kernel-source-azure (SUSE:Linux Enterprise Server 12 SP5) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Server 12 SP5 package kernel-source-azure, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (200)
CVE-2021-47548 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: ethernet: hisilicon: hns: hns_dsaf_misc: fix a possible array overflow…
CVE-2019-14897 — CVSS 9.8 (critical): A stack-based buffer overflow was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. An attacker is able to…
CVE-2019-17133 — CVSS 9.8 (critical): In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a…
CVE-2021-47274 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: tracing: Correct the length check which causes memory corruption We've…
CVE-2019-14896 — CVSS 9.8 (critical): A heap-based buffer overflow vulnerability was found in the Linux kernel, version kernel-2.6.32, in Marvell WiFi chip driver. A remote…
CVE-2019-16746 — CVSS 9.8 (critical): An issue was discovered in net/wireless/nl80211.c in the Linux kernel through 5.2.17. It does not check the length of variable elements in…
CVE-2019-14901 — CVSS 9.8 (critical): A heap overflow flaw was found in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver. The…
CVE-2019-18805 — CVSS 9.8 (critical): An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer…
CVE-2021-47378 — CVSS 9.8 (critical): In the Linux kernel, the following vulnerability has been resolved: nvme-rdma: destroy cm id before destroy qp to avoid use after free We…
CVE-2019-14895 — CVSS 9.8 (critical): A heap-based buffer overflow was discovered in the Linux kernel, all versions 3.x.x and 4.x.x before 4.18.0, in Marvell WiFi chip driver…
CVE-2023-52832 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: don't return unset power in ieee80211_get_tx_power() We…
CVE-2021-47354 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: drm/sched: Avoid data corruptions Wait for all dependencies of a job to…
CVE-2024-35960 — CVSS 9.1 (critical): In the Linux kernel, the following vulnerability has been resolved: net/mlx5: Properly link new fs rules into the tree Previously…
CVE-2019-17666 — CVSS 8.8 (high): rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to…
CVE-2024-35955 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: kprobes: Fix possible use-after-free issue on kprobe registration When…
CVE-2020-12351 — CVSS 8.8 (high): Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.
CVE-2020-36158 — CVSS 8.8 (high): mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote…
CVE-2019-14821 — CVSS 8.8 (high): An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements…
CVE-2021-3656 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2020-29569 — CVSS 8.8 (high): An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the…
CVE-2021-4440 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: x86/xen: Drop USERGS_SYSRET64 paravirt call commit…
CVE-2022-0435 — CVSS 8.8 (high): A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content…
CVE-2021-28660 — CVSS 8.8 (high): rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the…
CVE-2021-47324 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free in wdt_startup() This module's…
CVE-2021-47347 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: wl1251: Fix possible buffer overflow in wl1251_cmd_scan Function…
CVE-2021-3653 — CVSS 8.8 (high): A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine…
CVE-2021-47323 — CVSS 8.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: sc520_wdt: Fix possible use-after-free in wdt_turnoff() This…
CVE-2019-10220 — CVSS 8.8 (high): Linux kernel CIFS implementation, version 4.9.0 is vulnerable to a relative paths injection in directory entry lists.
CVE-2021-47456 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: can: peak_pci: peak_pci_remove(): fix UAF When remove the module…
CVE-2022-48754 — CVSS 8.4 (high): In the Linux kernel, the following vulnerability has been resolved: phylib: fix potential use-after-free Commit bafbdd527d56 ("phylib: Add…
CVE-2022-1012 — CVSS 8.2 (high): A memory leak problem was found in the TCP source port generation algorithm in net/ipv4/tcp.c due to the small table perturb size. This…
CVE-2019-19770 — CVSS 8.2 (high): In the Linux kernel 4.19.83, there is a use-after-free (read) in the debugfs_remove function in fs/debugfs/inode.c (which is used to remove…
CVE-2018-20836 — CVSS 8.1 (high): An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in…
CVE-2020-28374 — CVSS 8.1 (high): In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can…
CVE-2019-9506 — CVSS 8.1 (high): The Bluetooth BR/EDR specification up to and including version 5.1 permits sufficiently low encryption key length and does not prevent an…
CVE-2022-42896 — CVSS 8.0 (high): There are use-after-free vulnerabilities in the Linux kernel's net/bluetooth/l2cap_core.c's l2cap_connect and l2cap_le_connect_req…
CVE-2021-4157 — CVSS 8.0 (high): An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring…
CVE-2024-35868 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_write() Skip sessions…
CVE-2024-35867 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_stats_proc_show() Skip sessions…
CVE-2024-35864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_valid_lease_break() Skip…
CVE-2024-35863 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in is_valid_oplock_break() Skip sessions…
CVE-2024-35862 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in smb2_is_network_name_deleted() Skip…
CVE-2024-35791 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: SVM: Flush pages under kvm->lock to fix UAF in…
CVE-2024-35789 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: check/clear fast rx for non-4addr sta VLAN changes When…
CVE-2024-27398 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: Fix use-after-free bugs caused by sco_sock_timeout When the…
CVE-2019-19377 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a…
CVE-2019-19447 — CVSS 7.8 (high): In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a…
CVE-2024-27396 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: gtp: Fix Use-After-Free in gtp_dellink Since call_rcu, which is…
CVE-2024-27075 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: dvb-frontends: avoid stack overflow warnings with clang A…
CVE-2024-27043 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: edia: dvbdev: fix a use-after-free In dvb_register_device…
CVE-2024-27008 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm: nv04: Fix out of bounds access When Output Resource (dcb->or)…
CVE-2024-26996 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: Fix UAF ncm object at re-bind after usb ep…
CVE-2024-26958 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nfs: fix UAF in direct writes In production we have been hitting the…
CVE-2024-26957 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: s390/zcrypt: fix reference counting on zcrypt card objects Tests with…
CVE-2024-26934 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: USB: core: Fix deadlock in usb_deauthorize_interface() Among the…
CVE-2024-26930 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: qla2xxx: Fix double free of the ha->vp_map pointer Coverity scan…
CVE-2024-26928 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential UAF in cifs_debug_files_proc_show() Skip…
CVE-2024-26907 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/mlx5: Fix fortify source warning while accessing Eth segment…
CVE-2024-26898 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: aoe: fix the potential use-after-free problem in aoecmd_cfg_pkts This…
CVE-2024-26884 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix hashtab overflow check on 32-bit arches The hashtab code…
CVE-2024-26883 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bpf: Fix stackmap overflow check on 32-bit arches The stackmap code…
CVE-2024-26852 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/ipv6: avoid possible UAF in ip6_route_mpath_notify() syzbot found…
CVE-2024-26793 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_newlink() The…
CVE-2019-19543 — CVSS 7.8 (high): In the Linux kernel before 5.1.6, there is a use-after-free in serial_ir_init_module() in drivers/media/rc/serial_ir.c.
CVE-2024-26754 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: gtp: fix use-after-free and null-ptr-deref in gtp_genl_dump_pdp() The…
CVE-2024-26739 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: act_mirred: don't override retval if we already lost the skb…
CVE-2024-26704 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ext4: fix double-free of blocks due to wrong extents moved_len In…
CVE-2024-26689 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ceph: prevent use-after-free in encode_cap_msg() In fs/ceph/caps.c, in…
CVE-2024-26625 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: llc: call sock_orphan() at release time syzbot reported an interesting…
CVE-2024-26622 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tomoyo: fix UAF write bug in tomoyo_write_control() Since…
CVE-2023-6932 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's ipv4: igmp component can be exploited to achieve local privilege escalation. A race…
CVE-2023-6931 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Performance Events system component can be exploited to achieve local…
CVE-2023-6040 — CVSS 7.8 (high): An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of…
CVE-2023-5717 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux kernel's Linux Kernel Performance Events (perf) component can be exploited to achieve…
CVE-2023-52885 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix UAF in svc_tcp_listen_data_ready() After the listener…
CVE-2023-52867 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/radeon: possible buffer overflow Buffer 'afmt_status' of size 6…
CVE-2019-25045 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic…
CVE-2024-46859 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: platform/x86: panasonic-laptop: Fix SINF array out of bounds accesses…
CVE-2019-25162 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: i2c: Fix a potential use after free Free the adap structure only after…
CVE-2023-52864 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: platform/x86: wmi: Fix opening of char device Since commit fa1f68db6ca7…
CVE-2023-52835 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: perf/core: Bail out early if the request AUX area is out of bound When…
CVE-2023-52818 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd: Fix UBSAN array-index-out-of-bounds for SMU7 For pptable…
CVE-2023-52796 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlan_route_v6_outbound() helper Inspired by syzbot…
CVE-2023-52764 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: gspca: cpia1: shift-out-of-bounds in set_flicker Syzkaller…
CVE-2023-52757 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix potential deadlock when releasing mids All…
CVE-2023-52752 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: smb: client: fix use-after-free bug in cifs_debug_data_proc_show() Skip…
CVE-2023-52741 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: cifs: Fix use-after-free in rdata->read_into_pages() When the network…
CVE-2020-0430 — CVSS 7.8 (high): In skb_headlen of /include/linux/skbuff.h, there is a possible out of bounds read due to memory corruption. This could lead to local…
CVE-2020-0432 — CVSS 7.8 (high): In skb_to_mamac of networking.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of…
CVE-2020-0433 — CVSS 7.8 (high): In blk_mq_queue_tag_busy_iter of blk-mq-tag.c, there is a possible use after free due to improper locking. This could lead to local…
CVE-2020-0444 — CVSS 7.8 (high): In audit_free_lsm_field of auditfilter.c, there is a possible bad kfree due to a logic error in audit_data_to_entry. This could lead to…
CVE-2023-52691 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/pm: fix a double-free in si_dpm_init When the allocation of…
CVE-2020-0466 — CVSS 7.8 (high): In do_epoll_ctl and ep_loop_check_proc of eventpoll.c, there is a possible use after free due to a logic error. This could lead to local…
CVE-2023-52669 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: s390/aes - Fix buffer overread in CTR mode When processing the…
CVE-2023-52664 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: atlantic: eliminate double free in error handling logic Driver has…
CVE-2023-52614 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: PM / devfreq: Fix buffer overflow in trans_stat_show Fix buffer…
CVE-2023-52612 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size…
CVE-2023-52594 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: ath9k: Fix potential array-index-out-of-bounds read in…
CVE-2023-52591 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: reiserfs: Avoid touching renamed directory if parent does not change…
CVE-2023-52531 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: mvm: Fix a memory corruption issue A few lines above…
CVE-2020-10757 — CVSS 7.8 (high): A flaw was found in the Linux Kernel in versions after 4.5-rc1 in the way mremap handled DAX Huge Pages. This flaw allows a local attacker…
CVE-2023-52530 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: wifi: mac80211: fix potential key use-after-free When…
CVE-2023-52524 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: nfc: llcp: Add lock when modifying device list The device list…
CVE-2023-52515 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/srp: Do not call scsi_done() from srp_abort() After…
CVE-2023-52509 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ravb: Fix use-after-free issue in ravb_tx_timeout_work() The…
CVE-2023-52482 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: x86/srso: Add SRSO mitigation for Hygon processors Add mitigation for…
CVE-2023-52475 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Input: powermate - fix use-after-free in powermate_config_complete…
CVE-2023-52474 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: IB/hfi1: Fix bugs with non-PAGE_SIZE-end multi-iovec user SDMA requests…
CVE-2023-52469 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drivers/amd/pm: fix a use-after-free in kv_parse_power_table When ps…
CVE-2023-52464 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: EDAC/thunderx: Fix possible out-of-bounds string access Enabling…
CVE-2023-52451 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: powerpc/pseries/memhp: Fix access beyond end of drmem array…
CVE-2023-52445 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: pvrusb2: fix use after free on context disconnection Upon module…
CVE-2023-51042 — CVSS 7.8 (high): In the Linux kernel before 6.4.12, amdgpu_cs_wait_all_fences in drivers/gpu/drm/amd/amdgpu/amdgpu_cs.c has a fence use-after-free.
CVE-2020-12653 — CVSS 7.8 (high): An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c…
CVE-2024-46853 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: spi: nxp-fspi: fix the KASAN report out-of-bounds bug Change the memcpy…
CVE-2023-4921 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege escalation…
CVE-2020-12657 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to…
CVE-2023-4623 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: sch_hfsc (HFSC qdisc traffic control) component can be exploited to achieve…
CVE-2023-4622 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The…
CVE-2023-4244 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation…
CVE-2023-40283 — CVSS 7.8 (high): An issue was discovered in l2cap_sock_release in net/bluetooth/l2cap_sock.c in the Linux kernel before 6.4.10. There is a use-after-free…
CVE-2020-13974 — CVSS 7.8 (high): An issue was discovered in the Linux kernel 4.4 through 5.7.1. drivers/tty/vt/keyboard.c has an integer overflow if k_ascii is called…
CVE-2023-3812 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s TUN/TAP device driver functionality in how a user generates a…
CVE-2023-3776 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_fw component can be exploited to achieve local privilege escalation. If…
CVE-2020-14351 — CVSS 7.8 (high): A flaw was found in the Linux kernel. A use-after-free memory flaw was found in the perf subsystem allowing a local attacker with…
CVE-2020-14356 — CVSS 7.8 (high): A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the…
CVE-2020-14381 — CVSS 7.8 (high): A flaw was found in the Linux kernel’s futex implementation. This flaw allows a local attacker to corrupt system memory or escalate their…
CVE-2023-3611 — CVSS 7.8 (high): An out-of-bounds write vulnerability in the Linux kernel's net/sched: sch_qfq component can be exploited to achieve local privilege…
CVE-2023-3609 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux kernel's net/sched: cls_u32 component can be exploited to achieve local privilege escalation…
CVE-2023-35001 — CVSS 7.8 (high): Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in…
CVE-2023-34319 — CVSS 7.8 (high): The fix for XSA-423 added logic to Linux'es netback driver to deal with a frontend splitting a packet in a way such that not all of the…
CVE-2023-31436 — CVSS 7.8 (high): qfq_change_class in net/sched/sch_qfq.c in the Linux kernel before 6.2.13 allows an out-of-bounds write because lmax can exceed…
CVE-2023-3111 — CVSS 7.8 (high): A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw…
CVE-2023-3090 — CVSS 7.8 (high): A heap out-of-bounds write vulnerability in the Linux Kernel ipvlan network driver can be exploited to achieve local privilege escalation…
CVE-2023-28464 — CVSS 7.8 (high): hci_conn_cleanup in net/bluetooth/hci_conn.c in the Linux kernel through 6.2.9 has a use-after-free (observed in hci_conn_hash_flush)…
CVE-2023-23559 — CVSS 7.8 (high): In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
CVE-2024-46759 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: hwmon: (adc128d818) Fix underflows seen when writing limit attributes…
CVE-2023-2176 — CVSS 7.8 (high): A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup…
CVE-2023-2124 — CVSS 7.8 (high): An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure…
CVE-2023-2007 — CVSS 7.8 (high): The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations…
CVE-2023-1829 — CVSS 7.8 (high): A use-after-free vulnerability in the Linux Kernel traffic control index filter (tcindex) can be exploited to achieve local privilege…
CVE-2023-1670 — CVSS 7.8 (high): A flaw use after free in the Linux kernel Xircom 16-bit PCMCIA (PC-card) Ethernet driver was found.A local user could use this flaw to…
CVE-2023-1281 — CVSS 7.8 (high): Use After Free vulnerability in Linux kernel traffic control index filter (tcindex) allows Privilege Escalation. The imperfect hash area…
CVE-2023-1118 — CVSS 7.8 (high): A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A…
CVE-2023-0461 — CVSS 7.8 (high): There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the…
CVE-2021-4037 — CVSS 7.8 (high): A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files…
CVE-2021-46966 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ACPI: custom_method: fix potential use-after-free issue In cm_write()…
CVE-2017-18595 — CVSS 7.8 (high): An issue was discovered in the Linux kernel before 4.14.11. A double free may be caused by the function allocate_trace_buffer in the file…
CVE-2021-46950 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: md/raid1: properly indicate failure when ending a failed write request…
CVE-2021-4197 — CVSS 7.8 (high): An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users…
CVE-2021-46938 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dm rq: fix double free of blk_mq_tag_set in dev remove after table load…
CVE-2021-4439 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: isdn: cpai: check ctr->cnr to avoid array index out of bound The…
CVE-2024-44998 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: atm: idt77252: prevent use after free in dequeue_rx() We can't…
CVE-2019-0155 — CVSS 7.8 (high): Insufficient access control in a subsystem for Intel (R) processor graphics in 6th, 7th, 8th and 9th Generation Intel(R) Core(TM) Processor…
CVE-2024-44987 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: prevent UAF in ip6_send_skb() syzbot reported an UAF in…
CVE-2024-43900 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: media: xc2028: avoid use-after-free in load_firmware_cb() syzkaller…
CVE-2019-14835 — CVSS 7.8 (high): A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue…
CVE-2024-43839 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bna: adjust 'name' buf size of bna_tcb and bna_ccb structures To have…
CVE-2024-42301 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: dev/parport: fix the array out-of-bounds risk Fixed array out-of-bounds…
CVE-2024-42285 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/iwcm: Fix a use-after-free related to destroying CM IDs…
CVE-2024-42284 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: tipc: Return non-zero value from tipc_udp_addr2str() on error…
CVE-2024-42280 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: mISDN: Fix a use after free in hfcmulti_tx() Don't dereference *sp…
CVE-2024-42271 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/iucv: fix use after free in iucv_sock_close() iucv_sever_path() is…
CVE-2024-42148 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bnx2x: Fix multiple UBSAN array-index-out-of-bounds Fix UBSAN warnings…
CVE-2024-42120 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Check pipe offset before setting vblank pipe_ctx has a…
CVE-2024-42119 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Skip finding free audio for unknown engine_id [WHY]…
CVE-2024-41087 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ata: libata-core: Fix double free on error If e.g. the ata_port_alloc()…
CVE-2024-41073 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: nvme: avoid double free special payload If a discard request needs to…
CVE-2024-41070 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: KVM: PPC: Book3S HV: Prevent UAF in kvm_spapr_tce_attach_iommu_group()…
CVE-2024-40901 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: scsi: mpt3sas: Avoid test/set_bit() operating in non-allocated memory…
CVE-2024-39494 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ima: Fix use-after-free on a dentry's dname.name ->d_name.name can…
CVE-2024-38630 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: cpu5wdt.c: Fix use-after-free bug caused by cpu5wdt_trigger…
CVE-2024-38627 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: stm class: Fix a double free in stm_register_device() The…
CVE-2024-38578 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ecryptfs: Fix buffer size for tag 66 packet The 'TAG 66 Packet Format'…
CVE-2024-38552 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/amd/display: Fix potential index out of bounds in color…
CVE-2024-38545 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: RDMA/hns: Fix UAF for cq async event The refcount of CQ is not…
CVE-2024-36940 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: pinctrl: core: delete incorrect free in pinctrl_enable() The "pctldev"…
CVE-2024-36934 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: bna: ensure the copied buf is NUL terminated Currently, we allocate a…
CVE-2024-36880 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: Bluetooth: qca: add missing firmware sanity checks Add the missing…
CVE-2024-36015 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ppdev: Add an error check in register_device In register_device, the…
CVE-2024-35979 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: raid1: fix use-after-free for original bio in raid1_write_request()…
CVE-2024-35949 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: btrfs: make sure that WRITTEN is set on all metadata blocks We…
CVE-2024-35932 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: drm/vc4: don't check if plane->state->fb == state->fb Currently, when…
CVE-2024-35887 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ax25: fix use-after-free bugs caused by ax25_ds_del_timer When the ax25…
CVE-2024-35886 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: ipv6: Fix infinite recursion in fib6_dump_done(). syzkaller reported…
CVE-2021-33909 — CVSS 7.8 (high): fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an…
CVE-2021-47321 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: watchdog: Fix possible use-after-free by calling del_timer_sync() This…
CVE-2021-3444 — CVSS 7.8 (high): The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be…
CVE-2021-47311 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: qcom/emac: fix UAF in emac_remove adpt is netdev private data and…
CVE-2021-3483 — CVSS 7.8 (high): A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading…
CVE-2021-3491 — CVSS 7.8 (high): The io_uring subsystem in the Linux kernel allowed the MAX_RW_COUNT limit to be bypassed in the PROVIDE_BUFFERS operation, which led to…
CVE-2021-47310 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net: ti: fix UAF in tlan_remove_one priv is netdev private data and it…
CVE-2021-47302 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igc: Fix use-after-free error during reset Cleans the next descriptor…
CVE-2021-47301 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: igb: Fix use-after-free error during reset Cleans the next descriptor…
CVE-2021-3612 — CVSS 7.8 (high): An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the…
CVE-2021-47293 — CVSS 7.8 (high): In the Linux kernel, the following vulnerability has been resolved: net/sched: act_skbmod: Skip non-Ethernet packets Currently…