Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2023-25012

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-01 Feb, 2023 | 00:00
Updated At-05 May, 2025 | 16:05
Rejected At-
Credits

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:01 Feb, 2023 | 00:00
Updated At:05 May, 2025 | 16:05
Rejected At:
â–¼CVE Numbering Authority (CNA)

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://seclists.org/oss-sec/2023/q1/53
N/A
https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
N/A
http://www.openwall.com/lists/oss-security/2023/02/02/1
mailing-list
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
mailing-list
http://www.openwall.com/lists/oss-security/2023/11/05/1
mailing-list
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
N/A
https://bugzilla.suse.com/show_bug.cgi?id=1207560
N/A
Hyperlink: https://seclists.org/oss-sec/2023/q1/53
Resource: N/A
Hyperlink: https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
Resource: N/A
Hyperlink: http://www.openwall.com/lists/oss-security/2023/02/02/1
Resource:
mailing-list
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Resource:
mailing-list
Hyperlink: http://www.openwall.com/lists/oss-security/2023/11/05/1
Resource:
mailing-list
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
Resource: N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1207560
Resource: N/A
â–¼Authorized Data Publishers (ADP)
1. CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://seclists.org/oss-sec/2023/q1/53
x_transferred
https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
x_transferred
http://www.openwall.com/lists/oss-security/2023/02/02/1
mailing-list
x_transferred
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
mailing-list
x_transferred
http://www.openwall.com/lists/oss-security/2023/11/05/1
mailing-list
x_transferred
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
x_transferred
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
x_transferred
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
x_transferred
https://bugzilla.suse.com/show_bug.cgi?id=1207560
x_transferred
Hyperlink: https://seclists.org/oss-sec/2023/q1/53
Resource:
x_transferred
Hyperlink: https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
Resource:
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2023/02/02/1
Resource:
mailing-list
x_transferred
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Resource:
mailing-list
x_transferred
Hyperlink: http://www.openwall.com/lists/oss-security/2023/11/05/1
Resource:
mailing-list
x_transferred
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
Resource:
x_transferred
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
Resource:
x_transferred
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
Resource:
x_transferred
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1207560
Resource:
x_transferred
2. CISA ADP Vulnrichment
Affected Products
Problem Types
TypeCWE IDDescription
CWECWE-416CWE-416 Use After Free
Type: CWE
CWE ID: CWE-416
Description: CWE-416 Use After Free
Metrics
VersionBase scoreBase severityVector
3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:02 Feb, 2023 | 00:15
Updated At:05 May, 2025 | 16:15

The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Secondary3.14.6MEDIUM
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Secondary
Version: 3.1
Base score: 4.6
Base severity: MEDIUM
Vector:
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
CPE Matches
Linux Kernel Organization, Inc
linux
>>linux_kernel>>Versions up to 6.1.9(inclusive)
cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-416Primarynvd@nist.gov
CWE-416Secondary134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE ID: CWE-416
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-416
Type: Secondary
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://www.openwall.com/lists/oss-security/2023/02/02/1cve@mitre.org
Exploit
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/05/1cve@mitre.org
N/A
https://bugzilla.suse.com/show_bug.cgi?id=1207560cve@mitre.org
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595bcve@mitre.org
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7cve@mitre.org
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2cve@mitre.org
N/A
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlcve@mitre.org
N/A
https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/cve@mitre.org
N/A
https://seclists.org/oss-sec/2023/q1/53cve@mitre.org
Exploit
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/02/02/1af854a3a-2127-422b-91ae-364da2661108
Exploit
Mailing List
Third Party Advisory
http://www.openwall.com/lists/oss-security/2023/11/05/1af854a3a-2127-422b-91ae-364da2661108
N/A
https://bugzilla.suse.com/show_bug.cgi?id=1207560af854a3a-2127-422b-91ae-364da2661108
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595baf854a3a-2127-422b-91ae-364da2661108
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7af854a3a-2127-422b-91ae-364da2661108
N/A
https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2af854a3a-2127-422b-91ae-364da2661108
N/A
https://lists.debian.org/debian-lts-announce/2023/05/msg00005.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/af854a3a-2127-422b-91ae-364da2661108
N/A
https://seclists.org/oss-sec/2023/q1/53af854a3a-2127-422b-91ae-364da2661108
Exploit
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/02/02/1
Source: cve@mitre.org
Resource:
Exploit
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/11/05/1
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1207560
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://seclists.org/oss-sec/2023/q1/53
Source: cve@mitre.org
Resource:
Exploit
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/02/02/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Mailing List
Third Party Advisory
Hyperlink: http://www.openwall.com/lists/oss-security/2023/11/05/1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=1207560
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=27d2a2fd844ec7da70d19fabb482304fd1e0595b
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=76ca8da989c7d97a7f76c75d475fe95a584439d7
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=9fefb6201c4f8dd9f58c581b2a66e5cde2895ea2
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lists.debian.org/debian-lts-announce/2023/05/msg00005.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://lore.kernel.org/all/20230125-hid-unregister-leds-v1-1-9a5192dcef16%40diag.uniroma1.it/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://seclists.org/oss-sec/2023/q1/53
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Exploit
Mailing List
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

1942Records found
CVE-2019-19966
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.14% / 33.51%
||
7 Day CHG~0.00%
Published-25 Dec, 2019 | 03:01
Updated-05 Aug, 2024 | 02:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-debian_linuxlinux_kernelfas\/aff_baseboard_management_controllercloud_backupsolidfire_\&_hci_management_nodee-series_santricity_os_controlleractive_iq_unified_managersteelstore_cloud_integrated_storagehci_baseboard_management_controllerdata_availability_servicessolidfire_baseboard_management_controlleraff_baseboard_management_controllerleapn/a
CWE ID-CWE-416
Use After Free
CVE-2019-19530
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 23.04%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:40
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.2.10, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/class/cdc-acm.c driver, aka CID-c52873e5a1ef.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-debian_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CVE-2019-19524
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 13.00%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:42
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.12, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/input/ff-memless.c driver, aka CID-fa3a5a1880c9.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncDebian GNU/LinuxCanonical Ltd.
Product-ubuntu_linuxdebian_linuxlinux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2019-19523
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.08% / 24.63%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:42
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.7, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/usb/misc/adutux.c driver, aka CID-44efc269db79.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-debian_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CVE-2019-15215
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.70%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:46
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-416
Use After Free
CVE-2019-19526
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.44%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:41
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.9, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/nfc/pn533/usb.c driver, aka CID-6af3aa57a098.

Action-Not Available
Vendor-n/aopenSUSELinux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CVE-2019-19525
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 28.72%
||
7 Day CHG~0.00%
Published-03 Dec, 2019 | 15:41
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel before 5.3.6, there is a use-after-free bug that can be caused by a malicious USB device in the drivers/net/ieee802154/atusb.c driver, aka CID-7fd25e6fc035.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-debian_linuxlinux_kernelleapn/a
CWE ID-CWE-416
Use After Free
CVE-2019-15213
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.17% / 38.44%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:47
Updated-28 May, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, IncopenSUSE
Product-h410c_firmwarelinux_kernelleapsolidfire_baseboard_management_controllerdata_availability_servicessolidfire_\&_hci_management_nodeactive_iq_unified_managerh410cn/a
CWE ID-CWE-416
Use After Free
CVE-2019-15220
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 12.20%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-416
Use After Free
CVE-2019-15211
Matching Score-10
Assigner-MITRE Corporation
ShareView Details
Matching Score-10
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 28.40%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:47
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-416
Use After Free
CVE-2021-47476
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-4.6||MEDIUM
EPSS-0.04% / 11.14%
||
7 Day CHG~0.00%
Published-22 May, 2024 | 08:19
Updated-11 May, 2026 | 13:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
comedi: ni_usb6501: fix NULL-deref in command paths

In the Linux kernel, the following vulnerability has been resolved: comedi: ni_usb6501: fix NULL-deref in command paths The driver uses endpoint-sized USB transfer buffers but had no sanity checks on the sizes. This can lead to zero-size-pointer dereferences or overflowed transfer buffers in ni6501_port_command() and ni6501_counter_command() if a (malicious) device has smaller max-packet sizes than expected (or when doing descriptor fuzz testing). Add the missing sanity checks to probe().

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2021-43976
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 15.14%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 00:00
Updated-04 Aug, 2024 | 04:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Action-Not Available
Vendor-n/aFedora ProjectLinux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-h300eh500scloud_backuph300s_firmwareh410c_firmwarecommunications_cloud_native_core_network_exposure_functionh410sh300scommunications_cloud_native_core_policyh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwarefedorah500s_firmwareh500e_firmwareh700s_firmwarecommunications_cloud_native_core_binding_support_functionh700eh410ch700e_firmwareh700sn/a
CVE-2023-0194
Matching Score-8
Assigner-NVIDIA Corporation
ShareView Details
Matching Score-8
Assigner-NVIDIA Corporation
CVSS Score-2||LOW
EPSS-0.10% / 26.97%
||
7 Day CHG~0.00%
Published-01 Apr, 2023 | 04:53
Updated-13 Feb, 2025 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer driver, where an invalid display configuration may lead to denial of service.

Action-Not Available
Vendor-Linux Kernel Organization, IncMicrosoft CorporationNVIDIA Corporation
Product-windowsvirtual_gpulinux_kernelvGPU software (guest driver - Windows), NVIDIA Cloud Gaming (guest driver - Windows)
CWE ID-CWE-1284
Improper Validation of Specified Quantity in Input
CVE-2021-3718
Matching Score-8
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-8
Assigner-Lenovo Group Ltd.
CVSS Score-4.3||MEDIUM
EPSS-0.03% / 10.79%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 22:05
Updated-03 Aug, 2024 | 17:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A denial of service vulnerability was reported in some ThinkPad models that could cause a system to crash when the Enhanced Biometrics setting is enabled in BIOS.

Action-Not Available
Vendor-Linux Kernel Organization, IncLenovo Group LimitedMicrosoft Corporation
Product-thinkpad_l15_gen_1thinkpad_x380_yogawindows_8.1thinkpad_11e_4th_gen_i7_firmwarethinkpad_11e_4th_gen_celeron_firmwarethinkpad_e490thinkpad_x260_firmwarethinkpad_p53sthinkpad_e590_firmwarewindows_10thinkpad_l15_gen_1_firmwarethinkpad_t490thinkpad_t590thinkpad_11e_3rd_genthinkpad_x390_yogathinkpad_p72_firmwarethinkpad_x12_detachable_gen_1_firmwarethinkpad_l13_yoga_gen_2thinkpad_l590thinkpad_s5_2nd_genthinkpad_l14_gen_1_firmwarethinkpad_p52thinkpad_p43sthinkpad_l390_firmwarethinkpad_l13_yoga_gen_2_firmwarethinkpad_t460thinkpad_l14_firmwarethinkpad_l390_yoga_firmwarethinkpad_13_gen_2thinkpad_s2_yoga_gen_6thinkpad_11e_4th_gen_i7thinkpad_l13_gen_2thinkpad_l380_yoga_firmwarethinkpad_11e_4th_gen_i5thinkpad_e490s_firmwarelinux_kernelthinkpad_s2_gen_6_firmwarethinkpad_11e_4th_gen_i5_firmwarethinkpad_11e_yoga_gen_6thinkpad_yoga_370thinkpad_e490_firmwarethinkpad_t460_firmwarethinkpad_t490_firmwarethinkpad_x390_yoga_firmwarethinkpad_l380_firmwarethinkpad_11e_4th_gen_i3_firmwarethinkpad_l390thinkpad_l380thinkpad_11e_5th_genthinkpad_11e_4th_gen_celeronthinkpad_11e_4th_gen_i3thinkpad_t590_firmwarethinkpad_l14_gen_1thinkpad_l390_yogathinkpad_s2_yoga_gen_6_firmwarethinkpad_l490_firmwarethinkpad_s5_2nd_gen_firmwarethinkpad_11e_5th_gen_firmwarethinkpad_l15_firmwarethinkpad_x12_detachable_gen_1thinkpad_l490thinkpad_l13_firmwarethinkpad_l380_yogathinkpad_l14thinkpad_l13thinkpad_l590_firmwarethinkpad_p43s_firmwarethinkpad_l15thinkpad_e590thinkpad_l13_gen_2_firmwarethinkpad_p72thinkpad_x380_yoga_firmwarethinkpad_s2_gen_6thinkpad_e490sthinkpad_x260thinkpad_11e_3rd_gen_firmwarethinkpad_l13_yogathinkpad_11e_yoga_gen_6_firmwarethinkpad_p53s_firmwarewindows_7thinkpad_p52_firmwarethinkpad_13_gen_2_firmwarethinkpad_l13_yoga_firmwareThinkPad BIOS
CWE ID-CWE-232
Improper Handling of Undefined Values
CVE-2015-7515
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.71% / 72.56%
||
7 Day CHG~0.00%
Published-27 Apr, 2016 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The aiptek_probe function in drivers/input/tablet/aiptek.c in the Linux kernel before 4.4 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) via a crafted USB device that lacks endpoints.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2022-3903
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.42%
||
7 Day CHG~0.00%
Published-14 Nov, 2022 | 00:00
Updated-30 Apr, 2025 | 20:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An incorrect read request flaw was found in the Infrared Transceiver USB driver in the Linux kernel. This issue occurs when a user attaches a malicious USB device. A local user could use this flaw to starve the resources, causing denial of service or potentially crashing the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CVE-2019-19068
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 25.88%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the rtl8xxxu_submit_int_urb() function in drivers/net/wireless/realtek/rtl8xxxu/rtl8xxxu_core.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-a2cdd07488e6.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Red Hat, Inc.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelfedoraenterprise_linuxleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-18809
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.09% / 26.08%
||
7 Day CHG~0.00%
Published-07 Nov, 2019 | 15:29
Updated-05 Aug, 2024 | 02:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A memory leak in the af9005_identify_state() function in drivers/media/usb/dvb-usb/af9005.c in the Linux kernel through 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-2289adbfa559.

Action-Not Available
Vendor-n/aFedora ProjectCanonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelfedoraleapn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2022-25258
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.18% / 39.29%
||
7 Day CHG~0.00%
Published-16 Feb, 2022 | 00:00
Updated-03 Aug, 2024 | 04:36
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10. The USB Gadget subsystem lacks certain validation of interface OS descriptor requests (ones with a large array index and ones associated with NULL function pointer retrieval). Memory corruption might occur.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Fedora ProjectDebian GNU/Linux
Product-debian_linuxlinux_kernelh500sh410s_firmwarefedorah300s_firmwareactive_iq_unified_managerh500s_firmwareh700s_firmwareh410c_firmwareh410sh410ch300sh700sn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-53149
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 7.16%
||
7 Day CHG~0.00%
Published-24 Dec, 2024 | 11:28
Updated-11 May, 2026 | 20:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
usb: typec: ucsi: glink: fix off-by-one in connector_status

In the Linux kernel, the following vulnerability has been resolved: usb: typec: ucsi: glink: fix off-by-one in connector_status UCSI connector's indices start from 1 up to 3, PMIC_GLINK_MAX_PORTS. Correct the condition in the pmic_glink_ucsi_connector_status() callback, fixing Type-C orientation reporting for the third USB-C connector.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-193
Off-by-one Error
CVE-2019-15216
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.05% / 16.11%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:46
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15219
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.11% / 28.27%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2024-49934
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 8.24%
||
7 Day CHG+0.01%
Published-21 Oct, 2024 | 18:01
Updated-11 May, 2026 | 20:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name

In the Linux kernel, the following vulnerability has been resolved: fs/inode: Prevent dump_mapping() accessing invalid dentry.d_name.name It's observed that a crash occurs during hot-remove a memory device, in which user is accessing the hugetlb. See calltrace as following: ------------[ cut here ]------------ WARNING: CPU: 1 PID: 14045 at arch/x86/mm/fault.c:1278 do_user_addr_fault+0x2a0/0x790 Modules linked in: kmem device_dax cxl_mem cxl_pmem cxl_port cxl_pci dax_hmem dax_pmem nd_pmem cxl_acpi nd_btt cxl_core crc32c_intel nvme virtiofs fuse nvme_core nfit libnvdimm dm_multipath scsi_dh_rdac scsi_dh_emc s mirror dm_region_hash dm_log dm_mod CPU: 1 PID: 14045 Comm: daxctl Not tainted 6.10.0-rc2-lizhijian+ #492 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:do_user_addr_fault+0x2a0/0x790 Code: 48 8b 00 a8 04 0f 84 b5 fe ff ff e9 1c ff ff ff 4c 89 e9 4c 89 e2 be 01 00 00 00 bf 02 00 00 00 e8 b5 ef 24 00 e9 42 fe ff ff <0f> 0b 48 83 c4 08 4c 89 ea 48 89 ee 4c 89 e7 5b 5d 41 5c 41 5d 41 RSP: 0000:ffffc90000a575f0 EFLAGS: 00010046 RAX: ffff88800c303600 RBX: 0000000000000000 RCX: 0000000000000000 RDX: 0000000000001000 RSI: ffffffff82504162 RDI: ffffffff824b2c36 RBP: 0000000000000000 R08: 0000000000000000 R09: 0000000000000000 R10: 0000000000000000 R11: 0000000000000000 R12: ffffc90000a57658 R13: 0000000000001000 R14: ffff88800bc2e040 R15: 0000000000000000 FS: 00007f51cb57d880(0000) GS:ffff88807fd00000(0000) knlGS:0000000000000000 CS: 0010 DS: 0000 ES: 0000 CR0: 0000000080050033 CR2: 0000000000001000 CR3: 00000000072e2004 CR4: 00000000001706f0 DR0: 0000000000000000 DR1: 0000000000000000 DR2: 0000000000000000 DR3: 0000000000000000 DR6: 00000000fffe0ff0 DR7: 0000000000000400 Call Trace: <TASK> ? __warn+0x8d/0x190 ? do_user_addr_fault+0x2a0/0x790 ? report_bug+0x1c3/0x1d0 ? handle_bug+0x3c/0x70 ? exc_invalid_op+0x14/0x70 ? asm_exc_invalid_op+0x16/0x20 ? do_user_addr_fault+0x2a0/0x790 ? exc_page_fault+0x31/0x200 exc_page_fault+0x68/0x200 <...snip...> BUG: unable to handle page fault for address: 0000000000001000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI ---[ end trace 0000000000000000 ]--- BUG: unable to handle page fault for address: 0000000000001000 #PF: supervisor read access in kernel mode #PF: error_code(0x0000) - not-present page PGD 800000000ad92067 P4D 800000000ad92067 PUD 7677067 PMD 0 Oops: Oops: 0000 [#1] PREEMPT SMP PTI CPU: 1 PID: 14045 Comm: daxctl Kdump: loaded Tainted: G W 6.10.0-rc2-lizhijian+ #492 Hardware name: QEMU Standard PC (Q35 + ICH9, 2009), BIOS rel-1.16.3-0-ga6ed6b701f0a-prebuilt.qemu.org 04/01/2014 RIP: 0010:dentry_name+0x1f4/0x440 <...snip...> ? dentry_name+0x2fa/0x440 vsnprintf+0x1f3/0x4f0 vprintk_store+0x23a/0x540 vprintk_emit+0x6d/0x330 _printk+0x58/0x80 dump_mapping+0x10b/0x1a0 ? __pfx_free_object_rcu+0x10/0x10 __dump_page+0x26b/0x3e0 ? vprintk_emit+0xe0/0x330 ? _printk+0x58/0x80 ? dump_page+0x17/0x50 dump_page+0x17/0x50 do_migrate_range+0x2f7/0x7f0 ? do_migrate_range+0x42/0x7f0 ? offline_pages+0x2f4/0x8c0 offline_pages+0x60a/0x8c0 memory_subsys_offline+0x9f/0x1c0 ? lockdep_hardirqs_on+0x77/0x100 ? _raw_spin_unlock_irqrestore+0x38/0x60 device_offline+0xe3/0x110 state_store+0x6e/0xc0 kernfs_fop_write_iter+0x143/0x200 vfs_write+0x39f/0x560 ksys_write+0x65/0xf0 do_syscall_64+0x62/0x130 Previously, some sanity check have been done in dump_mapping() before the print facility parsing '%pd' though, it's still possible to run into an invalid dentry.d_name.name. Since dump_mapping() only needs to dump the filename only, retrieve it by itself in a safer way to prevent an unnecessary crash. Note that either retrieving the filename with '%pd' or strncpy_from_kernel_nofault(), the filename could be unreliable.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CVE-2019-15221
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.14% / 34.52%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15212
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 27.90%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:47
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-415
Double Free
CVE-2019-15222
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 6.36%
||
7 Day CHG~0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.openSUSE
Product-linux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15218
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.10% / 26.34%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:46
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.

Action-Not Available
Vendor-n/aopenSUSECanonical Ltd.Linux Kernel Organization, IncNetApp, Inc.Debian GNU/LinuxOracle Corporation
Product-ubuntu_linuxdebian_linuxlinux_kernelsd-wan_edgesolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15217
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 19.55%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:46
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410cleapsolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-15223
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.06% / 18.64%
||
7 Day CHG-0.00%
Published-19 Aug, 2019 | 21:45
Updated-05 Aug, 2024 | 00:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, IncCanonical Ltd.
Product-ubuntu_linuxlinux_kernelsolidfire_\&_hci_management_nodeactive_iq_unified_managerh410c_firmwareh410csolidfire_baseboard_management_controllerdata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-2782
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.47% / 65.09%
||
7 Day CHG~0.00%
Published-27 Apr, 2016 | 17:00
Updated-06 May, 2026 | 22:30
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The treo_attach function in drivers/usb/serial/visor.c in the Linux kernel before 4.5 allows physically proximate attackers to cause a denial of service (NULL pointer dereference and system crash) or possibly have unspecified other impact by inserting a USB device that lacks a (1) bulk-in or (2) interrupt-in endpoint.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncSUSE
Product-linux_enterprise_desktoplinux_enterprise_workstation_extensionlinux_enterprise_real_time_extensionlinux_enterprise_debuginfolinux_enterprise_serverlinux_enterprise_module_for_public_cloudlinux_kernellinux_enterprise_software_development_kitn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-31620
Matching Score-8
Assigner-kernel.org
ShareView Details
Matching Score-8
Assigner-kernel.org
CVSS Score-4.6||MEDIUM
EPSS-0.03% / 8.72%
||
7 Day CHG~0.00%
Published-24 Apr, 2026 | 14:42
Updated-11 May, 2026 | 22:12
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0

In the Linux kernel, the following vulnerability has been resolved: ALSA: usx2y: us144mkii: fix NULL deref on missing interface 0 A malicious USB device with the TASCAM US-144MKII device id can have a configuration containing bInterfaceNumber=1 but no interface 0. USB configuration descriptors are not required to assign interface numbers sequentially, so usb_ifnum_to_if(dev, 0) returns will NULL, which will then be dereferenced directly. Fix this up by checking the return value properly.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2019-19063
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.07% / 22.40%
||
7 Day CHG~0.00%
Published-18 Nov, 2019 | 05:24
Updated-05 Aug, 2024 | 02:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.

Action-Not Available
Vendor-n/aFedora ProjectopenSUSECanonical Ltd.Broadcom Inc.NetApp, Inc.Linux Kernel Organization, IncOracle Corporation
Product-ubuntu_linuxsd-wan_edgefas\/aff_baseboard_management_controllercloud_backupsolidfire_\&_hci_management_nodeactive_iq_unified_managerhci_baseboard_management_controllerleaphci_compute_nodesolidfire_baseboard_management_controlleraff_baseboard_management_controllersteelstore_cloud_integrated_storagelinux_kernelfedorae-series_santricity_os_controllersolidfire\,_enterprise_sds_\&_hci_storage_nodehci_compute_node_firmwaresolidfire_baseboard_management_controller_firmwarebrocade_fabric_operating_system_firmwaredata_availability_servicesn/a
CWE ID-CWE-401
Missing Release of Memory after Effective Lifetime
CVE-2019-19480
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.19% / 40.73%
||
7 Day CHG~0.00%
Published-01 Dec, 2019 | 22:37
Updated-05 Aug, 2024 | 02:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in OpenSC through 0.19.0 and 0.20.x through 0.20.0-rc3. libopensc/pkcs15-prkey.c has an incorrect free operation in sc_pkcs15_decode_prkdf_entry.

Action-Not Available
Vendor-opensc_projectn/aLinux Kernel Organization, Inc
Product-linux_kernelopenscn/a
CWE ID-CWE-672
Operation on a Resource after Expiration or Release
CVE-2019-15098
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.16% / 36.60%
||
7 Day CHG~0.00%
Published-16 Aug, 2019 | 01:15
Updated-05 Aug, 2024 | 00:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

drivers/net/wireless/ath/ath6kl/usb.c in the Linux kernel through 5.2.9 has a NULL pointer dereference via an incomplete address in an endpoint descriptor.

Action-Not Available
Vendor-n/aNetApp, Inc.Canonical Ltd.Linux Kernel Organization, IncopenSUSEDebian GNU/Linux
Product-ubuntu_linuxdebian_linuxlinux_kernelactive_iq_unified_managerleapactive_iq_performance_analytics_serviceselement_softwaredata_availability_servicesn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2023-4010
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 4.92%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 16:22
Updated-18 Feb, 2026 | 17:14
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: usb: hcd: malformed usb descriptor leads to infinite loop in usb_giveback_urb()

A flaw was found in the USB Host Controller Driver framework in the Linux kernel. The usb_giveback_urb function has a logic loophole in its implementation. Due to the inappropriate judgment condition of the goto statement, the function cannot return under the input of a specific malformed descriptor file, so it falls into an endless loop, resulting in a denial of service.

Action-Not Available
Vendor-Linux Kernel Organization, IncRed Hat, Inc.
Product-enterprise_linuxlinux_kernelRed Hat Enterprise Linux 8Red Hat Enterprise Linux 7Red Hat Enterprise Linux 9Red Hat Enterprise Linux 6
CWE ID-CWE-835
Loop with Unreachable Exit Condition ('Infinite Loop')
CVE-2023-37453
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-4.6||MEDIUM
EPSS-0.02% / 6.74%
||
7 Day CHG~0.00%
Published-06 Jul, 2023 | 00:00
Updated-05 May, 2025 | 16:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the USB subsystem in the Linux kernel through 6.4.2. There is an out-of-bounds and crash in read_descriptors in drivers/usb/core/sysfs.c.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2026-9873
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.09% / 24.87%
||
7 Day CHG+0.01%
Published-28 May, 2026 | 22:25
Updated-30 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-1043
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-8.8||HIGH
EPSS-18.51% / 95.39%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 00:00
Updated-02 Aug, 2024 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel’s io_uring implementation. This flaw allows an attacker with a local account to corrupt system memory, crash the system or escalate privileges.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kernelKernel
CWE ID-CWE-416
Use After Free
CVE-2020-12657
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.50%
||
7 Day CHG~0.00%
Published-05 May, 2020 | 06:01
Updated-04 Aug, 2024 | 12:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An issue was discovered in the Linux kernel before 5.6.5. There is a use-after-free in block/bfq-iosched.c related to bfq_idle_slice_timer_body.

Action-Not Available
Vendor-n/aLinux Kernel Organization, Inc
Product-linux_kerneln/a
CWE ID-CWE-416
Use After Free
CVE-2023-4004
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.02% / 4.18%
||
7 Day CHG~0.00%
Published-31 Jul, 2023 | 16:22
Updated-08 Nov, 2025 | 03:13
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Kernel: netfilter: use-after-free due to improper element removal in nft_pipapo_remove()

A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system.

Action-Not Available
Vendor-Debian GNU/LinuxLinux Kernel Organization, IncFedora ProjectRed Hat, Inc.NetApp, Inc.
Product-debian_linuxlinux_kernelh500sfedoraenterprise_linuxh410sh300sh700sRed Hat Enterprise Linux 8.4 Update Services for SAP SolutionsRed Hat Enterprise Linux 8.4 Advanced Mission Critical Update SupportRed Hat Enterprise Linux 9Red Hat Enterprise Linux 8.2 Telecommunications Update ServiceRed Hat Enterprise Linux 6Red Hat Virtualization 4 for Red Hat Enterprise Linux 8Red Hat Enterprise Linux 8.2 Update Services for SAP SolutionsRed Hat Enterprise Linux 9.0 Extended Update SupportRed Hat Enterprise Linux 8.4 Telecommunications Update ServiceRed Hat Enterprise Linux 8Red Hat Enterprise Linux 8.2 Advanced Update SupportRed Hat Enterprise Linux 8.6 Extended Update SupportRed Hat Enterprise Linux 7
CWE ID-CWE-416
Use After Free
CVE-2022-1786
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-1.15% / 78.82%
||
7 Day CHG~0.00%
Published-31 May, 2022 | 18:45
Updated-03 Aug, 2024 | 00:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their privileges on the system.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelh500sh410s_firmwareh700s_firmwareh410c_firmwareh300s_firmwareh500s_firmwareh410sh410ch300sh700skernel
CWE ID-CWE-843
Access of Resource Using Incompatible Type ('Type Confusion')
CWE ID-CWE-416
Use After Free
CVE-2022-1199
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-0.42% / 62.25%
||
7 Day CHG~0.00%
Published-29 Aug, 2022 | 00:00
Updated-23 Apr, 2025 | 17:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A flaw was found in the Linux kernel. This flaw allows an attacker to crash the Linux kernel by simulating amateur radio from the user space, resulting in a null-ptr-deref vulnerability and a use-after-free vulnerability.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Red Hat, Inc.
Product-linux_kernelh500sh410s_firmwareenterprise_linuxactive_iq_unified_managerh300s_firmwareh500s_firmwareh700s_firmwareh410c_firmwareh410sh410ch300sh700sKernel
CWE ID-CWE-416
Use After Free
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2026-9878
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.14% / 33.70%
||
7 Day CHG+0.01%
Published-28 May, 2026 | 22:25
Updated-30 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in ANGLE in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2026-11629
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.07% / 20.99%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-10 Jun, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Ozone in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: Critical)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2022-0972
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.15% / 35.59%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 21:05
Updated-02 Aug, 2024 | 23:47
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Extensions in Google Chrome prior to 99.0.4844.74 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

Action-Not Available
Vendor-Linux Kernel Organization, IncGoogle LLCApple Inc.
Product-chromeandroidmacoslinux_kernelChrome
CWE ID-CWE-416
Use After Free
CVE-2025-22023
Matching Score-6
Assigner-kernel.org
ShareView Details
Matching Score-6
Assigner-kernel.org
CVSS Score-7.8||HIGH
EPSS-0.06% / 19.81%
||
7 Day CHG~0.00%
Published-16 Apr, 2025 | 10:23
Updated-11 May, 2026 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
usb: xhci: Don't skip on Stopped - Length Invalid

In the Linux kernel, the following vulnerability has been resolved: usb: xhci: Don't skip on Stopped - Length Invalid Up until commit d56b0b2ab142 ("usb: xhci: ensure skipped isoc TDs are returned when isoc ring is stopped") in v6.11, the driver didn't skip missed isochronous TDs when handling Stoppend and Stopped - Length Invalid events. Instead, it erroneously cleared the skip flag, which would cause the ring to get stuck, as future events won't match the missed TD which is never removed from the queue until it's cancelled. This buggy logic seems to have been in place substantially unchanged since the 3.x series over 10 years ago, which probably speaks first and foremost about relative rarity of this case in normal usage, but by the spec I see no reason why it shouldn't be possible. After d56b0b2ab142, TDs are immediately skipped when handling those Stopped events. This poses a potential problem in case of Stopped - Length Invalid, which occurs either on completed TDs (likely already given back) or Link and No-Op TRBs. Such event won't be recognized as matching any TD (unless it's the rare Link TRB inside a TD) and will result in skipping all pending TDs, giving them back possibly before they are done, risking isoc data loss and maybe UAF by HW. As a compromise, don't skip and don't clear the skip flag on this kind of event. Then the next event will skip missed TDs. A downside of not handling Stopped - Length Invalid on a Link inside a TD is that if the TD is cancelled, its actual length will not be updated to account for TRBs (silently) completed before the TD was stopped. I had no luck producing this sequence of completion events so there is no compelling demonstration of any resulting disaster. It may be a very rare, obscure condition. The sole motivation for this patch is that if such unlikely event does occur, I'd rather risk reporting a cancelled partially done isoc frame as empty than gamble with UAF. This will be fixed more properly by looking at Stopped event's TRB pointer when making skipping decisions, but such rework is unlikely to be backported to v6.12, which will stay around for a few years.

Action-Not Available
Vendor-Linux Kernel Organization, Inc
Product-linux_kernelLinux
CWE ID-CWE-416
Use After Free
CVE-2022-1679
Matching Score-6
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-6
Assigner-Red Hat, Inc.
CVSS Score-7.8||HIGH
EPSS-0.04% / 14.29%
||
7 Day CHG~0.00%
Published-16 May, 2022 | 00:00
Updated-03 Aug, 2024 | 00:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages. This flaw allows a local user to crash or potentially escalate their privileges on the system.

Action-Not Available
Vendor-n/aLinux Kernel Organization, IncNetApp, Inc.Debian GNU/Linux
Product-h300eh500sh410c_firmwareh300s_firmwareh410sh300sh300e_firmwaredebian_linuxlinux_kernelh500eh410s_firmwareh700s_firmwareh500s_firmwareh500e_firmwareh700eh410ch700e_firmwareh700sKernel
CWE ID-CWE-416
Use After Free
CVE-2026-11664
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.07% / 20.99%
||
7 Day CHG~0.00%
Published-08 Jun, 2026 | 23:27
Updated-10 Jun, 2026 | 03:58
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Payments in Google Chrome prior to 149.0.7827.103 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
CVE-2020-12464
Matching Score-6
Assigner-MITRE Corporation
ShareView Details
Matching Score-6
Assigner-MITRE Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.08% / 22.80%
||
7 Day CHG~0.00%
Published-29 Apr, 2020 | 17:59
Updated-04 Aug, 2024 | 11:56
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

Action-Not Available
Vendor-n/aNetApp, Inc.Linux Kernel Organization, Inc
Product-linux_kernelhci_storage_nodescloud_backupactive_iq_unified_managersolidfire_baseboard_management_controllerhci_baseboard_management_controllersolidfire_\&_hci_storage_nodehci_compute_nodeaff_a700ssteelstore_cloud_integrated_storagen/a
CWE ID-CWE-416
Use After Free
CVE-2026-9992
Matching Score-6
Assigner-Chrome
ShareView Details
Matching Score-6
Assigner-Chrome
CVSS Score-8.8||HIGH
EPSS-0.09% / 24.87%
||
7 Day CHG+0.01%
Published-28 May, 2026 | 22:25
Updated-30 May, 2026 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Use after free in Network in Google Chrome prior to 148.0.7778.216 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page. (Chromium security severity: High)

Action-Not Available
Vendor-Microsoft CorporationLinux Kernel Organization, IncApple Inc.Google LLC
Product-linux_kernelwindowsmacoschromeChrome
CWE ID-CWE-416
Use After Free
  • Previous
  • 1
  • 2
  • 3
  • ...
  • 38
  • 39
  • Next
Details not found