Lucene search
K
LinuxLinux Kernel

392 matches found

CVE
CVE
added 2024/02/29 3:52 p.m.7489 views

CVE-2023-52497

CVE-2023-52497 affects the Linux kernel EROFS: the vulnerability stems from in-place LZ4 decompression where two mapped buffers could cause data corruption due to overlapping buffers and buffer ordering, especially on newer Intel CPUs with FS RM. The fix switches to using the decompressed buffer ...

6.1CVSS6.5AI score0.00278EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.6350 views

CVE-2023-52644

CVE-2023-52644 relates to a Linux kernel WiFi component (b43) where the QoS-disabled path could map the IEEE 802.11 queue incorrectly due to a single-queue scenario. The root cause is that when QoS is off, the code may attempt to stop/wake a non-existent queue or fail to stop/wake the actual queu...

6.3CVSS5.8AI score0.00232EPSS
CVE
CVE
added 2024/02/29 10:37 p.m.5235 views

CVE-2021-47060

CVE-2021-47060 affects the Linux kernel KVM MMIO coalesced zones. When kvm_io_bus_unregister_dev() fails to allocate memory for a new bus instance, unregister_dev() destroys all devices on the bus except the target, but does not notify the caller, which can lead to a deleted list entry being dere...

6CVSS6.6AI score0.00238EPSS
CVE
CVE
added 2024/05/01 12:53 p.m.3902 views

CVE-2024-27030

CVE-2024-27030 – Verified in connected advisories: the issue is fixed in the Linux kernel by introducing separate interrupt handlers for octeontx2-af, addressing a race condition where PF→AF and VF→AF interrupt vectors used the same handler, causing two CPUs to handle the same event and corrupt d...

6.3CVSS6.5AI score0.00203EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.3474 views

CVE-2024-26886

CVE-2024-26886 (Linux kernel): The vulnerability affects Bluetooth af_bluetooth in the Linux kernel, where attempting to lock a socket during .recvmsg could deadlock. The fix switches from using sock_sock to using the bt path with sk_receive_queue.lock in bt_sock_ioctl, preventing a use-after-fre...

6.5CVSS6.7AI score0.00489EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.2787 views

CVE-2024-26880

CVE-2024-26880 (Linux kernel) summary The issue concerns the DM stack’s suspend/resume flow: dm_internal_resume previously called origin_postsuspend/DM targets’ resume in a way that could corrupt the hash_list due to paired suspend/resume calls being mismatched. The fix changes __dm_internal_resu...

6.3CVSS6.2AI score0.00689EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.2743 views

CVE-2024-26894

CVE-2024-26894 affects the Linux kernel: ACPI: processor_idle memory leak after CPU idle device unregister. Root cause: memory allocated for acpi_processor_power_exit is not freed. Remediation: free the CPU idle device after unregistering it (kernel patch cited in multiple advisories).

6CVSS6.3AI score0.00254EPSS
CVE
CVE
added 2024/05/01 5:28 a.m.2489 views

CVE-2024-27005

CVE-2024-27005 : The vulnerability is a race in the Linux kernel interconnect subsystem where the req_list of icc_node could be modified while icc_set_bw() iterates it, due to locking not guaranteeing mutual exclusion between icc_bw_lock and icc_lock. The issue arises after splitting icc_lock and...

6.3CVSS6.3AI score0.00178EPSS
CVE
CVE
added 2025/01/15 1:5 p.m.2417 views

CVE-2024-57893

CVE-2024-57893 : Linux kernel ALSA: seq: oss — race in SysEx message processing can cause out-of-bounds access. Connected docs confirm the issue and state a mutex-based serialization fix was introduced to protect SysEx packets in the OSS sequencer, effectively addressing the race between 6-byte S...

6.3CVSS6.7AI score0.00158EPSS
CVE
CVE
added 2024/05/01 12:53 p.m.2327 views

CVE-2024-27032

CVE-2024-27032 affects the Linux kernel f2fs subsystem. During recovery, if FAULT_BLOCK is enabled, f2fs_reserve_new_block() may return -ENOSPC, potentially causing a kernel panic. Additionally, with fault-injection rate 1 and only FAULT_BLOCK enabled, a deadloop in block reservation may occur. T...

6.3CVSS6.9AI score0.00291EPSS
CVE
CVE
added 2024/05/01 12:53 p.m.1925 views

CVE-2024-27028

CVE-2024-27028 is confirmed with concrete details in connected docs: the Linux kernel spi-mt65xx driver had a NULL pointer dereference in the interrupt handler during spi_transfer when tx_buf could be NULL. The fix adds a check for trans->tx_buf before use, mitigating potential crashes. Affect...

6.5CVSS6.5AI score0.01176EPSS
CVE
CVE
added 2021/12/15 6:5 p.m.1456 views

CVE-2021-0920

CVE-2021-0920 is confirmed with concrete details in the connected sources: a race condition in unix_scm_to_skb within af_unix.c can trigger a use-after-free, potentially enabling local privilege escalation on the Android kernel. The vulnerability affects the Linux kernel used in Android (via the ...

6.9CVSS7.1AI score0.00811EPSS
In wild
CVE
CVE
added 2024/02/22 4:13 p.m.750 views

CVE-2024-26586

CVE-2024-26586 (Linux kernel) : The issue is a stack corruption risk in mlxsw spectrum ACL TCAM handling when there are more than 16 ACLs in an ACL group. In Spectrum-2+ ASICs, firmware reports a larger ACL count than the PAGT register can hold, risking stack corruption during forwarding. The fix...

6.7CVSS7.3AI score0.00247EPSS
CVE
CVE
added 2019/07/05 10:7 p.m.708 views

CVE-2019-10638

The CVE-2019-10638 entry concerns the Linux kernel IT: the IP ID values used for connectionless protocols (UDP/ICMP) in kernels prior to 5.1.7. The underlying issue is weak hashing of IP IDs, enabling an attacker to track a host across networks by correlating IDs and potentially obtain the hashin...

6.5CVSS7.3AI score0.02571EPSS
CVE
CVE
added 2019/07/26 12:25 p.m.658 views

CVE-2019-14284

CVE-2019-14284 affects the Linux kernel prior to 5.2.3, where floppy.c can suffer a division-by-zero in setup_format_params. Two consecutive ioctls can trigger a DOs: the first ioctl sets geometry (.sect/.rate) such that F_SECT_PER_TRACK becomes zero; the second triggers the floppy format operati...

6.2CVSS6.2AI score0.00703EPSS
CVE
CVE
added 2024/04/17 10:27 a.m.647 views

CVE-2024-26875

The CVE-2024-26875 entry affects Linux kernel media: pvrusb2, where risk came from a use-after-free in pvr2_context_set_notify due to a race with pvr2_context_disconnect involving a disconnect_flag. The provided fix moves the disconnect_flag assignment to after all code in pvr2_context_disconnect...

6.4CVSS6.5AI score0.00245EPSS
CVE
CVE
added 2019/07/26 12:24 p.m.609 views

CVE-2019-14283

CVE-2019-14283 affects the Linux kernel up to version 5.2.2, where floppy drive handling in set_geometry() in drivers/block/floppy.c fails to validate sect and head, enabling an integer overflow and out-of-bounds read. This can be triggered by an unprivileged local user when a floppy is present (...

6.8CVSS6.8AI score0.00734EPSS
CVE
CVE
added 2014/05/07 10:0 a.m.602 views

CVE-2014-0196

CVE-2014-0196 affects the Linux kernel (through 3.14.3) specifically the n_tty_write function in drivers/tty/n_tty.c. The flaw permits a local user to trigger a race condition between read and write operations with long strings in the LECHO & !OPOST case, enabling denial of service (memory corrup...

6.9CVSS6.3AI score0.22475EPSS
In wild
CVE
CVE
added 2024/02/27 6:40 p.m.576 views

CVE-2021-46953

The CVE-2021-46953 issue affects the Linux kernel ACPI GTDT driver. If a probe fails due to invalid firmware properties, the driver may unmap an interrupt it mapped earlier without verifying that the mapping succeeded, and if the firmware reports an interrupt number overlapping the GIC SGI range,...

6.7CVSS6.7AI score0.00241EPSS
CVE
CVE
added 2023/10/09 5:57 p.m.574 views

CVE-2023-39193

CVE-2023-39193 affects the Linux kernel Netfilter SCTP path, where sctp_mt_check fails to validate the flag_count field, enabling a local attacker with CAP_NET_ADMIN to trigger an out-of-bounds read that can crash the system or cause information disclosure. Connected advisories (Red Hat, AlmaLinu...

6.1CVSS6.9AI score0.00415EPSS
CVE
CVE
added 2020/05/09 8:16 p.m.561 views

CVE-2020-12770

CVE-2020-12770 arises from the Linux kernel sg_write path in the SCSI generic (sg) driver not releasing internal resources in a specific error path because sg_remove_request is not called. This root cause is cited in multiple sources (e.g., ALAS2KERNEL-5.4-2022-012) and is described as a local-ac...

6.7CVSS6.7AI score0.00586EPSS
CVE
CVE
added 2023/10/09 5:57 p.m.550 views

CVE-2023-39192

CVE-2023-39192 : A flaw in the Linux kernel Netfilter xt_u32 module allows a local privileged attacker to trigger an out-of-bounds read by crafting improper values in the xt_u32 structure. The root cause is missing validation of fields in xt_u32, leading to crash or information disclosure. Impact...

6.7CVSS6.9AI score0.00397EPSS
CVE
CVE
added 2023/11/01 7:1 p.m.546 views

CVE-2023-1192

CVE-2023-1192 denotes a use-after-free in CIFS smb2_is_status_io_timeout() within the Linux kernel, where memory freed during a system call and CIFS’ later access to that memory can trigger a denial of service. The connected advisories confirm this UAF issue exists in kernel CIFS code and link it...

6.5CVSS7AI score0.01094EPSS
CVE
CVE
added 2023/11/06 10:56 a.m.524 views

CVE-2023-5090

CVE-2023-5090: A flaw in Linux kernel KVM (svm_set_x2apic_msr_interception) enables direct access to host x2apic MSRs when a guest resets its APIC, potentially causing denial of service. Connected advisories (Astra Linux, IBM Guardium bulletin, Amazon ALAS) reference this CVE as part of Linux ker...

6CVSS6.7AI score0.00234EPSS
CVE
CVE
added 2023/05/25 1:22 p.m.488 views

CVE-2023-0459

CVE-2023-0459: Linux kernel on 64-bit systems is affected by a local elevation of information disclosure due to Copy_from_user bypassing __uaccess_begin_nospec, bypassing access_ok and allowing a user to pass a kernel pointer to copy_from_user. Root cause is the __uaccess_begin_nospec handling. I...

6.5CVSS6.4AI score0.00635EPSS
CVE
CVE
added 2020/09/13 5:28 p.m.473 views

CVE-2020-25285

CVE-2020-25285 is a race condition in the Linux kernel hugetlb sysctl handlers (mm/hugetlb.c) that could allow a local attacker to corrupt memory or trigger NULL pointer dereferences. Public docs (e.g., ChangeLog-5.8.8) indicate the fix was released in kernel 5.8.8; Ubuntu/Debian advisories refer...

6.4CVSS7AI score0.00272EPSS
CVE
CVE
added 2021/03/20 9:41 p.m.471 views

CVE-2020-27171

The vulnerability CVE-2020-27171 affects Linux kernels before 5.11.8. The issue is in kernel/bpf/verifier.c, where an off-by-one error enables integer underflow that can trigger out-of-bounds speculation in pointer arithmetic, allowing side-channel leakage of kernel memory and defeating Spectre m...

6CVSS6.6AI score0.00577EPSS
CVE
CVE
added 2020/01/31 7:50 p.m.459 views

CVE-2019-3016

CVE-2019-3016 is a Linux kernel/KVM issue where, when PV TLB is enabled, a process inside a guest can read memory belonging to another process in the same guest. The root cause is a missing or incomplete TLB flush in the KVM x86 paravirtualized path when the host is running Linux 4.10 and the gue...

6.2CVSS5.3AI score0.00613EPSS
CVE
CVE
added 2021/07/21 12:0 a.m.459 views

CVE-2021-37159

CVE-2021-37159 affects the Linux kernel driver hso_free_net_device() in drivers/net/usb/hso.c. The code calls unregister_netdev without verifying NETREG_REGISTERED, causing use-after-free and double-free scenarios. Affected kernel versions include up to 5.13.4; the issue is mitigated by upgrading...

6.4CVSS6.7AI score0.00391EPSS
CVE
CVE
added 2022/05/31 12:0 a.m.453 views

CVE-2022-1462

CVE-2022-1462 is an out-of-bounds read in the Linux kernel TeleTYpe subsystem triggered by a race using ioctls (TIOCSPTLCK, TIOCGPTPEER, TIOCSTI, TCXONC). Local users can crash the system or read unauthorized memory. Public advisories link this CVE to Linux kernel versions across multiple distrib...

6.3CVSS6.5AI score0.00332EPSS
CVE
CVE
added 2019/07/17 6:11 p.m.441 views

CVE-2019-13631

The CVE-2019-13631 entry describes a vulnerability in the Linux kernel (parse_hid_report_descriptor in drivers/input/tablet/gtco.c) where a malicious USB HID device can cause an out-of-bounds write during debugging message generation. This affects kernels up to version 5.2.1. The document does no...

6.8CVSS7.7AI score0.00817EPSS
CVE
CVE
added 2019/12/03 3:39 p.m.434 views

CVE-2019-19532

CVE-2019-19532 affects the Linux kernel up to 5.3.8, with multiple out-of-bounds write bugs triggered by a malicious USB device in HID drivers (e.g., HID-AXFF, HID-EMSFF, HID-LOGITECH-HIDPP, HID-MICROSOFT, HID-SONY, HID-TMFF, HID-ZPFF, and others). The root cause is out-of-bounds writes in HID dr...

6.8CVSS7.6AI score0.00504EPSS
CVE
CVE
added 2020/05/08 1:48 p.m.432 views

CVE-2020-10690

The CVE-2020-10690 entry affects Linux kernel versions before 5.5. It is caused by a race between the release of ptp_clock and the cdev during resource deallocation, which can free the cdev structure while a high-privileged process holding /dev/ptpX is sleeping. When the underlying device is remo...

6.5CVSS6.5AI score0.00359EPSS
CVE
CVE
added 2020/05/18 5:50 p.m.427 views

CVE-2020-13143

CVE-2020-13143 affects the Linux kernel USB gadget/configfs (drivers/usb/gadget/configfs.c) from 3.16 to 5.6.13. The flaw arises when gadget_dev_desc_UDC_store uses kstrdup and may encounter an internal NUL value, leading to potential out-of-bounds memory access (reported as heap out-of-bounds wr...

6.5CVSS6.5AI score0.04505EPSS
CVE
CVE
added 2020/11/23 4:15 p.m.420 views

CVE-2020-12352

CVE-2020-12352 corresponds to an issue in the Linux Bluetooth stack (BlueZ) where improper access control may allow an unauthenticated user with adjacent access to trigger information disclosure. The description and connected sources indicate this is a local/adjacent-network risk without user int...

6.5CVSS7.4AI score0.05714EPSS
CVE
CVE
added 2019/11/27 10:48 p.m.418 views

CVE-2019-19319

CVE-2019-19319 : In the Linux kernel prior to 5.2, a setxattr operation following a mount of a crafted ext4 image can trigger a slab-out-of-bounds write via ext4_xattr_set_entry use-after-free when a large old_size is used in memset in fs/ext4/xattr.c. This is an information disclosure/DoS risk p...

6.5CVSS6.4AI score0.00692EPSS
CVE
CVE
added 2019/08/15 11:47 p.m.403 views

CVE-2019-15090

CVE-2019-15090 affects the Linux kernel driver component drivers/scsi/qedi/qedi_dbg.c, with an out-of-bounds read in the qedi_dbg_* family of functions for versions before 5.1.12. The issue can enable a local attacker to read memory due to improper bounds handling, as described in the CVE entry. ...

6.7CVSS7.1AI score0.00464EPSS
CVE
CVE
added 2021/10/20 12:0 a.m.402 views

CVE-2021-42739

CVE-2021-42739 is a heap/buffer overflow in the Linux kernel’s FireWire FireDTV driver (firedtv-avc.c, firedtv-ci.c) caused by avc_ca_pmt failing to perform proper bounds checking. It affects the kernel’s FireWire path and can lead to memory corruption, crashes, or potentially privilege escalatio...

6.7CVSS7.1AI score0.0044EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.400 views

CVE-2022-38457

CVE-2022-38457 affects the vmwgfx driver (Linux kernel) in the function vmw_cmd_res_check within drivers/gpu/vmxgfx/vmxgfx_execbuf.c, exposed via /dev/dri/renderD128. The issue is a use-after-free, leading to local privilege escalation and DoS. Connected advisories ( MiracleLinux AXSA) reference ...

6.3CVSS6.2AI score0.0044EPSS
CVE
CVE
added 2020/02/06 12:6 a.m.399 views

CVE-2020-8647

Summary of CVE-2020-8647: A use-after-free? No — it is an MMIO out-of-bounds access in the vgacon driver (vt.c, vc_do_resize) of the Linux kernel, reported in the Debian/AlmaLinux advisories as CVE-2020-8647. Impact stated in Debian entries includes potential denial of service, memory corruption,...

6.1CVSS6.5AI score0.00413EPSS
CVE
CVE
added 2022/09/09 2:39 p.m.398 views

CVE-2022-40133

CVE-2022-40133 : A use-after-free in the Linux kernel vmwgfx driver (function vmw_execbuf_tie_context in drivers/gpu/vmxgfx/vmxgfx_execbuf.c) can be triggered by local unprivileged/user-space activity via the render node (/dev/dri/renderD128). Exploitation may allow a local attacker to gain eleva...

6.3CVSS6.2AI score0.00485EPSS
CVE
CVE
added 2020/04/09 10:10 p.m.395 views

CVE-2020-8834

Affected software: Linux kernel KVM for PowerPC (KVM with Book3S HV on Power8). Vulnerability arises from conflicting use of HSTATE_HOST_R1 to store r1 state in kvmppc_hv_entry and in kvmppc_save_tm()/kvmppc_restore_tm, leading to stack corruption. Consequence: a guest VM kernel-space code execut...

6.5CVSS6.8AI score0.00344EPSS
CVE
CVE
added 2020/10/02 6:14 p.m.394 views

CVE-2020-26541

CVE-2020-26541 : Local attacker can bypass the Secure Boot Forbidden Signature Database (dbx) protection in Linux kernels up to 5.8.13, affecting certs/blacklist.c and certs/system_keyring.c. Impact involves potential system integrity/confidentiality compromise. Connected sources confirm the issu...

6.9CVSS6.7AI score0.00528EPSS
CVE
CVE
added 2022/03/25 12:0 a.m.384 views

CVE-2021-4203

CVE-2021-4203 is a Linux kernel use-after-free read flaw in sock_getsockopt() triggered by a race between SO_PEERCRED/SO_PEERGROUPS and listen()/connect(). An authenticated local attacker could crash the system or leak kernel information. The connected IBM advisories document affected products (I...

6.8CVSS6.8AI score0.01747EPSS
CVE
CVE
added 2021/08/13 12:0 a.m.382 views

CVE-2021-3573

CVE-2021-3573 is a local-use-after-free vulnerability in the Linux kernel Bluetooth HCI subsystem (function hci_sock_bound_ioctl) where a race between ioct HCIUNBLOCKADDR and hci_unregister_dev() and calls such as hci_sock_blacklist_add()/del(), hci_get_conn_info(), and hci_get_auth_info() can le...

6.9CVSS6.7AI score0.0037EPSS
CVE
CVE
added 2019/11/18 5:23 a.m.381 views

CVE-2019-19046

CVE-2019-19046 is a memory-leak in Linux kernel drivers/char/ipmi/ipmi_msghandler.c (__ipmi_bmc_register) up to kernel 5.3.11. An ida_simple_get() failure can cause memory consumption leading to DoS; exploitation details are described in the CVE entry, including note that third parties dispute th...

6.8CVSS7.1AI score0.02745EPSS
CVE
CVE
added 2020/01/09 2:41 p.m.380 views

CVE-2019-19332

CVE-2019-19332 affects the Linux kernel KVM implementation (x86) with an out-of-bounds memory write in handling the KVM_GET_EMULATED_CPUID ioctl, enabling a local user with access to /dev/kvm to crash the system (DoS). Affected range is kernels 3.13–5.4. Root cause described as a missing/bounds-c...

6.1CVSS7AI score0.00679EPSS
Web
CVE
CVE
added 2021/04/02 4:18 a.m.379 views

CVE-2021-30002

The CVE-2021-30002 issue affects the Linux kernel prior to 5.11.3. It is caused by a memory leak in video_usercopy inside drivers/media/v4l2-core/v4l2-ioctl.c when handling large webcam arguments. This memory leak can lead to memory exhaustion on affected systems. Connected advisories (e.g., Debi...

6.2CVSS6.8AI score0.00369EPSS
CVE
CVE
added 2022/07/18 2:45 p.m.377 views

CVE-2021-33655

CVE-2021-33655 is confirmed in the provided documents as an out-of-bounds memory write triggered by malicious data sent via the framebuffer ioctl FBIOPUT_VSCREENINFO in the Linux kernel framebuffer/console path. The issue allows a local user to crash the system and potentially escalate privileges...

6.7CVSS7AI score0.00305EPSS
CVE
CVE
added 2022/03/02 12:0 a.m.376 views

CVE-2021-3772

CVE-2021-3772 affects the Linux kernel SCTP stack: a blind attacker who knows IPs/ports and can spoof packets can kill an existing SCTP association by sending invalid chunks. The connected advisories confirm the issue and point to a patch in the Linux kernel (commit 32f8807a48ae55be0e76880cfe8607...

6.5CVSS6.8AI score0.0124EPSS
Total number of security vulnerabilities392