Searching CVE for "linux kernel"
CVE-2025-10010 is a configuration file integrity bypass vulnerability in CryptoPro Secure Disk (CPSD) that allows attackers with physical access to modify unvalidated Linux configuration files. This e...
CVE-2025-1272 is a Linux kernel vulnerability where lockdown mode is disabled without warning in Fedora Linux kernel versions 6.12+, allowing attackers to bypass security restrictions. This enables ac...
This CVE describes a use-after-free vulnerability in the Linux kernel's EROFS filesystem when using file-backed mounts with the directio option. The race condition can lead to kernel panic or potentia...
A race condition vulnerability in the Linux kernel's ksmbd (SMB server) component allows use-after-free attacks in multi-channel SMB sessions. This affects systems running vulnerable Linux kernel vers...
A memory leak vulnerability in the Linux kernel's SMB server implementation (ksmbd) occurs when kthread_run() fails during new TCP connection handling, causing the active connection counter (active_nu...
This CVE describes a race condition vulnerability in the Linux kernel's SMB client implementation where concurrent updates to bitfield flags in cached_fid structures could cause stale data to be resto...
A vulnerability in the Linux kernel's ksmbd SMB server module causes an infinite loop when processing malformed SMB2 requests with invalid signatures. This leads to denial of service through high CPU ...
A memory allocation vulnerability in the Linux kernel's OMAP crypto driver causes scatterlist arrays to be allocated 4x smaller than required. This leads to buffer overflow conditions when processing ...
A Linux kernel vulnerability in the rtl8xxxu WiFi driver allows out-of-bounds memory writes when adding stations. This can lead to kernel memory corruption, potentially causing system crashes or arbit...
A NULL pointer dereference vulnerability in the Linux kernel's QLogic Fibre Channel driver (qla2xxx) can cause kernel panics and system crashes when handling certain storage operations. This affects s...
A memory leak vulnerability exists in the Linux kernel's HFS filesystem implementation where superblock filesystem information isn't properly cleaned up during mount failures. This affects Linux syste...
A memory leak vulnerability in the Linux kernel's QLogic Fibre Channel driver (qla2xxx) can cause system crashes during driver unload operations. This affects systems using QLogic Fibre Channel HBAs w...
This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's Loongson GPIO driver. The vulnerability occurs when the driver incorrectly checks chip->parent instead of chip->irq.pa...
This CVE describes a data race condition in the Linux kernel's bonding driver where slave->last_rx and slave->target_last_arp_rx fields can be accessed concurrently without proper synchronization. Thi...
A vulnerability in the Linux kernel's Btrfs filesystem allows new transactions to be created even when the filesystem is mounted with rescue options that make it fully read-only. This can trigger warn...
This is a use-after-free vulnerability in the Linux kernel's iSCSI target subsystem. It allows local attackers with access to iSCSI connections to potentially crash the kernel or execute arbitrary cod...
A race condition vulnerability in the Linux kernel's MD (Multiple Devices) RAID subsystem allows improper memory access when updating RAID configuration via sysfs. This affects Linux systems using sof...
This Linux kernel vulnerability in the mac80211 WiFi subsystem could allow connections on invalid or disabled channels when regulatory changes occur between scanning and connection attempts. It affect...
A use-after-free vulnerability in the Linux kernel's macvlan subsystem allows attackers to crash the kernel or potentially execute arbitrary code. This affects Linux systems using macvlan interfaces i...
A race condition in the Linux kernel's ice driver causes a NULL pointer dereference when PTP (Precision Time Protocol) periodic work runs while VSI (Virtual Station Interface) is being rebuilt. This l...
A race condition vulnerability in the Linux kernel's Tegra SPI driver could allow an attacker to cause a kernel crash or potentially execute arbitrary code. This affects systems using NVIDIA Tegra pro...
A race condition vulnerability in the Linux kernel's CPSW network driver where the ndo_set_rx_mode callback is called without proper locking, causing a kernel warning and potential system instability....
A memory corruption vulnerability in the Linux kernel's traffic classifier subsystem allows attackers to trigger out-of-bounds memory access via specially crafted network packets. This affects Linux s...
A memory leak vulnerability exists in the Linux kernel's SMB client implementation in the smb2_open_file() function. This vulnerability allows unprivileged local users to cause kernel memory exhaustio...
A kernel panic vulnerability in the Linux kernel's dpaa2-switch driver occurs when a device reports zero network interfaces. This causes the driver to allocate zero-sized arrays that return a special ...
This CVE describes a race condition vulnerability in the Linux kernel's Tegra210 Quad SPI driver that could lead to a NULL pointer dereference. The vulnerability occurs when the interrupt service rout...
A memory corruption vulnerability in the Linux kernel's ALSA USB audio subsystem allows an attacker to trigger an out-of-bounds write when sending specially crafted audio data. This affects systems us...
A use-after-free vulnerability in the Linux kernel's linkwatch subsystem allows an attacker to cause kernel memory corruption by manipulating network device carrier states. This affects all Linux syst...
A use-after-free vulnerability in the Linux kernel's iSCSI target subsystem allows race conditions during session cleanup. This can lead to kernel memory corruption and potential system crashes. Syste...
A memory corruption vulnerability in the Linux kernel's Binder IPC subsystem allows specially crafted empty file descriptor array objects to trigger out-of-bounds writes. This affects Linux systems us...
This CVE describes a use-after-free vulnerability in the Linux kernel's cgroup/dmem subsystem where a memory pool can be freed while still being referenced by callers. This allows attackers with local...
A Linux kernel vulnerability in the Intel THC HID driver could allow local attackers to cause a kernel panic or potentially execute arbitrary code by triggering a NULL pointer dereference when reading...
A race condition vulnerability in the Linux kernel's i2c-imx driver allows an endless read loop when handling invalid block data lengths. This can cause buffer overruns leading to system crashes or po...
A race condition vulnerability in the Linux kernel's KVM subsystem where deassigning an irqfd (interrupt request file descriptor) incorrectly clobbers routing information, potentially causing use-afte...
This CVE describes a deadlock vulnerability in the Linux kernel's procfs subsystem where fetching build ID information while holding VMA locks could cause system deadlocks. The vulnerability affects L...
A Linux kernel vulnerability in IPv6 routing causes a kernel panic when adding ECMP routes after clearing RTF_ADDRCONF flags from gateway routes. This affects Linux systems using IPv6 routing with ECM...
A memory management vulnerability in the Linux kernel's Ceph filesystem driver causes a kernel oops (crash) when accessing snapshot directories. This affects systems using CephFS with snapshots, poten...
A NULL pointer dereference vulnerability in the Linux kernel's cgroup/dmem subsystem allows local attackers to trigger a kernel panic (denial of service) by writing invalid data to the dmem.max contro...
This is a use-after-free vulnerability in the Linux kernel's binder IPC subsystem. It allows local attackers to potentially crash the kernel or execute arbitrary code by exploiting race conditions in ...
A Linux kernel vulnerability in the iwlwifi driver where the mlo_scan_start_wk work queue is not properly canceled on disconnection, leading to potential use-after-free or initialization-after-queue i...
A race condition vulnerability in the Linux kernel's acpi_power_meter driver can cause system deadlocks when handling ACPI notifications. This affects Linux systems using the ACPI power meter function...
This CVE describes an out-of-bounds memory access vulnerability in the Linux kernel's imx8m-blk-ctrl power management domain driver. The flaw occurs during device removal when accessing the 'domains' ...
A deadlock vulnerability in the Linux kernel's r8152 USB Ethernet driver can cause system hangs during device resume operations. This affects Linux systems using Realtek RTL8152/RTL8153-based USB Ethe...
A NULL pointer dereference vulnerability in the Linux kernel's CephFS client allows local attackers to cause a kernel panic (denial of service) by triggering the ceph_mds_auth_match() function with a ...
A memory leak vulnerability exists in the AMD ACP3x PDM DMA operations driver in the Linux kernel. This vulnerability allows attackers to cause denial of service through resource exhaustion by repeate...
A race condition vulnerability in the Linux kernel's ALSA loopback driver allows use-after-free (UAF) when programs frequently trigger PCM operations while opening/closing tied streams. This could lea...
A NULL pointer dereference vulnerability in the Linux kernel's NVMe PCI driver occurs when device DMA mapping requirements change during data iteration. This can cause kernel crashes or system instabi...
A race condition vulnerability in the Linux kernel's CPSW network driver where multicast address operations can trigger a kernel warning due to missing RTNL lock protection. This affects Linux systems...
This CVE describes a memory leak vulnerability in the Linux kernel's Toshiba HAPS driver. The vulnerability occurs when the driver fails to properly free allocated memory during error conditions in ad...
A race condition vulnerability in the Linux kernel's shared memory (shmem) subsystem can cause an infinite loop when truncating large swap entries. This affects Linux systems using shared memory and c...
A buffer overflow vulnerability exists in the Linux kernel's i2c-hid driver where the i2c_hid_get_report() function can read more data than allocated in the buffer. This could allow local attackers wi...
A race condition in the Linux kernel's NVMe over TCP subsystem can cause a deadlock when a listening socket is closed while processing data. This affects systems using NVMe over TCP storage protocols,...
A bounds check vulnerability in the Linux kernel's dpaa2-switch driver allows an out-of-bounds read when processing hardware interrupts. This affects systems using the dpaa2-switch driver, potentially...
A race condition vulnerability in the Linux kernel's btrfs filesystem allows a local attacker to trigger a kernel panic or null pointer dereference by changing block device size during mount operation...
A memory leak vulnerability in the Linux kernel's Tegra SPI driver occurs when platform_get_irq() fails during device probe, causing allocated resources to not be properly freed. This affects systems ...
This CVE addresses a speculative execution vulnerability in the RISC-V Linux kernel where an attacker could use a malicious syscall number to perform out-of-bounds memory access via cache side channel...
A refcount leak vulnerability in the Linux kernel's SMB server component (ksmbd) could lead to resource exhaustion or denial of service. When specific replay operations fail with -ENOEXEC error, the k...
A Linux kernel vulnerability in the SMB server component (ksmbd) where error handling fails to properly close RPC sessions when certain memory operations fail. This affects Linux systems running ksmbd...
A race condition in the Linux kernel's mmp_pdma_residue() function allows use-after-free when multiple threads access DMA descriptors while they're being freed. This affects systems using the mmp_pdma...
A buffer underflow vulnerability in the Linux kernel's wlcore WiFi driver could cause kernel panics when transmitting network packets. This affects systems using wlcore-based wireless chipsets (like w...
This CVE describes a reference count leak vulnerability in the Linux kernel's SMB server implementation (ksmbd). When ksmbd_vfs_getattr() fails during file operations, the system fails to properly rel...
This CVE addresses a race condition in the Linux kernel's OCB (Outside the Context of a BSS) WiFi mode implementation where the ieee80211_ocb_rx_no_sta() function could be called before the interface ...
A race condition in the Linux kernel's flexible proportions subsystem can cause indefinite loops when writeout throughput limits are configured. This affects systems using FUSE filesystems or other co...
A race condition vulnerability in the Linux kernel's MPTCP subsystem allows concurrent access to network address lists without proper RCU synchronization. This affects Linux systems with MPTCP enabled...
This CVE describes a resource leak vulnerability in the Linux kernel's DRM/iMX TVE driver where a reference to the DDC (Display Data Channel) device is not properly released during probe failure or dr...
A use-after-free vulnerability in the Linux kernel bonding driver allows attackers to cause a kernel crash or potentially execute arbitrary code. This affects systems using network bonding with XDP pr...
A buffer overflow vulnerability in the Linux kernel's t7xx WWAN driver could allow malicious or buggy modem firmware to cause kernel memory corruption by sending packets with excessive fragments. This...
A NULL pointer dereference vulnerability in the Linux kernel's mlx5e TC (Traffic Control) driver allows local attackers to cause a kernel panic and system crash when deleting network flows. This affec...
A race condition vulnerability in the Linux kernel's perf subsystem could cause a kernel crash when profiling user tasks. The issue occurs when perf attempts to read memory from a task that's in the p...
A memory leak vulnerability exists in the Linux kernel's octeon_ep driver where octep_device_setup() fails to clean up mapped resources and allocated memory when octep_ctrl_net_init() fails. This affe...
A race condition vulnerability in the Linux kernel's memory management subsystem allows improper handling of swap entries during truncation operations. This can lead to kernel panics, system hangs, or...
A double-free memory corruption vulnerability in the Linux kernel's Xe graphics driver (drm/xe/nvm) that occurs when auxiliary device addition fails. This affects Linux systems using the Xe graphics d...
A NULL pointer dereference vulnerability in the Linux kernel's AMD GPU driver allows local attackers to cause a kernel panic and system crash on affected APU systems. This affects Linux systems with A...
A memory leak vulnerability exists in the Linux kernel's rocker driver where allocated memory for port private data is not properly freed when ports are removed. This affects systems using the rocker ...
This CVE describes a deadlock vulnerability in the Linux kernel's sfc driver when handling RSS (Receive Side Scaling) configuration reads via ethtool commands. The vulnerability affects Linux systems ...
A NULL pointer dereference vulnerability in the Linux kernel's ice driver for Intel E810 Ethernet controllers causes kernel crashes when resuming from suspend. This affects systems using Intel E810-XX...
A race condition vulnerability in the Linux kernel's NFC subsystem allows use-after-free conditions when rfkill operations occur during device unregistration. This can lead to kernel crashes or potent...
This CVE addresses a kernel warning trigger vulnerability in the Linux kernel's DRM subsystem. Attackers with local access can trigger kernel warnings by passing specially crafted handle values to the...
This is a memory leak vulnerability in the Linux kernel's NFC LLCP subsystem where nfc_llcp_send_ui_frame() fails to properly synchronize with local_cleanup(), causing sk_buff allocations to be queued...
A memory leak vulnerability in the Linux kernel's Bluetooth MGMT subsystem allows unallocated memory to accumulate when SSP (Secure Simple Pairing) commands complete. This affects Linux systems with B...
A vulnerability in the Linux kernel's mac80211 WiFi subsystem allows attackers to cause a buffer overflow when parsing TID-To-Link Mapping (TTLM) elements with default link maps. This affects Linux sy...
A race condition vulnerability in the Linux kernel's firewire core allows concurrent processing of AR response and AT request completion events without proper locking. This could lead to system instab...
This vulnerability in the Linux kernel causes protocol inconsistencies and reduced network throughput when forwarding GRO packets through IPv4/IPv6 translation (XLAT). It affects systems using IPv4/IP...
This CVE addresses a kernel panic vulnerability in the Linux kernel's CAN (Controller Area Network) USB driver (gs_usb). The issue occurs when the driver attempts to print an error message after a fai...
A Linux kernel vulnerability in the efivarfs subsystem where efivar_entry_get() fails to properly propagate errors from __efivar_entry_get(). This allows uninitialized heap memory to be copied to user...
A deadlock vulnerability in the Linux kernel's btrfs filesystem where metadata writeback logic conflicts with cgroup dirty page limits, causing system hangs. Affects Linux systems using btrfs with cgr...
A use-after-free vulnerability in the Linux kernel's gpio-virtuser driver allows attackers to potentially crash the kernel or execute arbitrary code with kernel privileges. This affects Linux systems ...
A Linux kernel BPF subsystem vulnerability allows userspace to supply oversized metadata in XDP test runs, potentially causing uninitialized frame structures and memory corruption. This affects system...
A memory safety vulnerability in the Linux kernel's Btrfs filesystem send functionality could allow local attackers to cause kernel crashes or potentially execute arbitrary code. This affects Linux sy...
A memory leak and system interface disruption vulnerability in the Linux kernel's DAMON sysfs subsystem. When DAMOS-scheme directory setup fails after creating access_pattern subdirectories, those sub...
A memory alignment bug in the Linux kernel's virtio_net driver causes RSS (Receive Side Scaling) hash keys to be misaligned by one byte when passed to virtual network devices. This affects Linux syste...
A memory leak vulnerability in the Linux kernel's DAMON sysfs interface occurs when context directory setup fails after attrs/ subdirectories have been created. This causes the system to retain orphan...
This CVE describes a memory leak vulnerability in the Linux kernel's ext4 filesystem driver. When handling extended attributes on inodes, the kernel fails to properly release buffer head references in...
A race condition in the Linux kernel's Bluetooth HCI UART driver allows a NULL pointer dereference when a TTY write wakeup occurs during protocol initialization. This vulnerability affects Linux syste...
A memory leak vulnerability in the Linux kernel's BTRFS filesystem zlib compression module affects systems using S390 hardware acceleration. When processing compressed files, the kernel fails to relea...
A race condition in the Linux kernel's NVMe over Fabrics target subsystem can cause a NULL pointer dereference, leading to kernel panic and system crash. This affects systems using the nvmet module, p...
This CVE addresses error handling and resource leak vulnerabilities in the Linux kernel's DRM bridge driver for Synopsys DisplayPort. The flaws could lead to kernel resource exhaustion or system insta...
This CVE involves a memory management vulnerability in the Linux kernel's ath10k WiFi driver where dma_free_coherent() is called with incorrect pointer values. This could lead to memory corruption or ...
A race condition vulnerability in the Linux kernel's slab allocator that can cause kernel panics on PREEMPT_RT (Real-Time) kernels. When kmalloc_nolock() is called from contexts with disabled preempti...
A race condition vulnerability in the Linux kernel's libceph component where sparse-read state isn't properly reset during connection faults, causing the OSD client to misinterpret new replies as cont...