kernel-tools-libs-devel (AlmaLinux:8) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the AlmaLinux:8 package kernel-tools-libs-devel, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2023-2163 — CVSS 10.0 (critical): Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary…
CVE-2021-3773 — CVSS 9.8 (critical): A flaw in netfilter could allow a network-connected attacker to infer openvpn connection endpoint information for further use in…
CVE-2026-46135 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nvmet-tcp: fix race between ICReq handling and queue teardown…
CVE-2026-43037 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ip6_tunnel: clear skb2->cb[] in ip4ip6_err() Oskar Kjos reported the…
CVE-2021-43267 — CVSS 9.8 (critical): An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC)…
CVE-2026-43038 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach() Sashiko…
CVE-2021-47548 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow…
CVE-2024-38541 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In…
CVE-2026-22984 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handle_auth_done()…
CVE-2026-31669 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: mptcp: fix slab-use-after-free in __inet_lookup_established The ehash…
CVE-2026-43125 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: dlm: validate length in dlm_search_rsb_tree The len parameter in…
CVE-2026-31402 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nfsd: fix heap overflow in NFSv4.0 LOCK replay cache The NFSv4.0 replay…
CVE-2026-31685 — CVSS 9.4 (critical): In the Linux kernel, the following vulnerability has been resolved: netfilter: ip6t_eui64: reject invalid MAC header for all packets…
CVE-2026-23455 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_h323: check for zero length in DecodeQ931() In…
CVE-2024-35960 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously…
CVE-2026-46125 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: remove station if connection prep fails If connection…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2026-43110 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: validate bsscfg indices in IF events…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2026-31709 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: validate the whole DACL before rewriting it in cifsacl…
CVE-2026-46152 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: drop stray 'static' from fast-RX rx_result…
CVE-2026-43158 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfs: fix freemap adjustments when adding xattrs to leaf blocks xfs/592…
CVE-2026-31408 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix use-after-free in sco_recv_frame() due to missing…
CVE-2020-36158 — CVSS 8.8 (high): mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote…
CVE-2023-52798 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: ath11k: fix dfs radar event locking The ath11k active pdevs are…
CVE-2023-5178 — CVSS 8.8 (high): A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP…
CVE-2021-4154 — CVSS 8.8 (high): A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local…
CVE-2026-23193 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: target: iscsi: Fix use-after-free in iscsit_dec_session_usage_coun…
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2026-43284 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: xfrm: esp: avoid in-place decrypt on shared skb frags MSG_SPLICE_PAGES…
CVE-2024-25744 — CVSS 8.8 (high): In the Linux kernel before 6.6.7, an untrusted VMM can trigger int80 syscall handling at any given point. This is related to…
CVE-2026-46056 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: fix potential UAF in SSP passkey handlers…
CVE-2022-48754 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add…
CVE-2026-43190 — CVSS 8.2 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: xt_tcpmss: check remaining length before reading optlen…
CVE-2022-1012 — CVSS 8.2 (high): A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This…
CVE-2019-19770 — CVSS 8.2 (high): In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove…
CVE-2026-31613 — CVSS 8.1 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix OOB reads parsing symlink error response When a CREATE…
CVE-2020-28374 — CVSS 8.1 (high): In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can…
CVE-2022-41674 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the…
CVE-2026-43051 — CVSS 8.1 (high): In the Linux kernel, the following vulnerability has been resolved: HID: wacom: fix out-of-bounds read in wacom_intuos_bt_irq The…
CVE-2022-50386 — CVSS 8.0 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix user-after-free This uses l2cap_chan_hold_unless_z…
CVE-2021-4157 — CVSS 8.0 (high): An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring…
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2026-31419 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast()…
CVE-2021-22543 — CVSS 7.8 (high): An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages…
CVE-2023-52667 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: fix a potential double-free in fs_any_create_groups When…
CVE-2025-38022 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/core: Fix "KASAN: slab-use-after-free Read in ib_register_device"…
CVE-2023-52840 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()…
CVE-2026-23392 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: release flowtable after rcu grace period on error…
CVE-2023-52864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7…
CVE-2023-52922 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: bcm: Fix UAF in bcm_proc_show() BUG: KASAN: slab-use-after-free in…
CVE-2021-27365 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or…
CVE-2025-37914 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: ets: Fix double list add in class with netem as child qdisc…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2023-53257 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check S1G action frame size Before checking the action…
CVE-2026-46090 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix peer runtime UAF during format-change stop…
CVE-2023-53305 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: L2CAP: Fix use-after-free Fix potential use-after-free in…
CVE-2023-53373 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: seqiv - Handle EBUSY correctly As it is seqiv only handles the…
CVE-2023-53386 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix potential use-after-free when clear keys Similar to…
CVE-2025-37890 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class with netem as child…
CVE-2021-29154 — CVSS 7.8 (high): BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute…
CVE-2023-53552 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/i915: mark requests for GuC virtual engines to avoid use-after-free…
CVE-2023-53673 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: hci_event: call disconnect callback before deleting conn In…
CVE-2025-37797 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net_sched: hfsc: Fix a UAF vulnerability in class handling This patch…
CVE-2025-37738 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ext4: ignore xattrs past end Once inside 'ext4_xattr_inode_dec_ref_all'…
CVE-2023-5633 — CVSS 7.8 (high): The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2023-6817 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2025-22097 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/vkms: Fix use after free and double free on init error If the…
CVE-2025-22020 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: memstick: rtsx_usb_ms: Fix slab-use-after-free in…
CVE-2025-22004 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: atm: fix use after free in lec_send() The ->send() operation frees…
CVE-2025-21991 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: x86/microcode/AMD: Fix out-of-bounds on systems with CPU-less NUMA…
CVE-2026-45852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/rxe: Fix double free in rxe_srq_from_init In rxe_srq_from_init()…
CVE-2021-33034 — CVSS 7.8 (high): In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This…
CVE-2021-33200 — CVSS 7.8 (high): kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579…
CVE-2025-21928 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: HID: intel-ish-hid: Fix use-after-free issue in ishtp_hid_remove() The…
CVE-2021-3347 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing…
CVE-2025-21919 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sched/fair: Fix potential memory corruption in child_cfs_rq_on_list…
CVE-2019-19543 — CVSS 7.8 (high): In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
CVE-2021-33909 — CVSS 7.8 (high): fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an…
CVE-2021-3489 — CVSS 7.8 (high): The eBPF RINGBUF bpf_ringbuf_reserve() function in the Linux kernel did not check that the allocated size was smaller than the ringbuf…
CVE-2025-21858 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: geneve: Fix use-after-free in geneve_find_dev(). syzkaller reported a…
CVE-2025-21785 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: arm64: cacheinfo: Avoid out-of-bounds write to cacheinfo array The loop…
CVE-2021-3600 — CVSS 7.8 (high): It was discovered that the eBPF implementation in the Linux kernel did not properly track bounds information for 32 bit registers when…
CVE-2025-21764 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ndisc: use RCU protection in ndisc_alloc_skb() ndisc_alloc_skb() can be…
CVE-2025-21759 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: mcast: extend RCU protection in igmp6_send() igmp6_send() can be…
CVE-2021-3612 — CVSS 7.8 (high): An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the…
CVE-2026-23270 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Only allow act_ct to bind to clsact/ingress qdiscs and…
CVE-2024-26907 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment…
CVE-2025-21756 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock: Keep the binding until socket destruction Preserve sockets…
CVE-2024-26933 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in port "disable" sysfs attribute The show and…
CVE-2024-26934 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the…
CVE-2019-15925 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.2.3. An out of bounds access exists in the function hclge_tm_schd_mode_vnet_base_cfg…
CVE-2019-25162 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after…
CVE-2026-43329 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: flowtable: strictly check for maximum number of actions The…
CVE-2025-21727 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: padata: fix UAF in padata_reorder A bug was found when run ltp test…
CVE-2024-27043 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2024-58002 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Remove dangling pointers When an async control is…
CVE-2026-23243 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/umad: Reject negative data_len in ib_umad_write ib_umad_write…
CVE-2024-57980 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Fix double free in error path If the uvc_status_init()…
CVE-2021-4028 — CVSS 7.8 (high): A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a…
CVE-2021-4037 — CVSS 7.8 (high): A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files…
CVE-2026-46331 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: fix pedit partial COW leading to page cache corruption…
CVE-2021-41864 — CVSS 7.8 (high): prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF…
CVE-2021-4197 — CVSS 7.8 (high): An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users…
CVE-2024-36886 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tipc: fix UAF in error path Sam Page (sam4k) working with Trend Micro…
CVE-2026-46300 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: skbuff: preserve shared-frag marker during coalescing…
CVE-2024-36921 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: guard against invalid STA ID on removal Guard…
CVE-2026-23231 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: fix use-after-free in nf_tables_addchain()…
CVE-2024-57979 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pps: Fix a use-after-free On a board running ntpd and gpsd, I'm seeing…
CVE-2026-23209 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: macvlan: fix error recovery in macvlan_common_newlink() valis provided…
CVE-2020-0466 — CVSS 7.8 (high): In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local…
CVE-2024-38570 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: gfs2: Fix potential glock use-after-free on unmount When a DLM…
CVE-2024-38581 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdgpu/mes: fix use-after-free issue Delete fence fallback timer to…
CVE-2024-38586 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: r8169: Fix possible ring buffer corruption on fragmented Tx packets. An…
CVE-2024-53141 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: add missing range check in bitmap_ip_uadt When…
CVE-2021-46984 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge(…
CVE-2021-47013 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In…
CVE-2026-43279 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: usb-audio: Add sanity check for OOB writes at silencing At…
CVE-2024-40901 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory…
CVE-2024-40906 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Always stop health timer during driver removal Currently, if…
CVE-2021-47118 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot…
CVE-2018-13405 — CVSS 7.8 (high): The inode_init_owner function in fs/inode.c in the Linux kernel through 3.16 allows local users to create files with an unintended group…
CVE-2024-40954 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: do not leave a dangling sk pointer, when socket creation fails It…
CVE-2024-40958 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netns: Make get_net_ns() handle zero refcount net Syzkaller hit a…
CVE-2021-47310 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it…
CVE-2021-47321 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This…
CVE-2021-47338 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: fbmem: Do not delete the mode that is still in use The execution of…
CVE-2021-47352 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: virtio-net: Add validation for used length This adds validation for…
CVE-2024-40989 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Disassociate vcpus from redistributor region on teardown…
CVE-2026-23191 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ALSA: aloop: Fix racy access at PCM trigger The PCM trigger callback of…
CVE-2021-47386 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: hwmon: (w83791d) Fix NULL pointer dereference by removing unnecessary…
CVE-2020-12362 — CVSS 7.8 (high): Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel…
CVE-2024-41039 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: firmware: cs_dsp: Fix overflow checking of wmfw header Fix the checking…
CVE-2024-41042 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: prefer nft_chain_validate nft_chain_validate…
CVE-2021-47497 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvmem: Fix shift-out-of-bound (UBSAN) with byte size cells If a cell…
CVE-2024-50264 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: vsock/virtio: Initialization of the dangling pointer occurring in…
CVE-2024-41073 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to…
CVE-2021-47609 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: firmware: arm_scpi: Fix string overflow in SCPI genpd driver Without…
CVE-2024-41092 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/i915/gt: Fix potential UAF by revoke of fence registers CI has been…
CVE-2021-47670 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: can: peak_usb: fix use after free bugs After calling…
CVE-2026-23074 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: Enforce that teql can only be used as root qdisc Design…
CVE-2020-13974 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called…
CVE-2022-0330 — CVSS 7.8 (high): A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code…
CVE-2024-43842 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: rtw89: Fix array index mistake in rtw89_sta_info_get_iter() In…
CVE-2024-43830 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: leds: trigger: Unregister sysfs attributes before calling deactivate()…
CVE-2024-42301 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds…
CVE-2026-23001 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: macvlan: fix possible UAF in macvlan_forward_source() Add RCU…
CVE-2022-0516 — CVSS 7.8 (high): A vulnerability was found in kvm_s390_guest_sida_op in the arch/s390/kvm/kvm-s390.c function in KVM for s390 in the Linux kernel. This flaw…
CVE-2020-14351 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with…
CVE-2024-42284 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error…
CVE-2020-14356 — CVSS 7.8 (high): A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the…
CVE-2022-1011 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s FUSE filesystem in the way a user triggers write(). This flaw allows a local user…
CVE-2020-14381 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their…
CVE-2022-1055 — CVSS 7.8 (high): A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit…
CVE-2026-43056 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: mana: fix use-after-free in add_adev() error path If…
CVE-2022-1679 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_targ…
CVE-2026-46181 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx4: Fix mis-use of RCU in mlx4_srq_event() Sashiko points out…
CVE-2022-22942 — CVSS 7.8 (high): The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by…
CVE-2022-25265 — CVSS 7.8 (high): In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g…
CVE-2022-25636 — CVSS 7.8 (high): net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds…
CVE-2025-71238 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix bsg_done() causing double free Kernel panic observed…
CVE-2022-2639 — CVSS 7.8 (high): An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and…
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2022-28390 — CVSS 7.8 (high): ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2026-43027 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_helper: pass helper to expect cleanup…
CVE-2022-28893 — CVSS 7.8 (high): The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-2938 — CVSS 7.8 (high): A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could…
CVE-2022-29581 — CVSS 7.8 (high): Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root…
CVE-2022-2964 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2022-32250 — CVSS 7.8 (high): net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate…
CVE-2022-3239 — CVSS 7.8 (high): A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based…
CVE-2025-39955 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect(). syzbot…
CVE-2026-46145 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mana: Validate rx_hash_key_len Sashiko points out that…
CVE-2025-39864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix use-after-free in cmp_bss() Following bss_free()…
CVE-2025-39849 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: sme: cap SSID length in __cfg80211_connect_result() If…
CVE-2025-39841 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Fix buffer free/clear order in deferred receive path Fix a…
CVE-2025-39730 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: NFS: Fix filehandle bounds checking in nfs_fh_to_dentry() The function…
CVE-2022-39189 — CVSS 7.8 (high): An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel…
CVE-2026-43020 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: MGMT: validate LTK enc_size on load Load Long Term Keys…
CVE-2022-4139 — CVSS 7.8 (high): An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or…
CVE-2022-42720 — CVSS 7.8 (high): Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be…
CVE-2025-38724 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()…
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2025-38718 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sctp: linearize cloned gso packets in sctp_rcv A cloned head skb still…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2026-31787 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: xen/privcmd: fix double free via VMA splitting privcmd_vm_ops defines…