CVE-2008-1375

CVE-2008-1375 describes a race condition in the Linux kernel’s directory notification subsystem (dnotify). It affects Linux kernel 2.6.x before 2.6.24.6, and 2.6.25 before 2.6.25.1. Successful exploitation could allow local users to cause a denial of service (OOPS) and possibly gain privileges vi...

CVE-2024-50214

Technical details for CVE-2024-50214 are not public in the provided documents. Monitor for updates.

CVE-2024-53211

CVE-2024-53211 : In the Linux kernel, the l2tp_exit_net path could observe a non-empty IDR due to a radix-tree internal-node condition when idr_is_empty() was used. The bug allowed idr_is_empty() to return false despite no items, triggering a warning and potentially unsafe destruction sequence. T...

CVE-2024-55641

Technical details for CVE-2024-55641 (Linux kernel XFS inode unlock on error in xfs_trans_alloc_dir) are not present in the provided connected documents. Monitor for updates; the initial description notes the issue and patch, but no vendor/product/version specifics are provided here.

CVE-2024-56714

Technical details for CVE-2024-56714 are not publicly available in the provided documents. No explicit affected products, root cause, or remediation are listed here. Monitor for updates.

CVE-2024-57990

CVE-2024-57990 refers to a Linux kernel vulnerability in the wireless stack, specifically the MT7925 driver within the MT76/mt7925 code path. The root cause is an off-by-one error in the mt7925_load_clc() path that allowed an out-of-bounds read/write due to a comparison that used ‘>’ where ‘&g...

CVE-2024-58006

CVE-2024-58006 : In the Linux kernel, the PCI Domain (dwc) endpoint driver could allow changing a BAR’s size/flags via pci_epc_set_bar() without clearing the previous BAR, if the new BAR config matches the old. This could cause the inbound address translation range to become smaller than the host...

CVE-2025-21976

CVE-2025-21976 – In the Linux kernel, the hyperv_fb framebuffer driver could leak framebuffer resources if a Hyper-V framebuffer is unbound, triggering warnings and preventing framebuffer release. The fix moves framebuffer and memory release to fb_ops.fb_destroy and replaces manual framebuffer re...

CVE-2025-22122

MODE C: The CVE-2025-22122 issue affects the Linux kernel where adding a folio to a bio could overflow the bi_offset when large folios are used (e.g., >4GB folio on ARCHs with 16GB hugepages like aarch64). The root cause is that the offset could not be represented in an unsigned int, triggerin...

CVE-2025-37761

CVE-2025-37761 affects the Linux kernel drm/xe TLB invalidation path. Root cause: an out-of-bounds shift when invalidating a TLB range larger than rounddown_pow_of_two(ULONG_MAX); fix uses a full TLB invalidation for such cases and updates the range size limit calculation. CVSSv3.1 vector: AV:L/A...

CVE-2025-37882

CVE-2025-37882 relates to a Linux kernel isochronous xHCI Ring handling race. The fix changes how xrun events are processed so that a TD queued at a ring position isn’t prematurely completed or warned about when the event TRB pointer can be NULL or a no-op. Triggering conditions include higher IR...

CVE-2025-37905

CVE-2025-37905 affects the Linux kernel in the firmware: arm_scmi subsystem, where destroying SCMI devices via device_find_child() creates an unbalanced device refcount because device_find_child() performs an implicit get_device(). This prevents release methods from running during destruction, ca...

CVE-2025-37945

CVE-2025-37945 — Linux kernel (net/phy, DSA) Affects MDIO bus PM ops for phylink-controlled PHYs. In drivers without MAC-managed PM, mdio_bus_phy_suspend() did not call phy_stop_machine() because phylink’s phydev->adjust_link is NULL, so the PHY state machine kept running. Consequently, mdio_b...

CVE-2025-37952

CVE-2025-37952 describes a use-after-free in ksmbd within the Linux kernel. A thread destroying a file via __ksmbd_close_fd can race with another thread holding a reference to the same file, because the existing fp->refcount checks do not prevent the issue. The fix adds ft->lock around the ...

CVE-2025-37970

CVE-2025-37970 affects the Linux kernel IIO imu driver st_lsm6dsx_read_fifo. The root cause is a possible infinite loop when pattern_len is zero and the device FIFO is not empty, leading to a local lockup and availability impact. The vulnerability is addressed by a fix in the kernel (as described...

CVE-2025-37980

CVE-2025-37980: In the Linux kernel block subsystem, a resource leak occurs in blk_register_queue() when a queue registration fails after blk_mq_sysfs_register() succeeds. The error-path path lacks cleanup of blk_mq_sysfs resources, leading to memory leaks. The advisory documents that the fix is ...

CVE-2025-38002

Technical details about CVE-2025-38002 are not publicly provided in the supplied documents. Monitor for updates from vendors and security bulletins to obtain affected products, impact, and fixes.

CVE-2025-38084

CVE-2025-38084 concerns the Linux kernel. A race was introduced where hugetlb page-table unsharing could occur before the VMA/rmap locks are held during VMA split. The fix explicitly moves the hugetlb unshare logic into __split_vma(), at the point THP splitting occurs, ensuring both the VMA and r...

CVE-2005-0736

CVE-2005-0736 entry is rejected/not used and does not represent an active vulnerability.

CVE-2007-4997

CVE-2007-4997 affects the Linux kernel 2.6.x, including components in net/ieee80211/ieee80211_rx.c, where an off-by-two integer underflow in ieee80211_rx can crash the kernel when a runt IEEE 802.11 frame with the IEEE80211_STYPE_QOS_DATA flag is used. Impact is remote denial of service (kernel c...

CVE-2010-0007

CVE-2010-0007 affects the Linux kernel’s ebtables in netfilter, where netfilter/ebtables.c allows local users to modify rules without CAP_NET_ADMIN, bypassing access restrictions and enabling arbitrary network-traffic filtering via a modified ebtables user-space tool. Vulnerable: kernel before 2....

CVE-2010-0298

Summary: CVE-2010-0298 affects the x86 emulator in KVM 83, where CPL/IOPL checks are not applied to CPL3 memory accesses, enabling a guest OS user to crash the guest or gain privileges via an IO port or MMIO region (related to CVE-2010-0306). What is affected: KVM/x86 emulator code in affected Li...

CVE-2010-1087

CVE-2010-1087 affects the Linux kernel family 2.6.x up to 2.6.33-rc5. The vulnerability is in nfs_wait_on_request (fs/nfs/pagelist.c) and can cause a denial of service (kernel OOPS) via unknown vectors related to truncating a file and an operation that is not interruptible. The impact is a DoS on...

CVE-2010-4529

CVE-2010-4529 refers to an integer underflow in the irda_getsockopt function (net/irda/af_irda.c) of the Linux kernel prior to 2.6.37 on non-x86 platforms. This underflow could allow a local attacker to obtain potentially sensitive information from kernel heap memory via an IRLMP_ENUMDEVICES gets...

CVE-2011-4326

CVE-2011-4326 affects the Linux kernel’s UDP fragment handling for IPv6 when UDP Fragmentation Offload (UFO) is enabled. Specifically, the vulnerability lies in udp6_ufo_fragment in net/ipv6/udp.c, allowing remote attackers to crash the system by sending fragmented IPv6 UDP packets to a bridge. T...

CVE-2012-0044

CVE-2012-0044 is an integer overflow in drm_mode_dirtyfb_ioctl() within Linux kernel drivers/gpu/drm/drm_crtc.c, vulnerable before 3.1.5. The flaw allows local users to gain privileges or trigger memory corruption/DoS via a crafted ioctl. Public sources (including MiracleLinux AXSA-2012-646:05) c...

CVE-2012-4461

CVE-2012-4461 overview: The Linux kernel KVM subsystem (pre-3.6.9) on hosts using qemu userspace without XSAVE is vulnerable. A local attacker can trigger a denial of service (kernel OOPS) by calling KVM_SET_SREGS to enable the X86_CR4_OSXSAVE bit in the guest CR4, then issuing KVM_RUN. The conne...

CVE-2014-3182

CVE-2014-3182 affects the Linux kernel up to version 3.16.1, where an array index error in the logi_dj_raw_event function of drivers/hid/hid-logitech-dj.c can be exploited by a physically proximate attacker using a malformed REPORT_TYPE_NOTIF_DEVICE_UNPAIRED value to execute arbitrary code or cau...

CVE-2014-3186

CVE-2014-3186 : A buffer overflow in the PicoLCD HID device driver’s picoLCD_raw_event (Linux kernel driver, hid-picolcd_core.c) up to kernel 3.16.3 allows physically proximate attackers to crash the system or potentially execute arbitrary code by sending a crafted large HID report, as used in An...

CVE-2014-4322

CVE-2014-4322 affects the Linux kernel 3.x QSEECOM driver. The qseecom.c ioctl logic does not validate certain offset, length, and base values, enabling a crafted application to escalate privileges or trigger memory corruption. Affected component: drivers/misc/qseecom.c in the QSEECOM driver used...

CVE-2017-17052

The CVE-2017-17052 entry affects the Linux kernel: the mm_init function in kernel/fork.c fails to clear the ->exe_file field of a new process’s mm_struct. This can enable a local attacker to trigger a use-after-free (and potential additional impact) by running a crafted program. Affected path ...

CVE-2021-47007

CVE-2021-47007 affects the Linux kernel’s f2fs resizing path. The issue occurs in f2fs_resize_fs() when resizing a 16GB image to 8GB, where the allocator may run out of space during block migration because the code did not verify there is enough free space to store blocks before resizing. This ca...

CVE-2021-47201

CVE-2021-47201 affects the Linux kernel iavf driver. The vulnerability stems from a sequence bug where iavf_free_queues() clears adapter->num_active_queues, which iavf_free_q_vectors() relies on, leading to a panic when an interface is disabled and later re-enabled after PF communication is re...

CVE-2021-47211

CVE-2021-47211 refers to a Linux kernel vulnerability in ALSA: usb-audio where snd_usb_find_clock_source could return a null cs_desc, risking a null pointer dereference. The fix adds a null check before dereferencing the clock source descriptor. The portrait of affected code points to the ALSA us...

CVE-2021-47237

CVE-2021-47237 relates to a memory leak in the Linux kernel’s net: hamradio mkiss driver. The issue occurs because mkiss_open() allocates a net device but mkiss_close() only unregisters it without freeing, leading to multiple unreferenced objects and memory leaks reported in syzbot logs. The conn...

CVE-2021-47265

CVE-2021-47265 is a Linux kernel RDMA issue in the mlx5_ib driver. The vulnerability stems from missing validation of the user-supplied port when creating a flow rule, leading to an improper check and a kernel oops as shown in the call trace (_create_flow_rule … mlx5_ib_create_flow …). The CVE ha...

CVE-2021-47464

The CVE-2021-47464 issue is a Linux kernel vulnerability in audit_filter_rules where a null-pointer dereference could occur if ctx is NULL. The advisory states a fix has been applied (audit_filter_rules: fix possible null-pointer dereference; ctx could be null) with commits listed in the Referenc...

CVE-2021-47485

CVE-2021-47485 affects the Linux kernel InfiniBand driver (IB/qib). The flaw is a buffer overflow in struct qib_user_sdma_pkt fields caused by arithmetic on user-controlled buffers (overflowing addrlimit or bytes_togo), which can lead to kernel memory corruption. The issue has been resolved by ad...

CVE-2021-47516

CVE-2021-47516 concerns a memory‑leak in the Linux kernel’s nfp_cpp_area_cache_add() path. In the function, area = nfp_cpp_area_alloc(..., size) is allocated (#1). If the subsequent cache allocation kzalloc(sizeof(*cache), GFP_KERNEL) fails, the code returns -ENOMEM without freeing the previously...

CVE-2021-47563

CVE-2021-47563 (Linux kernel, ice driver): A refcount mismanagement in the ice XDP path during VSI rebuilds (e.g., ethtool set_channels) can swap bpf_prog pointers and trigger a late bpf_prog_put, potentially leading to a zero-refcount object and a kernel page fault. The issue affects the ice dri...

CVE-2022-20106

The CVE-2022-20106 entry concerns the MM service, with a heap-based buffer overflow causing an out-of-bounds write that could enable local privilege escalation to SYSTEM. Exploit details or in-the-wild activity are not provided in the documents. No user interaction is required. Remediation refere...

CVE-2022-48955

CVE-2022-48955 affects the Linux kernel Thunderbolt net path. The issue is a memory leak in tbnet_open() where tb_ring_alloc_rx() failure could leave the ida allocated in tb_xdomain_alloc_out_hopid() unreleased. The documented fix adds tb_xdomain_release_out_hopid() to the error path to release t...

CVE-2022-49115

CVE-2022-49115 is a Linux kernel vulnerability in the PCI: endpoint subsystem where a misused goto label could lead to a memory leak. The description across connected advisories reiterates the same root cause and states that a fix was applied in the kernel (commit history referenced in the linked...

CVE-2022-49119

In the Linux kernel, CVE-2022-49119 concerns a memory leak in the SCSI pm8001 path: in pm8001_chip_fw_flash_update_build(), if the build fails, the previously allocated fw_control_ex must be freed. The issue is resolved by applying the fix in the pm8001_chip_fw_flash_update_req/build flow. Affect...

CVE-2022-49178

CVE-2022-49178 concerns the Linux kernel memstick/mspro_block code. The vulnerability stems from leaking a reference when a read-only device is encountered and from how read-only state was checked. The fix propagates the read-only state to the block layer by using set_disk_ro, instead of performi...

CVE-2022-49212

Vulnerability (CVE-2022-49212) in the Linux kernel affects the MTD/Rawnand Atmel NAND driver. A refcounting bug on a refcounted object nc->dmac can miss a balance in several error paths after dma_request_channel(), potentially leaking a reference. The issue is fixed by decrementing the refcoun...

CVE-2022-49289

CVE-2022-49289 : The Linux kernel fixed an integer overflow in uaccess() during access_ok() checks. Three architectures could mis-handle a negative length/overflow at the end of a user access, potentially returning success when it should not. The fix replaces the overflow-prone check with the com...

CVE-2022-49318

CVE-2022-49318 pertains to the Linux kernel f2fs subsystem. The vulnerability arises when Syzbot-triggered WARN_ONs in f2fs_is_valid_blkaddr (and __is_bitmap_valid) are triggered for DATA_GENERIC_ENHANCE or DATA_GENERIC_ENHANCE_READ when blkaddr is out of the expected range. The issue was resolve...

CVE-2022-49320

The CVE-2022-49320 entry concerns the Linux kernel dmaengine for ZynqMP DMA. The root cause is an overflow risk in zynqmp_dma_alloc/free_chan_resources where 32-bit operands are used in size calculations (2 * chan->desc_size * ZYNQMP_DMA_NUM_DESCS). The fix changes the desc_size data type to s...

CVE-2022-49437

CVE-2022-49437 affects the Linux kernel (powerpc/xive) where a refcount leak occurs in xive_spapr_init due to a missing of_node_put() after of_find_compatible_node() returns a node with an incremented refcount. The provided description specifies that the fix adds the missing of_node_put() to avoi...