Lucene search

K
LinuxLinux Kernel

10741 matches found

CVE
CVE
added 2025/07/25 3:15 p.m.6 views

CVE-2025-38435

In the Linux kernel, the following vulnerability has been resolved: riscv: vector: Fix context save/restore with xtheadvector Previously only v0-v7 were correctly saved/restored,and the context of v8-v31 are damanged.Correctly save/restore v8-v31 to avoid breaking userspace.

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.5 views

CVE-2025-38402

In the Linux kernel, the following vulnerability has been resolved: idpf: return 0 size for RSS key if not supported Returning -EOPNOTSUPP from function returning u32 is leading tocast and invalid size value as a result. -EOPNOTSUPP as a size probably will lead to allocation fail. Command: ethtool ...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 2:15 p.m.5 views

CVE-2025-38406

In the Linux kernel, the following vulnerability has been resolved: wifi: ath6kl: remove WARN on bad firmware input If the firmware gives bad input, that's nothing to do withthe driver's stack at this point etc., so the WARN_ON()doesn't add any value. Additionally, this is one of thetop syzbot repo...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.5 views

CVE-2025-38430

In the Linux kernel, the following vulnerability has been resolved: nfsd: nfsd4_spo_must_allow() must check this is a v4 compound request If the request being processed is not a v4 compound request, thenexamining the cstate can have undefined results. This patch adds a check that the rpc procedure ...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 3:15 p.m.5 views

CVE-2025-38431

In the Linux kernel, the following vulnerability has been resolved: smb: client: fix regression with native SMB symlinks Some users and customers reported that their backup/copy tools startedto fail when the directory being copied contained symlink targets thatthe client couldn't parse - even when ...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38438

In the Linux kernel, the following vulnerability has been resolved: ASoC: SOF: Intel: hda: Use devm_kstrdup() to avoid memleak. sof_pdata->tplg_filename can have address allocated by kstrdup()and can be overwritten. Memory leak was detected with kmemleak: unreferenced object 0xffff88812391ff60 (...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38439

In the Linux kernel, the following vulnerability has been resolved: bnxt_en: Set DMA unmap len correctly for XDP_REDIRECT When transmitting an XDP_REDIRECT packet, call dma_unmap_len_set()with the proper length instead of 0. This bug triggers this warningon a system with IOMMU enabled: WARNING: CPU...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38440

In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix race between DIM disable and net_dim() There's a race between disabling DIM and NAPI callbacks using the dimpointer on the RQ or SQ. If NAPI checks the DIM state bit and sees it still set, it assumesrq->dim or sq-...

6.2AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38441

In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: account for Ethernet header in nf_flow_pppoe_proto() syzbot found a potential access to uninit-value in nf_flow_pppoe_proto() Blamed commit forgot the Ethernet header. BUG: KMSAN: uninit-value in nf_flow_offlo...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38442

In the Linux kernel, the following vulnerability has been resolved: block: reject bs > ps block devices when THP is disabled If THP is disabled and when a block device with logical block size >page size is present, the following null ptr deref panic happens duringboot: [ [13.2 mK AOSAN: null-...

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38444

In the Linux kernel, the following vulnerability has been resolved: raid10: cleanup memleak at raid10_make_request If raid10_read_request or raid10_write_request registers a newrequest and the REQ_NOWAIT flag is set, the code does notfree the malloc from the mempool. unreferenced object 0xffff88848...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38446

In the Linux kernel, the following vulnerability has been resolved: clk: imx: Fix an out-of-bounds access in dispmix_csr_clk_dev_data When num_parents is 4, __clk_register() occurs an out-of-boundswhen accessing parent_names member. Use ARRAY_SIZE() instead ofhardcode number here. BUG: KASAN: globa...

6.4AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38448

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: u_serial: Fix race condition in TTY wakeup A race condition occurs when gs_start_io() calls either gs_start_rx() orgs_start_tx(), as those functions briefly drop the port_lock forusb_ep_queue(). This allows gs_close() ...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38451

In the Linux kernel, the following vulnerability has been resolved: md/md-bitmap: fix GPF in bitmap_get_stats() The commit message of commit 6ec1f0239485 ("md/md-bitmap: fix statscollection for external bitmaps") states: Remove the external bitmap check as the statistics should be available regardl...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38452

In the Linux kernel, the following vulnerability has been resolved: net: ethernet: rtsn: Fix a null pointer dereference in rtsn_probe() Add check for the return value of rcar_gen4_ptp_alloc()to prevent potential null pointer dereference.

6.3AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38453

In the Linux kernel, the following vulnerability has been resolved: io_uring/msg_ring: ensure io_kiocb freeing is deferred for RCU syzbot reports that defer/local task_work adding via msg_ring can hita request that has been freed: CPU: 1 UID: 0 PID: 19356 Comm: iou-wrk-19354 Not tainted 6.16.0-rc4-...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38454

In the Linux kernel, the following vulnerability has been resolved: ALSA: ad1816a: Fix potential NULL pointer deref in snd_card_ad1816a_pnp() Use pr_warn() instead of dev_warn() when 'pdev' is NULL to avoid apotential NULL pointer dereference.

6.3AI score0.00022EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38456

In the Linux kernel, the following vulnerability has been resolved: ipmi:msghandler: Fix potential memory corruption in ipmi_create_user() The "intf" list iterator is an invalid pointer if the correct"intf->intf_num" is not found. Calling atomic_dec(&intf->nr_users) onand invalid pointer will...

6.5AI score0.00024EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38459

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix infinite recursive call of clip_push(). syzbot reported the splat below. [0] This happens if we call ioctl(ATMARP_MKIP) more than once. During the first call, clip_mkip() sets clip_push() to vcc->push(),and the se...

6.2AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38460

In the Linux kernel, the following vulnerability has been resolved: atm: clip: Fix potential null-ptr-deref in to_atmarpd(). atmarpd is protected by RTNL since commit f3a0592b37b8 ("[ATM]: clipcauses unregister hang"). However, it is not enough because to_atmarpd() is called without RTNL,especially...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38461

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_* TOCTOU Transport assignment may race with module unload. Protect new_transportfrom becoming a stale pointer. This also takes care of an insecure call in vsock_use_local_transport();add a lockdep assert. BUG: ...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38462

In the Linux kernel, the following vulnerability has been resolved: vsock: Fix transport_{g2h,h2g} TOCTOU vsock_find_cid() and vsock_dev_do_ioctl() may race with module unload.transport_{g2h,h2g} may become NULL after the NULL check. Introduce vsock_transport_local_cid() to protect from a potential...

6.3AI score0.00032EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38466

In the Linux kernel, the following vulnerability has been resolved: perf: Revert to requiring CAP_SYS_ADMIN for uprobes Jann reports that uprobes can be used destructively when used in themiddle of an instruction. The kernel only verifies there is a validinstruction at the requested offset, but due...

6.2AI score0.00031EPSS
CVE
CVE
added 2025/07/25 4:15 p.m.5 views

CVE-2025-38467

In the Linux kernel, the following vulnerability has been resolved: drm/exynos: exynos7_drm_decon: add vblank check in IRQ handling If there's support for another console device (such as a TTY serial),the kernel occasionally panics during boot. The panic message and arelevant snippet of the call st...

6.2AI score0.00032EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38470

In the Linux kernel, the following vulnerability has been resolved: net: vlan: fix VLAN 0 refcount imbalance of toggling filtering during runtime Assuming the "rx-vlan-filter" feature is enabled on a net device, the8021q module will automatically add or remove VLAN 0 when the net deviceis put admin...

6.2AI score0.00018EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38474

In the Linux kernel, the following vulnerability has been resolved: usb: net: sierra: check for no status endpoint The driver checks for having three endpoints andhaving bulk in and out endpoints, but not thatthe third endpoint is interrupt input.Rectify the omission.

6.5AI score0.00018EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38475

In the Linux kernel, the following vulnerability has been resolved: smc: Fix various oops due to inet_sock type confusion. syzbot reported weird splats [0][1] in cipso_v4_sock_setattr() whilefreeing inet_sk(sk)->inet_opt. The address was freed multiple times even though it was read-only memory. ...

6.5AI score0.00017EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38482

In the Linux kernel, the following vulnerability has been resolved: comedi: das6402: Fix bit shift out of bounds When checking for a supported IRQ number, the following test is used: /* IRQs 2,3,5,6,7, 10,11,15 are valid for "enhanced" mode */ if ((1 <options[1]) & 0x8cec) { However, it->opti...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38484

In the Linux kernel, the following vulnerability has been resolved: iio: backend: fix out-of-bound write The buffer is set to 80 character. If a caller write more characters,count is truncated to the max available space in "simple_write_to_buffer".But afterwards a string terminator is written to th...

6.6AI score0.00017EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38485

In the Linux kernel, the following vulnerability has been resolved: iio: accel: fxls8962af: Fix use after free in fxls8962af_fifo_flush fxls8962af_fifo_flush() uses indio_dev->active_scan_mask (withiio_for_each_active_channel()) without making sure the indio_devstays in buffer mode.There is a ra...

6.6AI score0.00018EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38494

In the Linux kernel, the following vulnerability has been resolved: HID: core: do not bypass hid_hw_raw_request hid_hw_raw_request() is actually useful to ensure the provided bufferand length are valid. Directly calling in the low level transport driverfunction bypassed those checks and allowed inv...

6.4AI score0.00018EPSS
CVE
CVE
added 5 days ago5 views

CVE-2025-38497

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: configfs: Fix OOB read on empty string write When writing an empty string to either 'qw_sign' or 'landingPage'sysfs attributes, the store functions attempt to access page[l - 1]before validating that the length 'l' is ...

6.3AI score0.00018EPSS
CVE
CVE
added 3 days ago5 views

CVE-2025-38498

In the Linux kernel, the following vulnerability has been resolved: do_change_type(): refuse to operate on unmounted/not ours mounts Ensure that propagation settings can only be changed for mounts locatedin the caller's mount namespace. This change aligns permission checkingwith the rest of mount(2...

7.1AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38354

In the Linux kernel, the following vulnerability has been resolved: drm/msm/gpu: Fix crash when throttling GPU immediately during boot There is a small chance that the GPU is already hot during boot. In thatcase, the call to of_devfreq_cooling_register() will immediately try toapply devfreq cooling...

6.2AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38358

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix race between async reclaim worker and close_ctree() Syzbot reported an assertion failure due to an attempt to add a delayediput after we have set BTRFS_FS_STATE_NO_DELAYED_IPUT in the fs_infostate: WARNING: CPU: 0 PID: 6...

6.1AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38364

In the Linux kernel, the following vulnerability has been resolved: maple_tree: fix MA_STATE_PREALLOC flag in mas_preallocate() Temporarily clear the preallocation flag when explicitly requestingallocations. Pre-existing allocations are already counted against therequest through mas_node_count_gfp(...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38366

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Check validity of "num_cpu" from user space The maximum supported cpu number is EIOINTC_ROUTE_MAX_VCPUS aboutirqchip EIOINTC, here add validation about cpu number to avoid arraypointer overflow.

6.4AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38367

In the Linux kernel, the following vulnerability has been resolved: LoongArch: KVM: Avoid overflow with array index The variable index is modified and reused as array index when modifyregister EIOINTC_ENABLE. There will be array index overflow problem.

6.7AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38368

In the Linux kernel, the following vulnerability has been resolved: misc: tps6594-pfsm: Add NULL pointer check in tps6594_pfsm_probe() The returned value, pfsm->miscdev.name, from devm_kasprintf()could be NULL.A pointer check is added to prevent potential NULL pointer dereference.This is similar...

6.3AI score0.00023EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38370

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix failure to rebuild free space tree using multiple transactions If we are rebuilding a free space tree, while modifying the free spacetree we may need to allocate a new metadata block group.If we end up using multiple tra...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38371

In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Disable interrupts before resetting the GPU Currently, an interrupt can be triggered during a GPU reset, which canlead to GPU hangs and NULL pointer dereference in an interrupt contextas shown in the following trace: [ 314...

6.1AI score0.00043EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38374

In the Linux kernel, the following vulnerability has been resolved: optee: ffa: fix sleep in atomic context The OP-TEE driver registers the function notif_callback() for FF-Anotifications. However, this function is called in an atomic contextleading to errors like this when processing asynchronous ...

6.3AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38377

In the Linux kernel, the following vulnerability has been resolved: rose: fix dangling neighbour pointers in rose_rt_device_down() There are two bugs in rose_rt_device_down() that can causeuse-after-free: The loop bound t->count is modified within the loop, which cancause the loop to terminate e...

6.5AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38378

In the Linux kernel, the following vulnerability has been resolved: HID: appletb-kbd: fix slab use-after-free bug in appletb_kbd_probe In probe appletb_kbd_probe() a "struct appletb_kbd *kbd" is allocatedvia devm_kzalloc() to store touch bar keyboard related data.Later on if backlight_device_get_by...

6AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38381

In the Linux kernel, the following vulnerability has been resolved: Input: cs40l50-vibra - fix potential NULL dereference in cs40l50_upload_owt() The cs40l50_upload_owt() function allocates memory via kmalloc()without checking for allocation failure, which could lead to aNULL pointer dereference. R...

6.3AI score0.00022EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38382

In the Linux kernel, the following vulnerability has been resolved: btrfs: fix iteration of extrefs during log replay At __inode_add_ref() when processing extrefs, if we jump into the nextlabel we have an undefined value of victim_name.len, since we haven'tinitialized it before we did the goto. Thi...

6.3AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38384

In the Linux kernel, the following vulnerability has been resolved: mtd: spinand: fix memory leak of ECC engine conf Memory allocated for the ECC engine conf is not released during spinandcleanup. Below kmemleak trace is seen for this memory leak: unreferenced object 0xffffff80064f00e0 (size 8):com...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38385

In the Linux kernel, the following vulnerability has been resolved: net: usb: lan78xx: fix WARN in __netif_napi_del_locked on disconnect Remove redundant netif_napi_del() call from disconnect path. A WARN may be triggered in __netif_napi_del_locked() during USB devicedisconnect: WARNING: CPU: 0 PID...

6.1AI score0.00024EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38386

In the Linux kernel, the following vulnerability has been resolved: ACPICA: Refuse to evaluate a method if arguments are missing As reported in [1], a platform firmware update that increased the numberof method parameters and forgot to update a least one of its callers,caused ACPICA to crash due to...

6.4AI score0.00032EPSS
CVE
CVE
added 2025/07/25 1:15 p.m.4 views

CVE-2025-38387

In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Initialize obj_event->obj_sub_list before xa_insert The obj_event may be loaded immediately after inserted, then if thelist_head is not initialized then we may get a poisonous pointer. Thisfixes the crash below: mlx5_...

6.3AI score0.00032EPSS
Total number of security vulnerabilities10741