CVE-2024-53062

Technical details for CVE-2024-53062 are not provided in the supplied documents. Monitor official advisories for patches and affected products; no root-cause, impact, or remediation details are available here.

CVE-2024-53167

CVE-2024-53167 (Linux kernel) relates to an unregister path in NFS/pNFS block layout where unmounting a pNFS SCSI layout-enabled NFS could dereference a NULL block_device if no device could be attached to pnfs_block_dev. The root cause is a premature dereference during unregistration after the nf...

CVE-2024-56617

CVE-2024-56617 affects the Linux kernel cacheinfo handling during CPU hotplug. The root cause is potential NULL dereference in last_level_cache_is_valid when cacheinfo memory was not allocated (x86 does not use early build); a patch sequence allocates cacheinfo memory during hotplug when not done...

CVE-2024-56661

CVE-2024-56661 : Linux kernel TIPc vulnerability causing a NULL pointer dereference in cleanup_bearer(), traced to a use-after-free like condition where ub->ubsock->sk could be NULL after a blamed commit, leading to an atomic_dec on tipc_net(sock_net(ub->ubsock->sk))->wq_count. The...

CVE-2024-58070

Technical details for CVE-2024-58070 are not present in the provided connected documents. The initial description mentions the fix in PREEMPT_RT for bpf_local_storage, but no concrete product/version/root-cause/exploit details are supplied. Monitor for updates.

CVE-2025-21720

CVE-2025-21720 affects the Linux kernel XFRM/IPsec offload path. When IP forwarding is enabled, a secpath entry added for hardware offload isn’t removed after policy checks, causing re-entry into the TX path with xfrm_offload set and a NULL pointer dereference in mlx5 core driver during packet pr...

CVE-2025-21829

CVE-2025-21829 concerns the Linux kernel RDMA/rxe driver: when many RDMA resources are allocated, rxe may fail to release resources due to an underpowered timeout in its cleanup path. The fix is to increase the timeout for rxe cleanup, with patches described in referenced kernel commits that adju...

CVE-2025-22065

CVE-2025-22065 : Linux kernel idpf SR-IOV path could double-remove a VF during reboot, causing a NULL pointer dereference when the adapter is NULL on the first idpf_remove() call. Fixes replace idpf_remove() in idpf_shutdown() with idpf_vc_core_deinit() and idpf_deinit_dflt_mbx(), moving cleanup ...

CVE-2025-22093

Summary (CVE-2025-22093) The Linux kernel DRM for AMD displays had a NULL pointer dereference risk when DMUB is unsupported on the ASIC. Specifically, ctx->dmub_srv could be NULL (tested in dm_dmub_sw_init) but was dereferenced in dmub_hw_lock_mgr_cmd if should_use_dmub_lock returned true. The...

CVE-2025-22108

CVE-2025-22108 affects the Linux kernel bnxt_en TX path. The issue stems from an out-of-range masking of the bd_cnt field in the TX BD, which uses 5 bits and can represent values up to 32 with 0 as a special value. If CONFIG_MAX_SKB_FRAGS is increased such that the total SKB fragments approach or...

CVE-2025-22109

The CVE-2025-22109 issue concerns the Linux kernel AX25 autobind feature. The root cause is memory leaks in ax25_connect() and refcount leaks in ax25_release() when autobind is used to bind AX25 sockets, due to refcounts not being incremented as done in ax25_bind() and ax25_setsockopt(SO_BINDTODE...

CVE-2025-37790

CVE-2025-37790 affects the Linux kernel in the net: mctp path, specifically the logic for binding lookups under RCU. The issue arises because a bind lookup can happen while a socket is potentially removed, raising a risk during RCU-protected operations if the socket disappears mid-lookup. The CVE...

CVE-2025-37892

In CVE-2025-37892, the Linux kernel mtd/inftlcore had a missing error check for inftl_read_oob() in INFTL_findwriteunit(); the return value must be validated, with reference logic located in INFTL_deleteblock() to set the status to SECTOR_IGNORE and break the loop when inftl_read_oob() fails. Con...

CVE-2005-0750

CVE-2005-0750 affects the Bluetooth driver in the Linux kernel (2.4.6–2.4.30-rc1 and 2.6–2.6.11.5). The bluez_sock_create function fails to validate a negative protocol value, allowing a local user to gain privileges via a crafted socket or socketpair call. Public details appear in multiple advis...

CVE-2008-1669

Summary: CVE-2008-1669 affects the Linux kernel and arises from inadequate protection for fcntl in 2.6.x kernels prior to 2.6.25.2. The issue enables local users to (1) execute code in parallel and (2) trigger a race that can give re-ordered access to the descriptor table. Evidence in connected a...

CVE-2008-4307

CVE-2008-4307 is a Linux kernel local-denial-of-service issue caused by a race in do_setlk (fs/nfs/file.c) where improper handling of a race between fcntl and close in the EINTR path can crash the kernel and leave a stray FL_POSIX lock. Affected product: Linux kernel versions before 2.6.26. The v...

CVE-2010-4242

CVE-2010-4242 affects the Linux kernel 2.6.36 (and possibly other versions). The vulnerability is in the HCI UART driver, specifically the hci_uart_tty_open function in drivers/bluetooth/hci_ldisc.c, which does not verify if the tty has a write operation. This can allow a local user to cause a de...

CVE-2011-0726

The CVE-2011-0726 entry is supported by connected advisories describing a Linux kernel vulnerability in do_task_stat (fs/proc/array.c) present in kernels before 2.6.39-rc1. The flaw allows local users to defeat ASLR by reading start_code/end_code from /proc/[pid]/stat for PIE processes, implying ...

CVE-2011-2484

CVE-2011-2484 affects the Linux kernel, specifically code paths in kernel/taskstats.c. In kernels 2.6.39.1 and earlier, add_del_listener does not prevent multiple registrations of exit handlers, enabling a local attacker to cause denial of service through memory/CPU exhaustion and potentially byp...

CVE-2012-0207

CVE-2012-0207 affects the Linux kernel before 3.2.1, where igmp_heard_query in net/ipv4/igmp.c can be triggered by IGMP packets to cause a divide-by-zero leading to a kernel panic (DoS). The vulnerability is addressed in Linux 3.2.1 (as per ChangeLog-3.2.1). Connected advisories/Nessus entries re...

CVE-2012-3375

CVE-2012-3375—Linux kernel epoll_ctl DoS Affected: Linux kernel before 3.2.24 (fs/eventpoll.c).Cause: EPOLL_CTL_ADD mishandles ELOOP errors, due to an incorrect fix for CVE-2011-1083.Impact: Local users can trigger a denial of service via a crafted application that creates circular epoll dependen...

CVE-2014-7825

CVE-2014-7825 affects the Linux kernel up to 3.17.2, specifically the file kernel/trace/trace_syscalls.c. The vulnerability arises from improper handling of private syscall numbers when using the perf subsystem, enabling a local attacker to trigger an out-of-bounds read and OOPS, and potentially ...

CVE-2017-18224

CVE-2017-18224 : The Linux kernel before 4.15 contains a race condition in the ocfs2 extent-tree path. Specifically, in fs/ocfs2/aops.c, a semaphore is omitted during read operations in DIRECT mode, enabling a local attacker to trigger a denial of service by modifying the e_cpos field. The connec...

CVE-2018-7273

CVE-2018-7273 affects the Linux kernel floppy driver. The show_floppy path in drivers/block/floppy.c prints kernel addresses via printk, enabling local attackers to read addresses from dmesg and locate kernel code/data, potentially bypassing KASLR. The vulnerability is described for Linux kernels...

CVE-2021-46982

CVE-2021-46982 relates to the Linux kernel’s f2fs compress path. A race between truncate and overwrite can leave a reference on a page, causing find_lock_page to return NULL after truncation. Root cause involves prepare_compress_overwrite, f2fs_pagecache_get_page, and subsequent truncate_setsize/...

CVE-2021-47238

CVE-2021-47238 involves a memory-leak in the Linux kernel IPv4 multicast path (ip_mc_add1_src) that occurs when manipulating IGMP source lists. The root cause is a leak in ip_mc_add1_src/ip_mc_add_src handling of in_dev->mc_list->sources, described in the advisory. The linked commits and di...

CVE-2021-47347

CVE-2021-47347 affects the Linux kernel component related to the wl1251 driver. The vulnerability arises from a buffer overflow in wl1251_cmd_scan where memcpy is invoked without validating the input length. The issue is fixed by adding a length check to ensure the copied data stays within the ma...

CVE-2021-47534

The CVE-2021-47534 entry concerns a Linux kernel DRM/VC4 KMS issue: a refcounting bug in the global HVS state caused leakage of drm_crtc_commit structures on every commit. The fix introduces drm_crtc_commit_put to prevent leakage, implemented in the patch chain around commit 9ec03d7f1ed3. Affecte...

CVE-2021-47633

CVE-2021-47633 is described in connected documents as a Linux kernel flaw in the ath5k driver where, during EEPROM parsing (ath5k_eeprom_read_pcal_info_5111), an out-of-bounds write could occur when no curve is selected in a loop, allowing idx to reach AR5K_EEPROM_N_PD_CURVES and causing pd to be...

CVE-2022-3544

CVE-2022-3544 describes a memory leak in the Linux kernel within Netfilter, specifically the damon_sysfs_add_target function in mm/damon/sysfs.c. The issue is triggered through manipulation of target handling and is described as a vulnerability in the kernel’s Netfilter component. The initial des...

CVE-2022-48636

CVE-2022-48636 (Linux kernel, s390/dasd) : A race condition in dasd_alias_get_start_dev can occur when pavgroup is NULL due to a window where lcu->lock is not held. The pavgroup pointer is checked on entry but the lock is not held, allowing _lcu_update() to NULL‑out pavgroup concurrently. The ...

CVE-2022-48796

CVE-2022-48796 relates to the Linux kernel iommu path where use-after-free can occur during device probe. The issue arises when freeing dev->iommu in dev_iommu_free while a deferred_probe_work_func accesses dev->iommu->fwspec in of_iommu_configure, leading to a KASAN use-after-free. The ...

CVE-2022-48816

CVE-2022-48816 affects the Linux kernel SUNRPC subsystem. The issue is a race where a ->sock can be set to NULL asynchronously during a sysfs read unless the recv_mutex is held, potentially triggering an oops. A patch attempt in commit 17f09d3f619a aimed to check xprt connectivity before handl...

CVE-2022-48982

CVE-2022-48982 affects the Linux kernel Bluetooth subsystem, specifically CSR fake controllers. The issue arises when a CSR 5.0 clone causes the suspend notifier to be registered twice, which can lead to a kernel panic during Bluetooth device probing (btusb/hci stack). The connected advisories an...

CVE-2022-49277

CVE-2022-49277 relates to a memory leak in the JFFS2 code path of the Linux kernel during jffs2_do_mount_fs. The issue arises when jffs2_build_filesystem() returns an error, leading to unfreed resources reported by kmemleak (kmem_cache_alloc_trace and __kmalloc paths). The advisory states the lea...

CVE-2022-49301

CVE-2022-49301 : In the Linux kernel, the staging rtl8712 USB driver has a bug where, if r8712_usbctrl_vendorreq() returns a negative value, data in usb_read8/16/32 is not initialized, triggering KMSAN uninitialized-value reports. Connected advisories reference fixes in the kernel (e.g., commits ...

CVE-2022-49375

The CVE-2022-49375 entry concerns the Linux kernel rtc: mt6397 driver. The described vulnerability is a potential null-pointer dereference when platform_get_resource() returns NULL, caused by not checking the return value. The connected documentation states the fix is to check the return value of...

CVE-2022-49408

CVE-2022-49408 involves a memory-leak in ext4 when parsing on-disk mount options in the Linux kernel. The root cause is memory allocated in ext4_fs_context not being freed if option processing fails; the fix replaces direct kfree() with ext4_fc_free(). Practical impact is a leak during mounting w...

CVE-2022-49564

CVE-2022-49564 : Linux kernel crypto qat flaw where DH parameter handling could underflow. The fix rejects requests when the source buffer is larger than the key, preventing an underflow when copying the source scatterlist into a linear buffer. Documents/refs show the fix being incorporated in ke...

CVE-2022-49795

The CVE-2022-49795 entry pertains to the Linux kernel: in rethook_alloc(), the local variable rh could be leaked if handler is NULL, causing a potential memory leak. The issue is described as a memleak in rethook_alloc(), which is resolved by the fix. Connected documents (e.g., SUSE OSV entries a...

CVE-2023-33250

CVE-2023-33250 affects the Linux kernel 6.3, with a use-after-free in the iommufd IO page table path: iopt_unmap_iova_range (drivers/iommu/iommufd/io_pagetable.c). The root cause is use-after-free, leading to a potential availability impact. The NVD/CVE entry lists a MEDIUM base score (4.4) via C...

CVE-2023-53064

Summary (CVE-2023-53064) : In the Linux kernel, the iavf driver could hang during reboot when E810 VF devices were present and ice is used. Root cause: iavf_remove() may be invoked while the adapter state is already __IAVF_REMOVE, causing the reboot/shutdown path to sleep indefinitely. The fix re...

CVE-2023-53097

CVE-2023-53097: In the Linux kernel powerpc IOMMU path, a memory leak occurs when using debugfs_lookup() because the result isn’t dput()-ed; the fix uses debugfs_lookup_and_remove() to handle the lookup and release in one step. The vulnerability is described as local, with potential high impact t...

CVE-2023-53134

CVE-2023-53134 is a Linux kernel issue affecting the bnxt_en driver where 4K-page systems could experience memory-allocation failure when tracking concurrent TPA (GRO/LRO) completions on 4K pages (up to 256 on P5). The root cause was an order-5 allocation for TPA data. The patch changes allocatio...

CVE-2024-26790

The CVE-2024-26790 issue affects the Linux kernel, specifically the dmaengine: fsl-qdma path. It describes a vulnerability where 16-byte unaligned read transactions by QDMA on ls1028a-based SoCs can stall the Network On-Chip (NOC) and trigger PCIe controller timeouts, potentially causing a deadlo...

CVE-2024-27412

Technical details about CVE-2024-27412 (affected product, root cause, impact, fix) are not provided in the connected documents; public details are limited to the CVE description in the initial document.

CVE-2024-35940

CVE-2024-35940 affects the Linux kernel. The vulnerability stems from pstore/zone: missing NULL pointer check in psz_kmsg_read after kasprintf() can return NULL on allocation failure. The impact is a potential NULL pointer dereference in kernel code paths involving kasprintf results, with publicl...

CVE-2024-36925

CVE-2024-36925 affects the Linux kernel SWIOTLB path. When CONFIG_DMA_RESTRICTED_POOL=y and CONFIG_SWIOTLB_DYNAMIC=y, initialising restricted pool memory could crash due to a NULL mem->pools during add_mem_pool() in rmem_swiotlb_device_init(). The crash arises from a NULL pointer dereference i...

CVE-2024-38577

CVE-2024-38577 affects the Linux kernel (rcu-tasks: show_rcu_tasks_trace_gp_kthread). The issue is a potential buffer overflow when counters passed to sprintf() are unrealistically large; the fix replaces sprintf() with snprintf() using a bounded buffer. Patches are incorporated in various adviso...

CVE-2024-38664

CVE-2024-38664 affects the Linux kernel driver path for ZynqMP DP: the drm/zy nqmp bridge initialization could trigger a lockdep warning due to zynqmp_dp_hpd_work_func calling drm_bridge_hpd_notify before the hpd_mutex is initialized. The fix ensures the DRM bridge is always registered prior to z...