44 matches found
CVE-2025-37982 wifi: wl1251: fix memory leak in wl1251_tx_work
In the Linux kernel, the following vulnerability has been resolved: wifi: wl1251: fix memory leak in wl1251txwork The skb dequeued from txqueue is lost when wl1251pselpwakeup fails with a -ETIMEDOUT error. Fix that by queueing the skb back to txqueue...
CVE-2022-49814
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
UBUNTU-CVE-2022-49814
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
CVE-2022-49814 kcm: close race conditions on sk_receive_queue
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
CVE-2022-49814 kcm: close race conditions on sk_receive_queue
In the Linux kernel, the following vulnerability has been resolved: kcm: close race conditions on skreceivequeue sk-skreceivequeue is protected by skb queue lock, but for KCM sockets its RX path takes mux-rxlock to protect more than just skb queue. However, kcmrecvmsg still only grabs the skb que...
CVE-2022-49814
CVE-2022-49814 concerns a race condition in the Linux kernel KCM RX path. The issue arises because sk_receive_queue is protected by the skb queue lock, but KCM sockets’ RX path uses mux->rx_lock to protect more than just the skb queue, while kcm_recvmsg() continued to only grab the skb queue l...
PT-2025-18531 · Linux +1 · Linux Kernel +1
Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A race condition issue has been resolved in the Linux kernel related to KCM sockets. The sk-sk receive queue is protected by the skb queue lock, but for KCM sockets, the RX path takes...
UBUNTU-CVE-2025-22050
In the Linux kernel, the following vulnerability has been resolved: usbnet:fix NPE during rxcomplete Missing usbnetgoingaway Check in Critical Path. The usbsubmiturb function lacks a usbnetgoingaway validation, whereas usbnetqueueskb includes this check. This inconsistency creates a race conditio...
CVE-2024-56645
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
CVE-2024-56593
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...
DEBIAN-CVE-2024-56593
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...
UBUNTU-CVE-2024-56593
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...
CVE-2024-56645 can: j1939: j1939_session_new(): fix skb reference counting
In the Linux kernel, the following vulnerability has been resolved: can: j1939: j1939sessionnew: fix skb reference counting Since j1939sessionskbqueue does an extra skbget for each new skb, do the same for the initial one in j1939sessionnew to avoid refcount underflow. mkl: clean up commit messag...
CVE-2024-56593 wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmf_sdiod_sglist_rw()
In the Linux kernel, the following vulnerability has been resolved: wifi: brcmfmac: Fix oops due to NULL pointer dereference in brcmfsdiodsglistrw This patch fixes a NULL pointer dereference bug in brcmfmac that occurs when a high 'sdsgentryalign' value applies e.g. 512 and a lot of queued SKBs a...
CVE-2024-56593
CVE-2024-56593 – Linux kernel (brcmfmac wifi driver) Root cause: NULL pointer dereference in brcmf_sdiod_sglist_rw() when a high sd_sgentry_align value (e.g., 512) and a large number of queued SKBs cause the pre-allocated sgtable to run out of entries. The calculation uses nents = max(rxglom_size...
PT-2024-36900
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.6.74 Description A NULL pointer dereference bug in the brcmfmac module occurs when a high 'sd sgentry align' value applies and a lot of queued SKBs are sent from the pkt queue. The problem is the number of...
SUSE CVE-2024-36962
In the Linux kernel, the following vulnerability has been resolved: net: ks8851: Queue RX packets in IRQ handler instead of disabling BHs Currently the driver uses localbhdisable/localbhenable in its IRQ handler to avoid triggering netrxaction softirq on exit from netifrx. The netrxaction could...
CVE-2021-47232
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue, without incrementing the ref count. This leads to...
CVE-2021-47232
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue, without incrementing the ref count. This leads to...
CVE-2021-47232
In the Linux kernel, the following vulnerability has been resolved: can: j1939: fix Use-after-Free, hold skb ref while in use This patch fixes a Use-after-Free found by the syzbot. The problem is that a skb is taken from the per-session skb queue, without incrementing the ref count. This leads to...