VYPR

Vendor CVEs

Linux

All CVEs

15,999 total · sorted by risk
  • CVE-2022-49295MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nbd: call genl_unregister_family() first in nbd_cleanup() Otherwise there may be race between module removal and the handling of netlink command, which can lead to the oops as shown below: BUG: kernel NULL…

  • CVE-2022-49286MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: tpm: use try_get_ops() in tpm-space.c As part of the series conversion to remove nested TPM operations: https://lore.kernel.org/all/20190205224723.19671-1-jarkko.sakkinen@linux.intel.com/ exposure of the…

  • CVE-2022-49215MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: xsk: Fix race at socket teardown Fix a race in the xsk socket teardown code that can lead to a NULL pointer dereference splat. The current xsk unbind code in xsk_unbind_dev() starts by setting xs->state to…

  • CVE-2022-49201MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ibmvnic: fix race between xmit and reset There is a race between reset and the transmit paths that can lead to ibmvnic_xmit() accessing an scrq after it has been freed in the reset path. It can result in a…

  • CVE-2022-49152MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: XArray: Fix xas_create_range() when multi-order entry present If there is already an entry present that is of order >= XA_CHUNK_SHIFT when we call xas_create_range(), xas_create_range() will misinterpret that…

  • CVE-2022-49149MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call timer start racing with call destruction The rxrpc_call struct has a timer used to handle various timed events relating to a call. This timer can get started from the packet input routines…

  • CVE-2022-49089MedFeb 26, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: IB/rdmavt: add lock to call to rvt_error_qp to prevent a race condition The documentation of the function rvt_error_qp says both r_lock and s_lock need to be held when calling that function. It also asserts…

  • CVE-2025-21701MedFeb 13, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: avoid race between device unregistration and ethnl ops The following trace can be seen if a device is being unregistered while its number of channels are being modified. DEBUG_LOCKS_WARN_ON(lock->magic…

  • CVE-2025-21695MedFeb 12, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: dell-uart-backlight: fix serdev race The dell_uart_bl_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops(). This ordering can…

  • CVE-2025-21688MedFeb 10, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/v3d: Assign job pointer to NULL before signaling the fence In commit e4b5ccd392b9 ("drm/v3d: Ensure job pointer is set to NULL after job completion"), we introduced a change to assign the job pointer to…

  • CVE-2025-21685MedFeb 9, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: platform/x86: lenovo-yoga-tab2-pro-1380-fastcharger: fix serdev race The yt2_1380_fc_serdev_probe() function calls devm_serdev_device_open() before setting the client ops via serdev_device_set_client_ops().…

  • CVE-2024-57934MedJan 21, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fgraph: Add READ_ONCE() when accessing fgraph_array[] In __ftrace_return_to_handler(), a loop iterates over the fgraph_array[] elements, which are fgraph_ops. The loop checks if an element is a fgraph_stub to…

  • CVE-2025-21655MedJan 20, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: io_uring/eventfd: ensure io_eventfd_signal() defers another RCU period io_eventfd_do_signal() is invoked from an RCU callback, but when dropping the reference to the io_ev_fd, it calls io_eventfd_free()…

  • CVE-2024-57913MedJan 19, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_fs: Remove WARN_ON in functionfs_bind This commit addresses an issue related to below kernel panic where panic_on_warn is enabled. It is caused by the unnecessary use of WARN_ON in…

  • CVE-2025-21651MedJan 19, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: hns3: don't auto enable misc vector Currently, there is a time window between misc irq enabled and service task inited. If an interrupte is reported at this time, it will cause warning like below: [ …

  • CVE-2024-56788MedJan 11, 2025
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: ethernet: oa_tc6: fix tx skb race condition between reference pointers There are two skb pointers to manage tx skb's enqueued from n/w stack. waiting_tx_skb pointer points to the tx skb which needs to be…

  • CVE-2024-56729MedDec 29, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: Initialize cfid->tcon before performing network ops Avoid leaking a tcon ref when a lease break races with opening the cached directory. Processing the leak break might take a reference to the tcon in…

  • CVE-2024-56637MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: Hold module reference while requesting a module User space may unload ip_set.ko while it is itself requesting a set type backend module, leading to a kernel crash. The race condition may be…

  • CVE-2024-56576MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: media: i2c: tc358743: Fix crash in the probe error path when using polling If an error occurs in the probe() function, we should remove the polling timer that was alarmed earlier, otherwise the timer is called…

  • CVE-2024-56568MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: iommu/arm-smmu: Defer probe of clients after smmu device bound Null pointer dereference occurs due to a race between smmu driver probe and client driver probe, when of_dma_configure() for client is called…

  • CVE-2024-56552MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/xe/guc_submit: fix race around suspend_pending Currently in some testcases we can trigger: xe 0000:03:00.0: [drm] Assertion `exec_queue_destroyed(q)` failed! .... WARNING: CPU: 18 PID: 2640 at…

  • CVE-2024-56547MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8 n_barrier_cbs=8 nocbs_nthreads=8 nocbs_toggle=100 onoff_interval=60 test_boost=2, will…

  • CVE-2024-56540MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: accel/ivpu: Prevent recovery invocation during probe and resume Refactor IPC send and receive functions to allow correct handling of operations that should not trigger a recovery process. Expose…

  • CVE-2024-53178MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: Don't leak cfid when reconnect races with open_cached_dir open_cached_dir() may either race with the tcon reconnection even before compound_send_recv() or directly trigger a reconnection via…

  • CVE-2024-53176MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: smb: During unmount, ensure all cached dir instances drop their dentry The unmount process (cifs_kill_sb() calling close_all_cached_dirs()) can race with various cached directory operations, which ultimately…

  • CVE-2024-53169MedDec 27, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme-fabrics: fix kernel crash while shutting down controller The nvme keep-alive operation, which executes at a periodic interval, could potentially sneak in while shutting down a fabric controller. This may…

  • CVE-2024-53160MedDec 24, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rcu/kvfree: Fix data-race in __mod_timer / kvfree_call_rcu KCSAN reports a data race when access the krcp->monitor_work.timer.expires variable in the schedule_delayed_monitor_work() function: BUG:…

  • CVE-2024-2201MedDec 19, 2024
    risk 0.31cvss 4.7epss 0.09

    A cross-privilege Spectre v2 vulnerability allows attackers to bypass all deployed mitigations, including the recent Fine(IBT), and to leak arbitrary Linux kernel memory on Intel systems.

  • CVE-2024-53136MedDec 4, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm: revert "mm: shmem: fix data-race in shmem_getattr()" Revert d949d1d14fa2 ("mm: shmem: fix data-race in shmem_getattr()") as suggested by Chuck [1]. It is causing deadlocks when accessing tmpfs over NFS. …

  • CVE-2024-53124MedDec 2, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: fix data-races around sk->sk_forward_alloc Syzkaller reported this warning: ------------[ cut here ]------------ WARNING: CPU: 0 PID: 16 at net/ipv4/af_inet.c:156 inet_sock_destruct+0x1c5/0x1e0 Modules…

  • CVE-2024-53100MedNov 25, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme: tcp: avoid race between queue_lock lock and destroy Commit 76d54bf20cdc ("nvme-tcp: don't access released socket during error recovery") added a mutex_lock() call for the queue->queue_lock in…

  • CVE-2024-53088MedNov 19, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: i40e: fix race condition by adding filter's intermediate sync state Fix a race condition in the i40e driver that leads to MAC/VLAN filters becoming corrupted and leaking. Address the issue that occurs under…

  • CVE-2024-50297MedNov 19, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: xilinx: axienet: Enqueue Tx packets in dql before dmaengine starts Enqueue packets in dql after dma engine starts causes race condition. Tx transfer starts once dma engine is started and may execute dql…

  • CVE-2024-50294MedNov 19, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix missing locking causing hanging calls If a call gets aborted (e.g. because kafs saw a signal) between it being queued for connection and the I/O thread picking up the call, the abort will be…

  • CVE-2024-50277MedNov 19, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: dm: fix a crash if blk_alloc_disk fails If blk_alloc_disk fails, the variable md->disk is set to an error value. cleanup_mapped_device will see that md->disk is non-NULL and it will attempt to access it,…

  • CVE-2024-50260MedNov 9, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: sock_map: fix a NULL pointer dereference in sock_map_link_update_prog() The following race condition could trigger a NULL pointer dereference: sock_map_link_detach(): sock_map_link_update_prog(): …

  • CVE-2024-50220MedNov 9, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fork: do not invoke uffd on fork if error occurs Patch series "fork: do not expose incomplete mm on fork". During fork we may place the virtual memory address space into an inconsistent state before the fork…

  • CVE-2024-50192MedNov 8, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: irqchip/gic-v4: Don't allow a VMOVP on a dying VPE Kunkun Jiang reported that there is a small window of opportunity for userspace to force a change of affinity for a VPE while the VPE has already been…

  • CVE-2024-50183MedNov 8, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: scsi: lpfc: Ensure DA_ID handling completion before deleting an NPIV instance Deleting an NPIV instance requires all fabric ndlps to be released before an NPIV's resources can be torn down. Failure to release…

  • CVE-2024-50174MedNov 8, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: drm/panthor: Fix race when converting group handle to group object XArray provides it's own internal lock which protects the internal array when entries are being simultaneously added and removed. However…

  • CVE-2024-50135MedNov 5, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme-pci: fix race condition between reset and nvme_dev_disable() nvme_dev_disable() modifies the dev->online_queues field, therefore nvme_pci_update_nr_queues() should avoid racing against it, otherwise we…

  • CVE-2024-50082MedOct 29, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: blk-rq-qos: fix crash on rq_qos_wait vs. rq_qos_wake_function race We're seeing crashes from rq_qos_wake_function that look like this: BUG: unable to handle page fault for address: ffffafe180a40084 #PF:…

  • CVE-2022-49003MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: nvme: fix SRCU protection of nvme_ns_head list Walking the nvme_ns_head siblings list is protected by the head's srcu in nvme_ns_head_submit_bio() but not nvme_mpath_revalidate_paths(). Removing namespaces…

  • CVE-2022-48997MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: char: tpm: Protect tpm_pm_suspend with locks Currently tpm transactions are executed unconditionally in tpm_pm_suspend() function, which may lead to races with other tpm accessors in the system. Specifically,…

  • CVE-2022-48989MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: fscache: Fix oops due to race with cookie_lru and use_cookie If a cookie expires from the LRU and the LRU_DISCARD flag is set, but the state machine has not run yet, it's possible another thread can call…

  • CVE-2022-48985MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: mana: Fix race on per-CQ variable napi work_done After calling napi_complete_done(), the NAPIF_STATE_SCHED bit may be cleared, and another CPU can start napi thread and access per-CQ variable,…

  • CVE-2024-50010MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: exec: don't WARN for racy path_noexec check Both i_mode and noexec checks wrapped in WARN_ON stem from an artifact of the previous implementation. They used to legitimately check for the condition, but that…

  • CVE-2024-50006MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: ext4: fix i_data_sem unlock order in ext4_ind_migrate() Fuzzing reports a possible deadlock in jbd2_log_wait_commit. This issue is triggered when an EXT4_IOC_MIGRATE ioctl is set to require synchronous…

  • CVE-2024-49998MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: net: dsa: improve shutdown sequence Alexander Sverdlin presents 2 problems during shutdown with the lan9303 driver. One is specific to lan9303 and the other just happens to reproduce there. The first problem…

  • CVE-2024-49872MedOct 21, 2024
    risk 0.31cvss 4.7epss 0.00

    In the Linux kernel, the following vulnerability has been resolved: mm/gup: fix memfd_pin_folios alloc race panic If memfd_pin_folios tries to create a hugetlb page, but someone else already did, then folio gets the value -EEXIST here: folio = memfd_alloc_folio(memfd,…

Page 204 of 320