CVE-2024-42142

CVE-2024-42142 affects the Linux kernel mlx5 E-switch ingress ACL handling. The bug creates an ingress ACL only when vport metadata match and prio tag are enabled, but the active-backup lag feature also requires it, risking a panic when dropping rules if the ACL doesn’t exist. The fix creates the...

CVE-2024-43876

CVE-2024-43876 affects the Linux kernel PCIe RCAR driver. The issue concerns demoting the WARN() in rcar_pcie_wakeup() to dev_warn_ratelimited() to reduce backtrace verbosity when a PCIe link issue is detected. The advisory explains a scenario with ASM1062 PCIe/SATA controllers where link state t...

CVE-2024-43886

The connected Astra Linux bulletin confirms CVE-2024-43886 affects the Linux kernel in the DRM/AMD display path, specifically a risk in resource_log_pipe_topology_update within dc_resource.c. The root cause is a potential null pointer dereference when switching from “Extend” to “Second Display On...

CVE-2024-44982

Summary of CVE-2024-44982 (Linux kernel): A bug in drm/msm/dpu cleanup occurs when dpu_format_populate_layout() fails, causing the FB to be prepared but not cleaned up. This leaks the GEM object pin_count and triggers a kernel crash (splat) on DRM file closure. Affected component: DRM/GPU MSM dri...

CVE-2024-46694

CVE-2024-46694 affects the Linux kernel DRM/AMD display path. Root cause: code path dereferenced framebuffer object state->fb->obj[0] without proper null checks. Fix: replace with proper retrieval of the framebuffer object via drm_gem_fb_get_obj() and return an error if the object is NULL (...

CVE-2024-46710

CVE-2024-46710 (Linux kernel): The vulnerability in drm/vmwgfx arises from racing between multiple read buffers in the kms cursor handling, where a buffer unmapped for compare could be re-using contents after an update. The issue is mitigated by introducing a per-path active map count and unmappi...

CVE-2024-46851

The CVE-2024-46851 issue appears in the Linux kernel DRM/AMD display code: a race between dcn10_set_drr() and dc_state_destruct() can occur if dc_state_destruct() nulls the DC state resource context while IRQ processing calls dcn10_set_drr(). The pipe context passed to dcn10_set_drr() is part of ...

CVE-2024-49970

CVE-2024-49970 affects the Linux kernel DRM AMD display path. The issue is a bounds check failure in dcn401_stream_encoder_create for the DCN401 encoder: the stream_enc_regs array, sized for indices 0–3, could be accessed with eng_id = 5, causing a buffer overflow and undefined behavior. The vuln...

CVE-2024-50005

CVE-2024-50005 affects the Linux kernel (mac802154) and is resolved by a fix in mac802154_scan_worker. The vulnerability arose from accessing scan_req->type after exiting the RCU read-side critical section, which can violate RCU rules and cause use-after-free or memory-access issues. The patch...

CVE-2024-50011

CVE-2024-50011 is a Linux kernel vulnerability describing an ASoC: Intel soc-acpi-intel-rpl-match issue where an empty item is required in struct snd_soc_acpi_link_adr[]. The root cause is the absence of a links_num and the test !link->num_adr to end the loop in hda_sdw_machine_select(), which...

CVE-2024-50100

CVE-2024-50100 affects the Linux kernel USB gadget dummy-hcd driver. A change to use hrtimers introduced a mismatch between timer_pending() and hrtimer_active(), causing the URB dequeue path to miss a restarted timer and leading to usb_kill_urb() hangs. The fix adds a dedicated timer_pending flag...

CVE-2024-50174

Technical details about CVE-2024-50174 are not publicly provided in the supplied documents beyond the high-level description. Monitor for updates from vendors.

CVE-2024-56536

Technical details (affected kernel version, exploit vectors, impact, and fixes) are not provided in the connected documents. Monitor for vendor advisories (kernel patches and CVE status) as no public exploit details are present in the supplied sources.

CVE-2024-56541

The CVE-2024-56541 entry concerns the Linux kernel wireless driver ath12k (wifi) where a use-after-free occurs during module removal. Specifically, ath12k_core_deinit() calls ath12k_mac_destroy() which unregisters ah->hw from mac80211 and frees ah->hw and related ar structures; then ath12k_...

CVE-2024-56674

CVE-2024-56674 affects the Linux kernel virtio_net driver. The issue arises from the netdev_tx_reset_queue() invocation timing during virtnet_open/virtnet_close, which can leave TX completions unconsumed and crash on the first NAPI poll under heavy TX. The fix removes netdev_tx_reset_queue() from...

CVE-2024-57881

CVE-2024-57881 : In the Linux kernel, a bug in mm/page_alloc could call pfn_to_page() on a PFN that might not exist during split_large_buddy(). In corner cases, such as freeing the highest pageblock in the last memory section, CONFIG_SPARSEMEM && !CONFIG_SPARSEMEM_EXTREME could cause __pfn_to_sec...

CVE-2024-57952

CVE-2024-57952 affects the Linux kernel through a revert of the libfs offset-dir fix, restoring prior behavior that could hide directory entries when the offset allocator wraps. Public docs in the SUSE/OpenSUSE advisories note this as a fix delivered via kernel updates (openSUSE-SU-2025-20081-1) ...

CVE-2024-58077

CVE-2024-58077 affects the Linux kernel ASoC: soc-pcm path. The root cause is invoking soc_pcm_ret() on the .prepare callback, which previously ignored -EINVAL to avoid user-space DoS via logs. The fix changes behavior to stop using soc_pcm_ret() in the .prepare callback, addressing the invalid-p...

CVE-2025-21733

CVE-2025-21733 is addressed in the OSV entry for ROOT-OS-UBUNTU-2404-CVE-2025-21733, which states that the vulnerability was patched in the rootio-linux package for Root:Ubuntu:24.04. Root has released multiple fixed versions. The description confirms a patched fix rather than active exploitation...

CVE-2025-21850

Public details about CVE-2025-21850 are limited in the provided documents. No explicit affected product versions, exploitation, or fixes are disclosed here; monitor for updates.

CVE-2025-21873

CVE-2025-21873 affects the Linux kernel SCSI/UFS stack, specifically the bsg path. The issue occurs when an ARPMB (arpmb) command fails on devices that do not support ARPMB, leading to a crash due to copying user data in bsg_transport_sg_io_fn(). When ufs_bsg_exec_advanced_rpmb_req() returns an e...

CVE-2025-21923

Summary of CVE-2025-21923 (Linux kernel): The vulnerability affects the HID subsystem, specifically the hid-steam driver. When detaching a hid-steam device, the cleanup of the client_hdev used to intercept hidraw access could be scheduled for deferred work reattachment. The previous cleanup order...

CVE-2025-21947

The CVE-2025-21947 issue affects the Linux kernel ksmbd subsystem and is resolved by a fix for a race condition that can cause type confusion in IPC message handling. Root cause: req->handle is allocated via ksmbd_acquire_id(&ipc_ida) (ida_alloc) and can be reused for ksmbd_ipc_login_request a...

CVE-2025-22017

Technical details about CVE-2025-22017 are not provided in the connected documents. Public information in the initial description is limited to a Linux kernel fix in devlink/xa_alloc_cyclic. Monitor for updates from authoritative advisories.

CVE-2025-22091

In the Linux kernel, RDMA/mlx5: Fix page_size variable overflow has been addressed. The fix changes all variables storing mlx5_umem_mkc_find_best_pgsz() results to unsigned long to support values larger than 31 and prevent overflow. Example impact: registering 4GB of contiguous physical memory co...

CVE-2025-23134

CVE-2025-23134 affects the Linux kernel ALSA timer code. The vulnerability stems from taking mmap_lock while inside a mutex-wrapped copy_from/to_user() via the pattern guard(mutex)(&register_mutex). This can lead to deadlocks when copy_from/to_user() is invoked under the register_mutex, particula...

CVE-2025-37856

CVE-2025-37856: Linux kernel fix for btrfs block_group::bg_list list_del() race conditions. The description and openSUSE advisory indicate this vulnerability could lead to refcount mismanagement on bg_list entries when racing with mark_bg_unused()/bg_to_reclaim in non-writable/transaction-error p...

CVE-2025-37887

CVE-2025-37887 affects the Linux kernel driver path for the PDS core. The vulnerability arises when the FW does not support the PDS_CORE_CMD_FW_CONTROL command, causing the driver to read an uninitialized stack variable fw_list, which leaves fw_list.num_fw_slots with a garbage value and leads to ...

CVE-2025-37935

CVE-2025-37935 affects the Linux kernel MTK ethernet driver (mtk_eth_soc). The issue arises when mtk_poll_rx() sees MTK_RESETTING and jumps to release_desc to refill the SDP high word on 4GB RAM, causing mtk_rx_clean to process an incorrect SDP and trigger a panic. A patch from MediaTek’s SDK fix...

CVE-2025-37960

CVE-2025-37960 affects the Linux kernel memblock memory handling. When memblock_double_array() grows an array and the slab isn’t yet available, memblock_find_in_range() may return a range that hasn’t been accepted, risking a crash during SNP guest boot (illustrated by memcpy_orig stack trace). Th...

CVE-2025-38499

CVE-2025-38499 affects the Linux kernel. The issue arises in clone_private_mnt() where CAP_SYS_ADMIN is checked in the wrong user namespace, potentially allowing a local attacker with low privileges to influence mount handling and affect availability. The referenced advisories show this CVE is tr...

CVE-2006-1864

CVE-2006-1864: Directory traversal in smbfs (Linux kernel 2.6.16 and earlier) lets a local user escape chroot restrictions for an SMB-mounted filesystem via "..\" sequences. Severity: CVSS v2 base 4.6 (Medium); vectors indicate LOCAL access with low complexity and partial confidentiality/integrit...

CVE-2008-0600

CVE-2008-0600 affects the Linux kernel vmsplice_to_pipe flaw present in 2.6.17–2.6.24.1. It allows an unprivileged local user to gain root privileges via crafted vmsplice calls. Several Nessus advisories place this in the context of affected distributions (e.g., MiracleLinux, Oracle Linux/OracleV...

CVE-2009-3286

CVE-2009-3286 affects the Linux kernel 2.6.18 (and possibly other versions) where NFSv4 O_EXCL creates are not properly cleaned up, causing files to be created with insecure settings (e.g., setuid bits) and potentially enabling local privilege escalation. The issue is tied to the do_open_permissi...

CVE-2009-3290

CVE-2009-3290 affects KVM in Linux kernel 2.6.25-rc1 and earlier than 2.6.31 on x86. The kvm_emulate_hypercall implementation fails to restrict MMU hypercalls by CPL, enabling a local guest user to crash the guest kernel and read/write guest memory via unspecified addresses. Root cause: CPL check...

CVE-2010-1084

CVE-2010-1084 affects Linux kernel 2.6.18–2.6.33 (and possibly other versions); vulnerability arises from memory corruption triggered by a large number of Bluetooth sockets, related to sysfs file sizing in net/bluetooth/l2cap.c, net/bluetooth/rfcomm/core.c, net/bluetooth/rfcomm/sock.c, and net/bl...

CVE-2010-3079

CVE-2010-3079 affects the Linux kernel up to version 2.6.35.4, specifically in kernel/trace/ftrace.c when debugfs is enabled. The issue arises from interaction between mutex possession and llseek, causing a NULL pointer dereference and outage of all ftrace-related files, leading to a local DoS. A...

CVE-2010-4347

CVE-2010-4347 affects the Linux kernel’s ACPI subsystem. The vulnerability arises in the debugfs interface (custom_method file) which, due to world-writable 0222 permissions, lets a local user place a custom ACPI method in interpreter tables via acpi_debugfs_init in drivers/acpi/debugfs.c. This c...

CVE-2012-2123

CVE-2012-2123 affects the Linux kernel up to version 3.3.3, where cap_bprm_set_creds in security/commoncap.c mishandles file-system capabilities (fcaps) for implementing a privileged executable. This can let local users bypass personality restrictions via a crafted application, demonstrated by an...

CVE-2012-6545

The CVE-2012-6545 issue affects the Linux kernel Bluetooth RFCOMM implementation. The connected MiracleLinux advisory documents this vulnerability as: before version 3.6, RFCOMM does not properly initialize certain structures, allowing a local attacker to obtain sensitive information from kernel ...

CVE-2013-0349

CVE-2013-0349 affects the Linux kernel’s HIDP path: hidp_setup_hid in net/bluetooth/hidp/core.c fails to copy a certain name field, enabling a local attacker to read sensitive kernel memory by setting an oversized name and issuing HIDPCONNADD. The issue exists in kernel versions before 3.7.6. Mit...

CVE-2013-1860

CVE-2013-1860 is a heap-based buffer overflow in the Linux kernel’s wdm_in_callback (drivers/usb/class/cdc-wdm.c) present in versions prior to 3.8.4. The vulnerability allows physically proximate attackers to crash the system or potentially execute arbitrary code through a crafted cdc-wdm USB dev...

CVE-2013-1943

CVE-2013-1943 affects the KVM subsystem of the Linux kernel prior to 3.0. It arises because memory slots in a guest’s physical address space may be allocated without validating kernel addresses, enabling local users to gain privileges or read kernel memory. Affected components: arch/x86/kvm/pagin...

CVE-2014-0155

The CVE-2014-0155 entry concerns the Linux kernel up to 3.14.1, where the ioapic_deliver function in virt/kvm/ioapic.c does not properly validate the return value of kvm_irq_delivery_to_apic. This can allow a guest OS user to trigger a host OS denial of service (host crash) via a crafted entry in...

CVE-2016-2065

The CVE-2016-2065 entry concerns the MSM QDSP6 audio driver (sound/soc/msm/qdsp6v2/msm-audio-effects-q6-v2.c) in the Linux kernel 3.x, used in Qualcomm Innovation Center (QuIC) Android contributions for MSM devices. The flaw arises from incorrect use of a parameters pointer when handling an ioctl...

CVE-2017-18202

The CVE-2017-18202 issue affects the Linux kernel prior to 4.14.4, where __oom_reap_task_mm in mm/oom_kill.c mishandles gather operations. This can enable a local attacker to cause a denial of service via a TLB entry leak or use-after-free, potentially with other unspecified impacts by triggering...

CVE-2018-12931

CVE-2018-12931 affects the Linux kernel ntfs.ko (ntfs_attr_find) in kernel 4.15.0, enabling a stack-based out-of-bounds write that can cause a denial of service (kernel oops/panic) or other unspecified impact via a crafted NTFS filesystem. The vulnerability is confirmed in multiple advisories (e....

CVE-2021-47104

The CVE-2021-47104 entry concerns the Linux kernel IB/qib component, specifically a memory leak in qib_user_sdma_queue_pkts(). The root cause is an incorrect goto label used in the error path, which caused cleanup of allocated pkt structures to be skipped, leading to a resource leak. The connecte...

CVE-2021-47108

Linux kernel vulnerability CVE-2021-47108 affects Mediatek HDMI support (drm/mediatek) where MT8173 can crash due to a NULL mtk_hdmi_conf dereference when a HDMI cable is plugged in. The issue was addressed by adding a NULL pointer check in mtk_hdmi_bridge_mode_valid() (commit 41ca9caaae0b) and p...

CVE-2021-47136

CVE-2021-47136 (Linux kernel) arises from not zero‑initializing the TC_SKB_EXT skb extension on allocation, causing use of uninitialized memory when the extension gained new fields. The UBSAN log shows invalid loads in openvswitch flow key extraction paths (ovs_flow_key_extract.cold, ovs_vport_re...