Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38362

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Add null pointer check for get_first_active_display() The function mod_hdcp_hdcp1_enable_encryption() calls the functionget_first_active_display(), but does not check its return value.The return value is a null poi...

6.4AI score0.00018EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38365

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix a race between renames and directory logging We have a race between a rename and directory inode logging that if ithappens and we crash/power fail before the rename completes, the next timethe filesystem is mounted, the ...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38369

In the Linux kernel, the following vulnerability has been resolved: dmaengine: idxd: Check availability of workqueue allocated by idxd wq driver before using Running IDXD workloads in a container with the /dev directory mounted cantrigger a call trace or even a kernel panic when the parent process ...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38376

In the Linux kernel, the following vulnerability has been resolved: usb: chipidea: udc: disconnect/reconnect from host when do suspend/resume Shawn and John reported a hang issue during system suspend as below: USB gadget is enabled as Ethernet There is data transfer over USB Ethernet (scp a big fi...

6.2AI score0.00023EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38391

In the Linux kernel, the following vulnerability has been resolved: usb: typec: altmodes/displayport: do not index invalid pin_assignments A poorly implemented DisplayPort Alt Mode port partner can indicatethat its pin assignment capabilities are greater than the maximumvalue, DP_PIN_ASSIGN_F. In t...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38393

In the Linux kernel, the following vulnerability has been resolved: NFSv4/pNFS: Fix a race to wake on NFS_LAYOUT_DRAIN We found a few different systems hung up in writeback waiting on the samepage lock, and one task waiting on the NFS_LAYOUT_DRAIN bit inpnfs_update_layout(), however the pnfs_layout...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.6 views

CVE-2025-38398

In the Linux kernel, the following vulnerability has been resolved: spi: spi-qpic-snand: reallocate BAM transactions Using the mtd_nandbiterrs module for testing the driver occasionallyresults in weird things like below. swiotlb mapping fails with the following message: [ 85.926216] qcom_snand 79b0...

6.8AI score0.00024EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.6 views

CVE-2025-38403

In the Linux kernel, the following vulnerability has been resolved: vsock/vmci: Clear the vmci transport packet properly when initializing it In vmci_transport_packet_init memset the vmci_transport_packet beforepopulating the fields to avoid any uninitialised data being left in thestructure.

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.6 views

CVE-2025-38408

In the Linux kernel, the following vulnerability has been resolved: genirq/irq_sim: Initialize work context pointers properly Initialize ops member's pointers properly by using kzalloc() instead ofkmalloc() when allocating the simulation work context. Otherwise thepointers contain random content le...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.6 views

CVE-2025-38409

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix another leak in the submit error path put_unused_fd() doesn't free the installed file, if we've already donefd_install(). So we need to also free the sync_file. Patchwork: https://patchwork.freedesktop.org/patch/653583...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.6 views

CVE-2025-38410

In the Linux kernel, the following vulnerability has been resolved: drm/msm: Fix a fence leak in submit error path In error paths, we could unref the submit without callingdrm_sched_entity_push_job(), so msm_job_free() will never getcalled. Since drm_sched_job_cleanup() will NULL out thes_fence, we...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.6 views

CVE-2025-38420

In the Linux kernel, the following vulnerability has been resolved: wifi: carl9170: do not ping device which has failed to load firmware Syzkaller reports [1, 2] crashes caused by an attempts to pingthe device which has failed to load firmware. Since such a devicedoesn't pass 'ieee80211_register_hw...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.6 views

CVE-2025-38421

In the Linux kernel, the following vulnerability has been resolved: platform/x86/amd: pmf: Use device managed allocations If setting up smart PC fails for any reason then this can lead toa double free when unloading amd-pmf. This is because dev->buf wasfreed but never set to NULL and is again fr...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.6 views

CVE-2025-38426

In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu: Add basic validation for RAS header If RAS header read from EEPROM is corrupted, it could result in tryingto allocate huge memory for reading the records. Add some validation toheader fields.

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.6 views

CVE-2025-38427

In the Linux kernel, the following vulnerability has been resolved: video: screen_info: Relocate framebuffers behind PCI bridges Apply PCI host-bridge window offsets to screen_info framebuffers. Fixesinvalid access to I/O memory. Resources behind a PCI host bridge can be relocated by a certain offs...

6.2AI score0.00023EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38443

In the Linux kernel, the following vulnerability has been resolved: nbd: fix uaf in nbd_genl_connect() error path There is a use-after-free issue in nbd: block nbd6: Receive control failed (result -104)block nbd6: shutting down sockets BUG: KASAN: slab-use-after-free in recv_work+0x694/0xa80 driver...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38445

In the Linux kernel, the following vulnerability has been resolved: md/raid1: Fix stack memory use after return in raid1_reshape In the raid1_reshape function, newpool isallocated on the stack and assigned to conf->r1bio_pool.This results in conf->r1bio_pool.wait.head pointingto a stack addre...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38447

In the Linux kernel, the following vulnerability has been resolved: mm/rmap: fix potential out-of-bounds page table access during batched unmap As pointed out by David[1], the batched unmap logic intry_to_unmap_one() may read past the end of a PTE table when a largefolio's PTE mappings are not full...

6AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38449

In the Linux kernel, the following vulnerability has been resolved: drm/gem: Acquire references on GEM handles for framebuffers A GEM handle can be released while the GEM buffer object is attachedto a DRM framebuffer. This leads to the release of the dma-buf backingthe buffer object, if any. [1] Tr...

6.7AI score0.00023EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38450

In the Linux kernel, the following vulnerability has been resolved: wifi: mt76: mt7925: prevent NULL pointer dereference in mt7925_sta_set_decap_offload() Add a NULL check for msta->vif before accessing its members to preventa kernel panic in AP mode deployment. This also fix the issue reportedi...

6.2AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38455

In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Reject SEV{-ES} intra host migration if vCPU creation is in-flight Reject migration of SEV{-ES} state if either the source or destination VMis actively creating a vCPU, i.e. if kvm_vm_ioctl_create_vcpu() is in thesection ...

6.2AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38457

In the Linux kernel, the following vulnerability has been resolved: net/sched: Abort __tc_modify_qdisc if parent class does not exist Lion's patch [1] revealed an ancient bug in the qdisc API.Whenever a user creates/modifies a qdisc specifying as a parent anotherqdisc, the qdisc API will, during gr...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38458

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix NULL pointer dereference in vcc_sendmsg() atmarpd_dev_ops does not implement the send method, which may cause crashas bellow. BUG: kernel NULL pointer dereference, address: 0000000000000000PGD 0 P4D 0Oops: Oops: 0010...

5.9AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38463

In the Linux kernel, the following vulnerability has been resolved: tcp: Correct signedness in skb remaining space calculation Syzkaller reported a bug 1 where sk->sk_forward_alloc can overflow. When we send data, if an skb exists at the tail of the write queue, thekernel will attempt to append ...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.6 views

CVE-2025-38465

In the Linux kernel, the following vulnerability has been resolved: netlink: Fix wraparounds of sk->sk_rmem_alloc. Netlink has this pattern in some places if (atomic_read(&sk->sk_rmem_alloc) > sk->sk_rcvbuf)atomic_add(skb->truesize, &sk->sk_rmem_alloc); , which has the same proble...

6.3AI score0.00032EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38468

In the Linux kernel, the following vulnerability has been resolved: net/sched: Return NULL when htb_lookup_leaf encounters an empty rbtree htb_lookup_leaf has a BUG_ON that can trigger with the following: tc qdisc del dev lo roottc qdisc add dev lo root handle 1: htb default 1tc class add dev lo pa...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38469

In the Linux kernel, the following vulnerability has been resolved: KVM: x86/xen: Fix cleanup logic in emulation of Xen schedop poll hypercalls kvm_xen_schedop_poll does a kmalloc_array() when a VM polls the hostfor more than one event channel potr (nr_ports > 1). After the kmalloc_array(), the ...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38472

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack: fix crash due to removal of uninitialised entry A crash in conntrack was reported while trying to unlink the conntrackentry from the hash bucket list:[exception RIP: __nf_ct_delete_from_lists+172][..]#7 [ff...

6.3AI score0.00018EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38477

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_qfq: Fix race condition on qfq_aggregate A race condition can occur when 'agg' is modified in qfq_change_agg(called during qfq_enqueue) while other threads access itconcurrently. For example, qfq_dump_class may trigg...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38480

In the Linux kernel, the following vulnerability has been resolved: comedi: Fix use of uninitialized data in insn_rw_emulate_bits() For Comedi INSN_READ and INSN_WRITE instructions on "digital"subdevices (subdevice types COMEDI_SUBD_DI, COMEDI_SUBD_DO, andCOMEDI_SUBD_DIO), it is common for the subd...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38488

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free in crypt_message when using async crypto The CVE-2024-50047 fix removed asynchronous crypto handling fromcrypt_message(), assuming all crypto operations are synchronous.However, when hardware crypto ...

7.7AI score0.00045EPSS
CVE
CVE
added 5 days ago6 views

CVE-2025-38489

In the Linux kernel, the following vulnerability has been resolved: s390/bpf: Fix bpf_arch_text_poke() with new_addr == NULL again Commit 7ded842b356d ("s390/bpf: Fix bpf_plt pointer arithmetic") hasaccidentally removed the critical piece of commit c730fce7c70c("s390/bpf: Fix bpf_arch_text_poke() w...

6.3AI score0.00018EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38017

In the Linux kernel, the following vulnerability has been resolved: fs/eventpoll: fix endless busy loop after timeout has expired After commit 0a65bc27bd64 ("eventpoll: Set epoll timeout if it's inthe future"), the following program would immediately enter a busyloop in the kernel: int main() { int...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38021

In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix null check of pipe_ctx->plane_state for update_dchubp_dpp Similar to commit 6a057072ddd1 ("drm/amd/display: Fix null check forpipe_ctx->plane_state in dcn20_program_pipe") that addresses a nullpointer der...

6.5AI score0.00026EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38054

In the Linux kernel, the following vulnerability has been resolved: ptp: ocp: Limit signal/freq counts in summary output functions The debugfs summary output could access uninitialized elements inthe freq_in[] and signal_out[] arrays, causing NULL pointerdereferences and triggering a kernel Oops (p...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38056

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Fix UAF when reloading module hda_generic_machine_select() appends -idisp to the tplg filename byallocating a new string with devm_kasprintf(), then stores the stringright back into the global variable snd_so...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/06/18 10:15 a.m.5 views

CVE-2025-38076

In the Linux kernel, the following vulnerability has been resolved: alloc_tag: allocate percpu counters for module tags dynamically When a module gets unloaded it checks whether any of its tags are still inuse and if so, we keep the memory containing module's allocation tagsalive until all tags are...

6.4AI score0.00026EPSS
CVE
CVE
added 2025/07/22 8:15 a.m.5 views

CVE-2025-38352

In the Linux kernel, the following vulnerability has been resolved: posix-cpu-timers: fix race between handle_posix_cpu_timers() and posix_cpu_timer_del() If an exiting non-autoreaping task has already passed exit_notify() andcalls handle_posix_cpu_timers() from IRQ, it can be reaped by its parento...

7AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38353

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Fix taking invalid lock on wedge If device wedges on e.g. GuC upload, the submission is not yet enabledand the state is not even initialized. Protect the wedge call so it doesnothing in this case. It fixes the following spl...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38355

In the Linux kernel, the following vulnerability has been resolved: drm/xe: Process deferred GGTT node removals on device unwind While we are indirectly draining our dedicated workqueue ggtt->wqthat we use to complete asynchronous removal of some GGTT nodes,this happends as part of the managed-d...

6.2AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38356

In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc: Explicitly exit CT safe mode on unwind During driver probe we might be briefly using CT safe mode, whichis based on a delayed work, but usually we are able to stop thisonce we have IRQ fully operational. However, if we ...

6.2AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38357

In the Linux kernel, the following vulnerability has been resolved: fuse: fix runtime warning on truncate_folio_batch_exceptionals() The WARN_ON_ONCE is introduced on truncate_folio_batch_exceptionals() tocapture whether the filesystem has removed all DAX entries or not. And the fix has been applie...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38359

In the Linux kernel, the following vulnerability has been resolved: s390/mm: Fix in_atomic() handling in do_secure_storage_access() Kernel user spaces accesses to not exported pages in atomic contextincorrectly try to resolve the page fault.With debug options enabled call traces like this can be se...

6AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38372

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix unsafe xarray access in implicit ODP handling __xa_store() and __xa_erase() were used without holding the proper lock,which led to a lockdep warning due to unsafe RCU usage. This patchreplaces them with xa_store() an...

6.1AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38373

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix potential deadlock in MR deregistration The issue arises when kzalloc() is invoked while holding umem_mutex orany other lock acquired under umem_mutex. This is problematic becausekzalloc() can trigger fs_reclaim_aqcuir...

6.2AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38375

In the Linux kernel, the following vulnerability has been resolved: virtio-net: ensure the received length does not exceed allocated size In xdp_linearize_page, when reading the following buffers from the ring,we forget to check the received length with the true allocate size. Thiscan lead to an ou...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38379

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix warning when reconnecting channel When reconnecting a channel in smb2_reconnect_server(), a dummy tconis passed down to smb2_reconnect() with ->query_interfaceuninitialized, so we can't call queue_delayed_work()...

6AI score0.00023EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38383

In the Linux kernel, the following vulnerability has been resolved: mm/vmalloc: fix data race in show_numa_info() The following data-race was found in show_numa_info(): ==================================================================BUG: KCSAN: data-race in vmalloc_info_show / vmalloc_info_show r...

6.3AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38395

In the Linux kernel, the following vulnerability has been resolved: regulator: gpio: Fix the out-of-bounds access to drvdata::gpiods drvdata::gpiods is supposed to hold an array of 'gpio_desc' pointers. Butthe memory is allocated for only one pointer. This will lead toout-of-bounds access later in ...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38401

In the Linux kernel, the following vulnerability has been resolved: mtk-sd: Prevent memory corruption from DMA map failure If msdc_prepare_data() fails to map the DMA region, the request isnot prepared for data receiving, but msdc_start_data() proceedsthe DMA with previous setting.Since this will l...

6.6AI score0.00032EPSS
Total number of security vulnerabilities10741