13692 matches found
CVE-2023-52455
Mode C: CVE-2023-52455 relates to the Linux kernel IOMMU handling where a 0-length IOVA region in the iommu-addresses property could lead to IOVA rbtree corruption and display IOMMU mapping failures when framebuffer is absent. The documented fix adds a kernel check to skip IOVA reservation when t...
CVE-2024-53197
CVE-2024-53197 is an Linux kernel vulnerability in the USB audio driver (ALSA usb-audio). A malformed USB device can report a bNumConfigurations value larger than the initial allocation in usb_get_configuration, enabling out-of-bounds accesses later (e.g., during usb_destroy_configuration). The i...
CVE-2024-56681
In CVE-2024-56681, the Linux kernel vulnerability concerns the crypto/bcm driver: the ahash_hmac_init function did not account for errors from the underlying ahash_init, potentially returning OK when the init failed (e.g., -ENOMEM). The issue is fixed by adding an error check to ensure ahash_hmac...
CVE-2024-56645
CVE-2024-56645 affects the Linux kernel CAN j1939 implementation. The fix in j1939_session_new() adds an extra skb_get() for the initial skb to match j1939_session_skb_queue() and prevent skb refcount underflow. Connected advisories (Astra Linux, AlmaLinux errata, etc.) reiterate the same, confir...
CVE-2024-26593
CVE-2024-26593: In the Linux kernel, i2c: i801: Fix block process call transactions. The issue was that the driver did not reset the block buffer index a second time before reading the incoming data, per Intel datasheets, causing reading the wrong portion of the block buffer. The advisory notes t...
CVE-2024-56586
CVE-2024-56586 concerns the Linux kernel f2fs subsystem. The issue arises when uninstalling a filesystem after a sequence that creates large files during a disabled checkpoint period, which can exhaust free segments. This leads to a BUG_ON in f2fs_evict_inode() when the root inode is dirty at unm...
CVE-2023-52464
CVE-2023-52464 affects the Linux kernel EDAC/thunderx driver. The issue is a potential out-of-bounds string access in thunderx_ocx_com_threaded_isr due to repeated use of strncat with an incorrect buffer size, which mimics a strlcat-like pattern but uses the wrong bound. The root cause is the mis...
CVE-2023-52457
CVE-2023-52457 relates to the Linux kernel serial8250/omap path. The issue occurred when remove() returned an error, causing the driver core to log a non-zero removal error and potentially leaking resources if serial8250_unregister_port() was skipped, leaving UART resources around and enabling a ...
CVE-2024-52332
CVE-2024-52332: Linux kernel igb driver fix for potential invalid memory access during module init. When pci_register_driver() can fail, the dca_notifier must be unregistered; otherwise, if igb fails to install, dca_notifier may be invoked and access memory that is no longer valid. The connected ...
CVE-2021-0920
CVE-2021-0920 is confirmed with concrete details in the connected sources: a race condition in unix_scm_to_skb within af_unix.c can trigger a use-after-free, potentially enabling local privilege escalation on the Android kernel. The vulnerability affects the Linux kernel used in Android (via the ...
CVE-2024-57899
CVE-2024-57899 affects the Linux kernel’s wifi/mac80211 code. On 32‑bit systems, the code uses or_each_set_bit(bit, &bits, sizeof(changed) * BITS_PER_BYTE) where an 8‑byte u64 is accessed as a 4‑byte unsigned long, causing incorrect bit searches and potential flag corruption in MBSS changes. The ...
CVE-2024-26597
CVE-2024-26597 affects the Linux kernel, specifically the Qualcomm RMNET netlink policy driver. The vulnerability arises from assigning a larger maxtype to rmnet_link_ops, causing a global out-of-bounds read when parsing netlink attributes. The bug is mapped to the rmnet_policy variable and is fi...
CVE-2024-56372
CVE-2024-56372 affects the Linux kernel net/tun path. The vulnerability stems from tun_napi_alloc_frags() where code paths reuse the first iov component, producing a malformed skb and causing a kernel crash (OOPS) as shown by a syzbot trace in kernel/skbuff.c. The CVSS vector from NVD: Local acce...
CVE-2024-26601
CVE-2024-26601 : Technical details are not publicly available in the provided connected documents. Initial description contains basic context but no affected products/versions, root cause, impact, or fix specifics. Monitor for updates from official advisories.
CVE-2024-26598
CVE-2024-26598 is a Linux kernel vulnerability affecting KVM on arm64 with vgic-its. The issue is a use-after-free risk in the LPI translation cache: vgic_its_check_cache() drops a lock that serializes refcount changes without first elevating the vgic_irq refcount. If a translation cache hit race...
CVE-2025-21654
CVE-2025-21654 : Linux kernel overlayfs file handle encoding vulnerability. The issue arises when encoding a file handle for an overlayfs inode that has had its dentry aliases discarded (drop_caches); a WARN_ON() could be triggered in userspace via inotify_show_fdinfo(). The fix defers alias reso...
CVE-2024-53680
CVE-2024-53680: Linux kernel ipvs: fix for undefined behavior from an uninitialized on-stack 64-byte buffer in ip_vs_protocol_init() that stores protocol names and feeds it to strnlen() under Fortify, risking a boot-time panic or module load oops when ipvs is built-in. The issue stems from leavin...
CVE-2023-52460
The CVE affects the Linux kernel’s DRM/AMD display path. The issue is a NULL pointer dereference in the AMD display driver during hibernate when the source context might not have a clk_mgr, leading to incorrect use of clk_mgr to query DML2 support. The vulnerability has been resolved by the patch...
CVE-2024-26603
CVE-2024-26603 – Linux kernel vulnerability in x86/fpu handling: prior to the fix, faulting XRSTOR could loop if fx_sw->xstate_size (user-controlled) was smaller than required by fx_sw->xfeatures and parts of the sigrame were unmapped. The patch stops relying on userspace for the initial xs...
CVE-2024-57884
Technical details about CVE-2024-57884 are not publicly provided in the supplied documents. Monitor for updates.
CVE-2024-26600
CVE-2024-26600 details (Linux kernel): A NULL pointer dereference in the TI PHY/OMAP USB2 PHY driver could be triggered when an external phy does not implement send_srp(), causing a wakeup path to call a NULL function. The issue manifests during idle Ethernet gadget wakeups and leads to a kernel ...
CVE-2023-52470
CVE-2023-52470: Linux kernel vulnerability fixed in drm/radeon driver. The issue was a potential NULL pointer dereference in radeon_crtc_init() if the alloc_workqueue call failed. The published fix adds a check for the alloc_workqueue return value to avoid dereferencing a NULL pointer. Affected c...
CVE-2024-47794
CVE-2024-47794 (Linux kernel, BPF): A flaw can cause an infinite loop when combining tail calls with freplace, potentially leading to kernel panic. The issue arises if a freplace-extended program is attached to a program in a prog_array map, creating a loop like entry_tc → subprog_tc → entry_frep...
CVE-2023-52469
CVE-2023-52469 : The Linux kernel vulnerability resides in drivers/amd/pm where a use-after-free occurs in kv_parse_power_table. When kzalloc returns NULL, kv_parse_power_table frees adev->pm.dpm.ps and the object is then (incorrectly) used in kv_dpm_fini, causing a use-after-free. This is doc...
CVE-2023-52467
CVE-2023-52467 : Linux kernel vulnerability in mfd: syscon addressing a NULL pointer dereference in of_syscon_register() and a potential NULL return from kasprintf(). Connected advisory evidence (e.g., RHSA-2024:9315) confirms the issue and its fix in kernel code. Impact is localized (LOCAL) with...
CVE-2024-26605
CVE-2024-26605 relates to a Linux kernel issue where a last‑minute revert in 6.7-final could deadlock when enabling ASPM during probe of Qualcomm PCIe controllers. The root cause is a potential recursive locking of pci_bus_sem between a read lock and a write/lock path, leading to a deadlock, evid...
CVE-2024-34027
CVE-2024-34027 corresponds to a Linux kernel/F2FS issue where the f2fs compress path ({reserve,release}_compress_blocks()) could race with checkpoint due to cp_rwsem lock issues, risking corruption of filesystem metadata (blkaddr in dnode, inode fields, and .total_valid_block_count) after SPO. Th...
CVE-2023-52458
CVE-2023-52458 affects the Linux kernel block subsystem where partition length must be aligned to the disk’s logical block size. The issue arises before adding or resizing partitions when length isn’t checked for LBS alignment; if LBS > 512 bytes, the partition size may not be a multiple of LB...
CVE-2023-52473
CVE-2023-52473 – Linux kernel (thermal/core): The vulnerability is a NULL pointer dereference in the thermal zone registration error path. Specifically, if device_register() in thermal_zone_device_register_with_trips() fails, code previously dereferenced a tz pointer. A NULL assignment to tz was ...
CVE-2024-26595
The CVE 2024-26595 affects the Linux kernel mlxsw spectrum ACL TCAM handling. Root cause: NULL pointer dereference in mlxsw_sp_acl_tcam_region_destroy() when region->group->tcam is accessed from an error path after a failed region attachment. Fix implemented: obtain the tcam pointer via mlx...
CVE-2023-52462
CVE-2023-52462 concerns the Linux kernel BPF spill-pointer bug. Technical details in connected docs indicate the vulnerability arises when a register is spilled onto the stack as 1/2/4-byte registers, leading to incorrect checking of spilled slots via slot_type and the need to consult slot_type[7...
CVE-2021-46904
CVE-2021-46904 affects the Linux kernel net: hso subsystem. The issue was a null pointer dereference during tty device unregistration caused by multiple ttys claiming the same minor number. The root cause was that get_free_serial_index() returned an available minor but did not assign it immediate...
CVE-2023-52471
CVE-2023-52471 affects the Linux kernel component ice, involving NULL pointer dereferences in ice_ptp.c and a NULL pointer return risk in devm_kasprintf(). The issue is addressed by a kernel fix (see stable kernel references); exploitation details are not provided in the documents. Remediation is...
CVE-2023-52459
CVE-2023-52459 concerns the Linux kernel, specifically the media: v4l: async path. The vulnerability is caused by a duplicated list deletion: a second list_del() is performed after the list item was already removed, which can lead to list_del corruption (LIST_POISON) when CONFIG_DEBUG_LIST is ena...
CVE-2021-46905
CVE-2021-46905 : Linux kernel vulnerability where a NULL-pointer dereference was introduced in net: hso during tty device unregistration after a minor was released. The issue arose because the serial device table could be accessed post-release of the minor by hso_serial_tty_unregister(), leading ...
CVE-2021-22600
CVE-2021-22600 is a local kernel vulnerability in the Linux packet migration path. A double-free in packet_set_ring() within net/packet/af_packet.c can be exploited by a local user via crafted syscalls, enabling either denial of service or privilege escalation. Connected sources confirm the under...
CVE-2024-26924
CVE-2024-26924 affects the Linux kernel netfilter nft_set_pipapo implementation. The bug occurs in nft_pipapo_remove() where removal can unmap the wrong element when multiple elements share the same key, especially if an existing key’s mapping timed out or is inactive in the next generation. This...
CVE-2023-52454
CVE-2023-52454 affects the Linux kernel nvmet-tcp component; a host data command H2CData with invalid DATAL could crash nvmet_tcp_build_pdu_iovec(), risking a kernel NULL pointer dereference. The fix raises a fatal error when DATAL is not coherent with the packet size and ensures PDU length never...
CVE-2024-26594
CVE-2024-26594 affects the Linux kernel ksmbd component, where invalid mech tokens in session setup are validated and result in an error. The vulnerability is described as a local issue with high impact on confidentiality/availability (per the CVSS data in the initial document). The connected Ast...
CVE-2023-52463
CVE-2023-52463 affects the Linux kernel efivarfs: when SetVariable support is missing at runtime, the code remounts efivarfs RO but fails to validate remount flags, allowing a NULL or improper access leading to a crash. The issue is demonstrated by remounting /sys/firmware/efi/efivars RW and issu...
CVE-2024-26604
CVE-2024-26604 concerns the Linux kernel. The issue arises from reverting the change that removed redundant NULL checks for ktype in kobject handling. The description and connected docs indicate this revert was done because of reported problems, and there is no publicly provided fix or patch deta...
CVE-2023-52472
CVE-2023-52472 : Linux kernel vulnerability in crypto: rsa where a NULL dereference could occur if mpi_alloc() allocation fails. The fix adds a check for allocation failure to satisfy static analyzers; current small allocations are unlikely to fail, but the patch is implemented to prevent NULL de...
CVE-2019-25162
CVE-2019-25162: In the Linux kernel, an information-leak/UAF issue was fixed in the i2c subsystem. The patch fixes a potential use-after-free by ensuring the adap structure is freed only after it is no longer in use; specifically, put_device() is moved down to avoid freeing the adapter too early....
CVE-2023-52468
The CVE-2023-52468 entry describes a Linux kernel use-after-free in class_register. The issue arises because lock_class_key remains registered in lock_keys_hash after subsys_private is freed in an error path, so a task iterating the hash later may trigger a use-after-free. The fix unregisters the...
CVE-2023-52465
CVE-2023-52465 concerns the Linux kernel where the power: supply component fixed a null pointer dereference in smb2_probe. The root cause involved devm_kasprintf and devm_kzalloc potentially returning NULL on allocation failure. The vulnerability is documented with a local attack vector and a hig...
CVE-2024-26596
The CVE-2024-26596 entry concerns the Linux kernel net: dsa subsystem. The issue arises when handling NETDEV_CHANGEUPPER and NETDEV_PRECHANGEUPPER events: code dereferences netdev_priv(dev) unconditionally, but not all net_devices have a priv of type struct dsa_user_priv. This can read memory bey...
CVE-2014-3153
The CVE-2014-3153 issue affects the Linux kernel futex_requeue path (kernel/futex.c) through version 3.14.5. A local unprivileged user can exploit FUTEX_REQUEUE with two identical futex addresses to gain privileges or modify waiter state, causing potential privilege escalation and memory impact. ...
CVE-2022-48626
CVE-2022-48626 affects the Linux kernel moxart MMC host driver. A use-after-free occurs when the mmc host structure is accessed after being freed in moxart_remove(). The fix saves the device’s base register and uses it instead of dereferencing the freed pointer. Connected sources confirm this is ...
CVE-2024-26599
CVE-2024-26599 affects the Linux kernel PWM OF layer: an out-of-bounds access in of_pwm_single_xlate() when args_count == 2, where args[2] is used although only args[0] and args[1] are defined; the flags are in args[1]. The bug is fixed in a kernel patch (commit referenced in sources). Impact is ...
CVE-2024-26606
CVE-2024-26606 affects the Linux kernel binder subsystem. In (e)poll mode, a binder thread that issues a BINDER_WRITE_READ without a read buffer may later rely on epoll_wait to process responses, but if the epoll/wakeup signaling is not triggered for the thread’s own enqueued work, the thread can...