Lucene search
K
LinuxLinux Kernel6.7.2

18 matches found

CVE
CVE
added 2024/03/06 6:45 a.m.4775 views

CVE-2024-26626

CVE-2024-26626 affects the Linux kernel and concerns a multicast route handling bug in ip_mr_forward that could cause a kernel panic via a NULL pointer dereference when forwarding multicast packets. The provided stacktrace and code reference ipmr.c:1985 document the root cause in ip_mr_forward, w...

5.5CVSS6.1AI score0.00227EPSS
CVE
CVE
added 2024/02/25 8:16 a.m.1208 views

CVE-2023-52471

CVE-2023-52471 affects the Linux kernel component ice, involving NULL pointer dereferences in ice_ptp.c and a NULL pointer return risk in devm_kasprintf(). The issue is addressed by a kernel fix (see stable kernel references); exploitation details are not provided in the documents. Remediation is...

5.5CVSS7AI score0.00232EPSS
CVE
CVE
added 2026/01/25 2:36 p.m.316 views

CVE-2026-22998

CVE-2026-22998 affects the Linux kernel’s NVMe over Fabrics NVMe-TCP path. The issue is a NULL pointer dereference in nvmet_tcp_build_pdu_iovec triggered by H2C_DATA PDUs when command data structures are uninitialized or partially initialized. Specifically, nvmet_tcp_handle_h2c_data_pdu() could p...

7.5CVSS5.3AI score0.0071EPSS
CVE
CVE
added 2024/05/19 8:34 a.m.183 views

CVE-2024-35905

CVE-2024-35905 is a Linux kernel issue where a patch re-introduced protection against negative stack-access sizes in BPF code. The fix guards against out-of-bounds accesses in check_stack_range_initialized() when an access size can overflow its signed int representation. The vulnerability was mit...

7.8CVSS7.1AI score0.00223EPSS
CVE
CVE
added 2024/05/01 12:49 p.m.152 views

CVE-2024-27023

In CVE-2024-27023, the Linux kernel md subsystem (md) had a flaw where active_io was not released when flush_pending fell to zero, causing mddev_suspend() to wait forever. The fix releases active_io in submit_flushes() as soon as flush_pending transitions to zero, preventing the hang. The descrip...

5.5CVSS6.5AI score0.00272EPSS
CVE
CVE
added 2024/02/05 7:28 a.m.150 views

CVE-2024-24859

CVE-2024-24859: A race condition in Linux kernel Bluetooth code (net/bluetooth sniff_min_interval_set and sniff_max_interval_set) can trigger a bluetooth sniffing exception and potential DoS. The connected Nessus/Azure Unity Unity Linux entries confirm this CVE across multiple distributions, but ...

4.8CVSS5.8AI score0.00712EPSS
CVE
CVE
added 2024/07/12 12:37 p.m.144 views

CVE-2024-41000

CVE-2024-41000 : Linux kernel: block/ioctl: prefer different overflow check. UBSAN signed-overflow triggered by overflow in signed arithmetic during ioctl handling; fixed by reworking the overflow check to avoid performing an actual overflow in the check itself. The issue is linked to reintroduci...

7.8CVSS8.4AI score0.00299EPSS
CVE
CVE
added 2024/02/05 7:26 a.m.143 views

CVE-2024-24861

CVE-2024-24861 affects the Linux kernel xc4000 media driver (xc4000_get_frequency) with a race condition that can cause a return-value overflow, potentially leading to malfunction or denial of service. Data from multiple sources confirms the issue originates in the xc4000 driver and is tied to Li...

6.3CVSS7.1AI score0.00205EPSS
CVE
CVE
added 2026/03/18 5:54 p.m.136 views

CVE-2026-23270

CVE-2026-23270 pertains to the Linux kernel net/sched subsystem. The fix restricts the use of TC action act_ct to only bind to clsact/ingress qdiscs and shared blocks, preventing its use on the egress path. The change addresses a scenario where classify could return TC_ACT_CONSUMED while the skb ...

7.8CVSS5.7AI score0.00123EPSS
CVE
CVE
added 2025/03/06 4:4 p.m.133 views

CVE-2025-21826

CVE-2025-21826 affects the Linux kernel nf_tables: a mismatch between field_len-derived key field lengths and the total set key length can be rejected, allowing mismatched values to slip through due to register-based arithmetic. The issue has been resolved in the Linux kernel; the provided source...

5.5CVSS7.1AI score0.00176EPSS
CVE
CVE
added 2024/04/03 2:55 p.m.132 views

CVE-2024-26710

CVE-2024-26710 affects the Linux kernel on PowerPC with KASAN. The issue was that KASAN’s thread stack size increase was doubled, which could push a 32KB stack to 64KB and trigger build errors (arch/powerpc/kernel/switch.S). The resolved approach limits the stack size increase to cases where the ...

5.5CVSS6.9AI score0.00245EPSS
CVE
CVE
added 2024/02/05 7:27 a.m.125 views

CVE-2024-24860

CVE-2024-24860 : A race condition in the Linux kernel Bluetooth device driver, in the functions {min,max}_key_size_set(), can cause a NULL pointer dereference and potentially kernel panic or denial of service. Affected component: Linux kernel Bluetooth subsystem. Exploitation status and remediati...

5.3CVSS6AI score0.00805EPSS
CVE
CVE
added 2024/05/17 1:27 p.m.122 views

CVE-2024-35826

CVE-2024-35826 — Linux kernel: fix page refcounts for unaligned buffers in __bio_release_pages(). This patch corrects the number of pages released for buffers that do not start at the beginning of a page, addressing a vulnerability in block I/O handling. Impact, as described in the FP: local acce...

5.5CVSS6.7AI score0.00209EPSS
CVE
CVE
added 2024/02/05 7:36 a.m.85 views

CVE-2024-24864

Technical details about CVE-2024-24864 are not provided in the supplied connected documents. Monitor for updates and forthcoming disclosures.

5.3CVSS4.6AI score0.00175EPSS
CVE
CVE
added 2025/07/03 8:13 a.m.76 views

CVE-2025-38098

CVE-2025-38098 affects the Linux kernel’s DRM/AMD display path. The vulnerability stems from improper handling of a wb (writeback) connector and an amdgpu_dmConnector, where dereferencing aconnector->base could lead to unintended behavior. The issue is localized (requires local access) and the...

5.5CVSS6.9AI score0.00155EPSS
CVE
CVE
added 2026/02/18 2:53 p.m.34 views

CVE-2026-23229

CVE-2026-23229 is a Linux kernel vulnerability in virtio-crypto where missing spinlock protection around virtqueue done notifications can cause hangs (e.g., openssl speed benchmark with multi-process workloads). Root cause: data virtqueue handling without spinlock protection in virtcrypto_done_ta...

5.5CVSS5.2AI score0.00121EPSS
CVE
CVE
added 2026/05/28 9:35 a.m.22 views

CVE-2026-46136

CVE-2026-46136 affects the Linux kernel wifi driver mt7921 (mt76) where a buf_len underflow in the country power setting retrieval can occur after changes to the CLC power table. This underflow may cause an almost infinite loop or an invalid power setting, leading to driver initialization failure...

7.8CVSS5.8AI score0.00129EPSS
CVE
CVE
added 2026/05/08 1:31 p.m.20 views

CVE-2026-43332

In the Linux kernel thermal subsystem, CVE-2026-43332 affects the thermal_zone_device_register_with_trips() error path. The root cause is a missing wait_for_completion() after registering a thermal zone device, which can allow the thermal zone object to be freed prematurely if user space holds a ...

7.8CVSS5.7AI score0.00129EPSS