnings show...

5.5CVSS6.7AI score0.00234EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.34 views

CVE-2026-23229

CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...

5.5CVSS5.2AI score0.00121EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.22 views

CVE-2026-46136

CVE-2026-46136 affects the Linux kernel wifi driver mt7921 (mt76) where a buf_len underflow in the country power setting retrieval can occur after changes to the CLC power table. This underflow may cause an almost infinite loop or an invalid power setting, leading to driver initialization failure...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.20 views

CVE-2026-43332

In the Linux kernel thermal subsystem, CVE-2026-43332 affects the thermal_zone_device_register_with_trips() error path. The root cause is a missing wait_for_completion() after registering a thermal zone device, which can allow the thermal zone object to be freed prematurely if user space holds a ...

7.8CVSS5.7AI score0.00129EPSS