Lucene search
K
LinuxLinux Kernel6.6.64

10 matches found

CVE
CVE
added 2025/04/18 7:1 a.m.166 views

CVE-2025-39735

CVE-2025-39735 affects the Linux kernel's JFS: a slab-out-of-bounds read in ea_get() can occur when processing extended attributes. The root cause is an overflow during clamping of ea_size against EALIST_SIZE(ea_buf->xattr) due to int upper-bound handling, causing a negative size to be used in...

7.1CVSS6.6AI score0.00215EPSS
CVE
CVE
added 2024/12/27 1:49 p.m.124 views

CVE-2024-53201

Technical details about CVE-2024-53201 are not provided in the supplied documents. No affected products, root cause, impact, or remediation details are included here; monitor for official disclosures.

5.5CVSS6.5AI score0.00212EPSS
CVE
CVE
added 2025/01/06 4:20 p.m.124 views

CVE-2024-56766

The CVE-2024-56766 issue affects the Linux kernel’s MTD/NAND path (mtd: rawnand) with a double-free in atmel_pmecc_create_user(). The root cause is allocating the user object with kzalloc() and then freeing it with kfree() after converting the allocation to devm_kzalloc(), leading to a use-after-...

7.8CVSS6.6AI score0.00217EPSS
CVE
CVE
added 2025/05/01 12:55 p.m.121 views

CVE-2025-23149

CVE-2025-23149 refers to a Linux kernel vulnerability in TPM handling. The issue is triggered when TPM_CHIP_FLAG_SUSPENDED is checked after tpm_find_get_ops(), which can spuriously invoke tpm_chip_start() while the TPM chip is suspended. The provided logs show a sequence leading to a potential tr...

5.5CVSS6.9AI score0.00167EPSS
CVE
CVE
added 2025/02/27 2:7 a.m.102 views

CVE-2024-57978

CVE-2024-57978 refers to a Linux kernel vulnerability in the media: imx-jpeg driver. The issue arises in detach_pm() where, if jpeg->pd_dev[i] is an error pointer, passing it to pm_runtime_suspended() can trigger an Oops. The description notes that existing checks cover error pointers and NULL...

5.5CVSS5.4AI score0.00208EPSS
CVE
CVE
added 2025/04/16 2:12 p.m.82 views

CVE-2025-22048

Summary of CVE-2025-22048 (Linux kernel LoongArch BPF issue) : The problem was triggered by sign-extending the BPF return value. After commit 73c359d1d356, a5 (BPF return value) was sign-extended to a0, and for native calls the a0 value was propagated back to a5. For bpf2bpf calls this propagatio...

5.5CVSS6.4AI score0.00175EPSS
CVE
CVE
added 2026/01/23 2:15 p.m.32 views

CVE-2025-71151

CVE-2025-71151 concerns the Linux kernel CIFS SMB3 reconfiguration path. In smb3_reconfigure(), when smb3_sync_session_ctx_passwords() fails, the function returns without freeing and erasing the newly allocated new_password and new_password2, causing a memory leak and potential information leak. ...

5.5CVSS5.2AI score0.00114EPSS
CVE
CVE
added 2026/05/27 12:18 p.m.30 views

CVE-2026-45973

CVE-2026-45973 affects the Linux kernel’s RDMA/mlx5 driver. A race during firmware reset in LAG mode could cause the driver to hang indefinitely while waiting for UMR completion on device unload, because the master/bond device would miss slave sys_error events. The fix adds a sys_error notifier r...

5.5CVSS5.8AI score0.00155EPSS
CVE
CVE
added 2026/05/28 9:36 a.m.26 views

CVE-2026-46176

The CVE-2026-46176 issue affects the Linux kernel RDMA mlx5 path (mlx5_ib_dev_res_srq_init): when ib_create_srq() fails for s1, the error path can end up with freed s0 and ERR_PTR s1 assigned to devr->s0/devr->s1, leading to use-after-free/double-free risk in subsequent access. The fix adds...

7.8CVSS5.8AI score0.00142EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.25 views

CVE-2026-23010

CVE-2026-23010 is a Linux kernel use-after-free affecting inet6_addr_del() in IPv6 address deletion. The issue arises from the commit that moved ipv6_del_addr() for temporary addresses before reading the ifp->flags, causing a UAF in inet6_addr_del() when handling inet6_ifaddr during address de...

7.8CVSS5.2AI score0.00182EPSS