kernel-default (SUSE:Linux Enterprise Live Patching 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Live Patching 15 SP2 package kernel-default, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2023-2163 — CVSS 10.0 (critical): Incorrect verifier pruning in BPF in Linux Kernel >=5.4 leads to unsafe code paths being incorrectly marked as safe, resulting in arbitrary…
CVE-2024-38541 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: of: module: add buffer overflow check in of_modalias() In…
CVE-2021-47274 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've…
CVE-2021-47378 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We…
CVE-2019-18814 — CVSS 9.8 (critical): An issue was discovered in the Linux kernel through 5.3.9. There is a use-after-free when aa_label_parse() fails in aa_audit_rule_init() in…
CVE-2021-43527 — CVSS 9.8 (critical): NSS (Network Security Services) versions prior to 3.73 or 3.68.1 ESR are vulnerable to a heap overflow when handling DER-encoded DSA or…
CVE-2021-47354 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to…
CVE-2021-28660 — CVSS 8.8 (high): rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2021-47347 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function…
CVE-2021-47324 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's…
CVE-2021-47323 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This…
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2022-42719 — CVSS 8.8 (high): A use-after-free in the mac80211 stack when parsing a multi-BSSID element in the Linux kernel 5.2 through 5.19.x before 5.19.16 could be…
CVE-2020-12351 — CVSS 8.8 (high): Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-36158 — CVSS 8.8 (high): mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote…
CVE-2020-29569 — CVSS 8.8 (high): An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the…
CVE-2021-47456 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module…
CVE-2022-1012 — CVSS 8.2 (high): A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This…
CVE-2022-41674 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the…
CVE-2021-47368 — CVSS 8.1 (high): In the Linux kernel, the following vulnerability has been resolved: enetc: Fix illegal access when reading affinity_hint…
CVE-2020-28374 — CVSS 8.1 (high): In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can…
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2021-4157 — CVSS 8.0 (high): An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring…
CVE-2021-33200 — CVSS 7.8 (high): kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579…
CVE-2024-35861 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_signal_cifsd_for_reconnect()…
CVE-2022-22942 — CVSS 7.8 (high): The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by…
CVE-2022-24958 — CVSS 7.8 (high): drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
CVE-2021-3715 — CVSS 7.8 (high): A flaw was found in the "Routing decision" classifier in the Linux kernel's Traffic Control networking subsystem in the way it handled…
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2024-50127 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: sched: fix use-after-free in taprio_change() In 'taprio_change()'…
CVE-2022-2639 — CVSS 7.8 (high): An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and…
CVE-2022-26490 — CVSS 7.8 (high): st21nfca_connectivity_event_received in drivers/nfc/st21nfca/se.c in the Linux kernel through 5.16.12 has EVT_TRANSACTION buffer overflows…
CVE-2023-52885 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener…
CVE-2022-27666 — CVSS 7.8 (high): A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local…
CVE-2022-28390 — CVSS 7.8 (high): ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2023-52854 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: padata: Fix refcnt handling in padata_free_shell() In a high-load arm64…
CVE-2023-52840 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Input: synaptics-rmi4 - fix use after free in rmi_unregister_function()…
CVE-2022-28893 — CVSS 7.8 (high): The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-2938 — CVSS 7.8 (high): A flaw was found in the Linux kernel's implementation of Pressure Stall Information. While the feature is disabled by default, it could…
CVE-2022-29581 — CVSS 7.8 (high): Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root…
CVE-2022-2964 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s driver for the ASIX AX88179_178A-based USB 2.0/3.0 Gigabit Ethernet Devices. The vulnerability…
CVE-2022-2977 — CVSS 7.8 (high): A flaw was found in the Linux kernel implementation of proxied virtualized TPM devices. On a system where virtualized TPM devices are…
CVE-2022-2978 — CVSS 7.8 (high): A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with…
CVE-2022-30594 — CVSS 7.8 (high): The Linux kernel before 5.17.2 mishandles seccomp permissions. The PTRACE_SEIZE code path allows attackers to bypass intended restrictions…
CVE-2024-35789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When…
CVE-2021-37576 — CVSS 7.8 (high): arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory…
CVE-2024-50125 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: SCO: Fix UAF on sco_sock_timeout conn->sk maybe have been…
CVE-2021-3760 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free vulnerability in the NFC stack can lead to a threat to confidentiality, integrity…
CVE-2022-3176 — CVSS 7.8 (high): There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the…
CVE-2022-32250 — CVSS 7.8 (high): net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate…
CVE-2023-52752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip…
CVE-2022-3239 — CVSS 7.8 (high): A flaw use after free in the Linux kernel video4linux driver was found in the way user triggers em28xx_usb_probe() for the Empia 28xx based…
CVE-2023-52707 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: sched/psi: Fix use-after-free in ep_remove_wait_queue() If a non-root…
CVE-2022-3424 — CVSS 7.8 (high): A use-after-free flaw was found in the Linux kernel’s SGI GRU driver in the way the first gru_file_unlocked_ioctl function is called by…
CVE-2023-52591 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change…
CVE-2023-52572 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cifs: Fix UAF in cifs_demultiplex_thread() There is a UAF when xfstests…
CVE-2023-52531 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above…
CVE-2023-52530 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When…
CVE-2021-38160 — CVSS 7.8 (high): In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that…
CVE-2024-50047 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix UAF in async decryption Doing an async decryption…
CVE-2023-52524 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list…
CVE-2023-52509 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravb_tx_timeout_work() The…
CVE-2022-3577 — CVSS 7.8 (high): An out-of-bounds memory write flaw was found in the Linux kernel’s Kid-friendly Wired Controller driver. This flaw allows a local user to…
CVE-2023-52482 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for…
CVE-2023-52475 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete…
CVE-2023-52474 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests…
CVE-2023-52469 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps…
CVE-2024-27398 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the…
CVE-2023-52451 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array…
CVE-2023-52445 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module…
CVE-2024-27043 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device…
CVE-2023-52439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: uio: Fix use-after-free in uio_open core-1 core-2…
CVE-2022-39189 — CVSS 7.8 (high): An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel…
CVE-2024-26930 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan…
CVE-2022-4095 — CVSS 7.8 (high): A use-after-free flaw was found in Linux kernel before 5.19.2. This issue occurs in cmd_hdl_filter in drivers/staging/rtl8712/rtl8712_cmd.c…
CVE-2024-26898 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2022-4139 — CVSS 7.8 (high): An incorrect TLB flush issue was found in the Linux kernel’s GPU i915 kernel driver, potentially leading to random memory corruption or…
CVE-2021-39698 — CVSS 7.8 (high): In aio_poll_complete_work of aio.c, there is a possible memory corruption due to a use after free. This could lead to local escalation of…
CVE-2024-26800 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tls: fix use-after-free on failed backlog decryption When the decrypt…
CVE-2021-4037 — CVSS 7.8 (high): A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files…
CVE-2022-42720 — CVSS 7.8 (high): Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be…
CVE-2023-51042 — CVSS 7.8 (high): In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2022-4378 — CVSS 7.8 (high): A stack overflow flaw was found in the Linux kernel's SYSCTL subsystem in how a user changes certain kernel parameters and variables. This…
CVE-2023-4921 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation…
CVE-2022-45934 — CVSS 7.8 (high): An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via…
CVE-2022-4744 — CVSS 7.8 (high): A double-free flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user registers the device when the…
CVE-2022-48626 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: moxart: fix potential use-after-free on remove path It was reported…
CVE-2024-49991 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: amdkfd_free_gtt_mem clear the correct pointer Pass pointer…
CVE-2021-41864 — CVSS 7.8 (high): prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel before 5.14.12 allows unprivileged users to trigger an eBPF…
CVE-2021-4197 — CVSS 7.8 (high): An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users…
CVE-2022-48686 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme-tcp: fix UAF when detecting digest errors We should also bail from…
CVE-2021-42008 — CVSS 7.8 (high): The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a…
CVE-2022-48771 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix stale file descriptors on failed usercopy A failing…
CVE-2022-48791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted TMF sas_task Currently a…
CVE-2022-48792 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: pm8001: Fix use-after-free for aborted SSP/STP sas_task Currently…
CVE-2022-48805 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: usb: ax88179_178a: Fix out-of-bounds accesses in RX fixup…
CVE-2022-48821 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: avoid double fput() on failed usercopy If the copy back…
CVE-2021-42252 — CVSS 7.8 (high): An issue was discovered in aspeed_lpc_ctrl_mmap in drivers/soc/aspeed/aspeed-lpc-ctrl.c in the Linux kernel before 5.14.6. Local attackers…
CVE-2022-48873 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: misc: fastrpc: Don't remove map on creater_process and device_release…
CVE-2024-49982 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in more places For fixing…
CVE-2022-48912 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: fix use-after-free in __nf_register_net_hook() We must not…
CVE-2022-48919 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cifs: fix double free race when mount fails in cifs_get_root() When…
CVE-2022-48925 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/cma: Do not change route.addr.src_addr outside state checks If the…
CVE-2022-48956 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid use-after-free in ip6_fragment() Blamed commit claimed…
CVE-2022-48960 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hix5hd2_rx() The skb is…
CVE-2022-48962 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: hisilicon: Fix potential use-after-free in hisi_femac_rx() The skb…
CVE-2024-26739 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb…
CVE-2022-48991 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: mm/khugepaged: invoke MMU notifiers in shmem/file collapse paths Any…
CVE-2022-49014 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: tun: Fix use-after-free in tun_detach() syzbot reported…
CVE-2022-49015 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: hsr: Fix potential use-after-free The skb is delivered to…
CVE-2022-49023 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: cfg80211: fix buffer overflow in elem comparison For vendor…
CVE-2022-49025 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/mlx5e: Fix use-after-free when reverting termination table When…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-4622 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The…
CVE-2021-4439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2023-1078 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in RDS (Reliable Datagram Sockets) protocol. The rds_rm_zerocopy_callback() uses list_entry() on the…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2023-1281 — CVSS 7.8 (high): Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area…
CVE-2024-26704 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In…
CVE-2023-1670 — CVSS 7.8 (high): A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to…
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2023-1872 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel io_uring system can be exploited to achieve local privilege escalation. The…
CVE-2023-4244 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-2007 — CVSS 7.8 (high): The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations…
CVE-2023-2008 — CVSS 7.8 (high): A flaw was found in the Linux kernel's udmabuf device driver. The specific flaw exists within a fault handler. The issue results from the…
CVE-2023-40283 — CVSS 7.8 (high): An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free…
CVE-2024-49936 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/xen-netback: prevent UAF in xenvif_flush_hash() During the…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2020-25669 — CVSS 7.8 (high): A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd…
CVE-2023-22995 — CVSS 7.8 (high): In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain…
CVE-2020-25670 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege…
CVE-2020-25671 — CVSS 7.8 (high): A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to…
CVE-2024-53061 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: s5p-jpeg: prevent buffer overflows The current logic allows word…
CVE-2023-23559 — CVSS 7.8 (high): In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2024-26689 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2021-46938 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-3812 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a…
CVE-2021-46943 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: staging/intel-ipu3: Fix set_fmt error handling If there in an…
CVE-2023-3111 — CVSS 7.8 (high): A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-32233 — CVSS 7.8 (high): In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform…
CVE-2023-3611 — CVSS 7.8 (high): An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege…
CVE-2021-46950 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request…
CVE-2023-3390 — CVSS 7.8 (high): A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error…
CVE-2023-34319 — CVSS 7.8 (high): The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-35788 — CVSS 7.8 (high): An issue was discovered in fl_set_geneve_opt in net/sched/cls_flower.c in the Linux kernel before 6.3.7. It allows an out-of-bounds write…
CVE-2024-26622 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since…
CVE-2024-46849 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ASoC: meson: axg-card: fix 'use-after-free' Buffer 'card->dai_link' is…
CVE-2024-46818 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check gpio_id before used as array index [WHY & HOW]…
CVE-2021-46966 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write()…
CVE-2024-46813 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check link_index before accessing dc->links[] [WHY &…
CVE-2021-46984 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: kyber: fix out of bounds access when preempted __blk_mq_sched_bio_merge(…
CVE-2019-19377 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a…
CVE-2020-27786 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl…
CVE-2021-46991 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: i40e: Fix use-after-free in i40e_client_subtask() Currently the call to…
CVE-2021-46998 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ethernet:enic: Fix a use after free bug in enic_hard_start_xmit In…
CVE-2024-26589 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Reject variable offset alu on PTR_TO_FLOW_KEYS For…
CVE-2020-27815 — CVSS 7.8 (high): A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes…
CVE-2021-47012 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/siw: Fix a use after free in siw_alloc_mr Our code analyzer…
CVE-2021-47013 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net:emac/emac-mac: Fix a use after free in emac_mac_tx_buf_send In…
CVE-2019-25162 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after…
CVE-2021-47049 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Drivers: hv: vmbus: Use after free in __vmbus_open() The "open_info"…
CVE-2021-47058 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: regmap: set debugfs_name to NULL after it is freed There is a upstream…
CVE-2021-47061 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: Destroy I/O bus devices on unregister failure _after_ sync'ing…
CVE-2021-47063 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm: bridge/panel: Cleanup connector on bridge detach If we don't call…
CVE-2021-47065 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: rtw88: Fix array overrun in rtw_get_tx_power_params() Using a kernel…
CVE-2021-47068 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/nfc: fix use-after-free llcp_sock_bind/connect Commits 8a4cd82d…
CVE-2024-42271 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is…
CVE-2024-26581 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_set_rbtree: skip end interval element from gc rbtree…
CVE-2021-47082 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tun: avoid double free in tun_free_netdev Avoid double free in…
CVE-2024-41087 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc()…
CVE-2020-29661 — CVSS 7.8 (high): A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free…
CVE-2020-35519 — CVSS 7.8 (high): An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check…
CVE-2021-47118 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pid: take a reference when initializing `cad_pid` During boot…
CVE-2021-47131 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/tls: Fix use-after-free after the TLS device goes down and up When…
CVE-2020-36385 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via…
CVE-2024-41069 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ASoC: topology: Fix references to freed memory Most users after parsing…
CVE-2020-12362 — CVSS 7.8 (high): Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel…
CVE-2024-41011 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amdkfd: don't allow mapping the MMIO HDP page with large pages We…
CVE-2024-39494 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can…
CVE-2020-0432 — CVSS 7.8 (high): In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of…
CVE-2021-0512 — CVSS 7.8 (high): In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This…
CVE-2021-47194 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cfg80211: call cfg80211_stop_ap when switch from P2P_GO type If the…