CVE-2026-22984

In the Linux kernel, the following vulnerability has been resolved: libceph: prevent potential out-of-bounds reads in handleauthdone Perform an explicit bounds check on payloadlen to avoid a possible out-of-bounds access in the callout. idryomov: changelog Mitigation If Ceph not being used, then...

CVE-2024-26610

A memory corruption flaw was found in the Linux kernel Intel Wireless WiFi Next Gen AGN module. This issue could allow a local user to crash the system. Mitigation To mitigate this issue, prevent the iwlwifi module from being loaded. Please see https://access.redhat.com/solutions/41278 for how to...

CVE-2024-0646

An out-of-bounds memory write flaw was found in the Linux kernel’s Transport Layer Security functionality in how a user calls a function splice with a ktls socket as the destination. This flaw allows a local user to crash or potentially escalate their privileges on the system. Mitigation To...

CVE-2023-3609

A double-free flaw was found in u32setparms in net/sched/clsu32.c in the Network Scheduler component in the Linux kernel. This flaw allows a local attacker to use a failure event to mishandle the reference counter, leading to a local privilege escalation threat. Mitigation To mitigate this issue,...

CVE-2023-3090

A flaw was found in the IPVLAN network driver in the Linux kernel. This issue is caused by missing skb-cb initialization in ipoptionsecho and can lead to an out-of-bounds write stack overflow. This may allow a local user to cause a denial of service or potentially achieve local privilege...

CVE-2021-44733

A use-after-free flaw in the Linux kernel TEE Trusted Execution Environment subsystem was found in the way user calls ioctl TEEIOCOPENSESSION or TEEIOCINVOKE. A local user could use this flaw to crash the system or escalate their privileges on the system. If the Linux system non configured with t...

CVE-2021-43975

An out-of-bounds write flaw was found in the Linux kernel’s Aquantia AQtion Ethernet card Atlantic driver in the way the ethernet card provides malicious input to the driver. This flaw allows a local user to emulate the networking device and crash the system. The highest threat from this...

CVE-2021-42739

A heap-based buffer overflow flaw was found in the Linux kernel FireDTV media card driver, where the user calls the CASENDMSG ioctl. This flaw allows a local user of the host machine to crash the system or escalate privileges on the system. The highest threat from this vulnerability is to...

CVE-2021-3896

An improper validation of an array index and out of bounds memory read in the Linux kernel's Integrated Services Digital Network ISDN functionality was found in the way users call ioctl CMTPCONNADD. A local user could use this flaw to crash the system or starve the resources causing denial of...

CVE-2021-30002

A flaw memory leak in the Linux kernel webcam device functionality was found in the way user calls ioctl that triggers videousercopy function. The highest threat from this vulnerability is to system availability. Mitigation To mitigate this issue, prevent the module v4l2-common from being loaded...

CVE-2020-27067

A flaw use-after-free in the Linux kernel l2tp subsystem was found in the way user initialize and use vpn connection over l2tp. A local user could use this flaw to escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as syst...

CVE-2019-15219

A NULL pointer dereference flaw was found in the way the USB2VGA dongles driver in the Linux kernel handled failed initialization. This flaw allows an attacker able to insert USB2VGA dongles into the system to crash the system. Mitigation To mitigate this issue, prevent module sisusbvga from bein...