CVE-2022-48959

CVE-2022-48959 affects the Linux kernel net: dsa: sja1105 code path. The root cause is a memory leak when dsa_devlink_region_create fails in sja1105_setup_devlink_regions(), where priv->regions is not released. The vulnerability resolution is a fix in the kernel that releases the leaked memory...

CVE-2013-4270

CVE-2013-4270 affects the Linux kernel: the net_ctl_permissions function in net/sysctl_net.c may misdetermine uid/gid, allowing a local user to bypass /proc/sys/net restrictions. Affected: kernels before 3.11.5 (reported in EulerOS advisories and Nessus/OpenVAS listings). Impact is local privileg...

CVE-2014-1444

Technical details beyond the Initial Description are not publicly provided in the connected documents. Monitor for updates from upstream advisories to confirm affected products, versions, and fixes.

CVE-2014-2673

CVE-2014-2673 : Linux kernel TM implementation on PowerPC has a flaw in arch_dup_task_struct interacting with clone/fork. In kernels before 3.13.7, this can allow a local user to trigger a denial of service (Program Check and system crash) by executing instructions while the processor is in Trans...

CVE-2015-9004

CVE-2015-9004 affects the Linux kernel up to version 3.18 (pre-3.19). The flaw is in kernel/events/core.c where improper handling of counter grouping enables local privilege escalation via crafted apps, involving perf_pmu_register and perf_event_open. The impact is local Privilege Escalation with...

CVE-2018-17977

CVE-2018-17977 affects Linux kernel 4.14.67, where interaction between XFRM Netlink messages, IPPROTO_AH, and IPPROTO_IP can be exploited locally (with root) to trigger memory exhaustion and system hang; demonstrated on CentOS 7. The provided documents do not specify a fix or patch version.

CVE-2018-7754

CVE-2018-7754 affects the Linux kernel via aoedisk_debugfs_show in drivers/block/aoe/aoeblk.c. The function can be triggered by reading a debugfs file, allowing local users to obtain sensitive address information (ffree: lines). The issue is described as exploitable locally with kernel up to 4.16...

CVE-2021-47067

CVE-2021-47067 relates to the Linux kernel Tegra regulator code. Affected component: soc/tegra regulators in the kernel; issue was a lockup when voltage-spread is out of range. Root cause described: a bug in voltage-spread handling caused the voltage coupler to lock up; the fix accounts for the m...

CVE-2021-47188

CVE-2021-47188 affects the Linux kernel SCSI UFS core abort handling. A warning is produced (WARN_ON(lrbp->cmd)) in ufshcd_queuecommand during abort processing, as shown in the test trace. The fix removes the spurious cmd reference by clearing lrbp->cmd in the abort handler. The associated ...

CVE-2021-47207

CVE-2021-47207 (Linux kernel) : A null pointer dereference in ALSA gus handling (snd_gf1_dma_next_block) could occur if the pointer block returned null. The issue is fixed by adding a null check before dereferencing the pointer. Impact per the entry: local attack vector, low privileges required, ...

CVE-2021-47217

The CVE-2021-47217 issue is in the Linux kernel's x86/hyperv code: a NULL dereference in set_hv_tscchange_cb() if Hyper-V setup fails. The vulnerability occurs when hv_vp_index is dereferenced without validating its array, causing a kernel NULL pointer dereference and potentially disabling Hyper-...

CVE-2021-47281

CVE-2021-47281 affects the Linux kernel ALSA seq subsystem: snd_seq_timer_open() has a race on timeri allocation per queue, allowing a later concurrent call to override the timer and cause a use-after-free until the queue closes. The vulnerability is caused by missing protection when checking the...

CVE-2021-47388

In the Linux kernel, CVE-2021-47388 affects mac80211 within CCMP/GCMP RX, where PN checking for fragmentation could use a stale hdr reference after a potential reallocation, leading to a use-after-free. The fix reloads the PN/hdr after the reallocating code path to ensure the PN is checked agains...

CVE-2021-47453

CVE-2021-47453: In the Linux kernel, the ice driver could crash during unload if RDMA support is uninitialized, due to freeing aux_idx unconditionally in the remove path. The root cause is an IDA free that wasn’t gated by the RDMA status bit, which could be allocated at probe time but become unne...

CVE-2021-47460

CVE-2021-47460 affects the ocfs2 code path in the Linux kernel. The vulnerability arises during conversion from inline inode data to extents, where the converter zeroed the entire data cluster by touching pages beyond i_size, which writeback may ignore, causing data loss after file growth. A fix ...

CVE-2021-47474

CVE-2021-47474 affects the Linux kernel driver family for comedi vmk80xx. The vulnerability arises from the driver using endpoint-sized buffers while assuming tx and rx buffers are equal size; a malicious device could overflow the slab-allocated receive buffer during bulk transfers. The issue is ...

CVE-2021-47479

The CVE-2021-47479 entry concerns the Linux kernel staging driver rtl8712 (rtl8712_dl_fw) with a use-after-free caused by a race between r871xu_dev_remove() and the ndo_open() callback. The issue arises when firmware is freed before the network device is unregistered, allowing the driver to acces...

CVE-2021-47484

CVE-2021-47484 : The Linux kernel fix targets the octeontx2-af driver, addressing a possible null pointer dereference in rvu_debugfs.c and rvu_nix.c. The patch resolves a dereference path that could occur in the affected octeontx2 network/fabric handling. Connected documents confirm a corrected p...

CVE-2021-47486

CVE-2021-47486 affects the Linux kernel’s RISC-V BPF JIT: when NR_JIT_ITERATIONS is reached and jit_data->header is NULL, bpf_jit_binary_free() dereferences a NULL and can crash. The fix is a NULL-argument check before calling bpf_jit_binary_free(), per the provided description. Public details...

CVE-2021-47506

CVE-2021-47506 – Linux kernel: nfsd delegation use-after-free fix Affected component: Linux kernel NFS server (nfsd) delegation handling. The vulnerability arises when a delegation break is processed after a call to vfs_setlease. A callback (nfsd4_cb_recall_prepare) adds the delegation to del_rec...

CVE-2021-47558

The CVE-2021-47558 issue affects Linux kernel’s net:stmmac driver. The bug occurred because Tx queues were not disabled when stopping an interface to apply new configuration, potentially causing a kernel panic during: (1) reconfiguring queue numbers (ethtool -L), (2) resizing ring buffers (ethtoo...

CVE-2021-47565

The CVE-2021-47565 issue is in the Linux kernel, specifically the scsi: mpt3sas path. The root cause is a race/NULL-check problem when iterating over a host (shost) sdev list: a drive may be removed and its sas_target object freed while its sdev remains, allowing code to access sas_target->sas...

CVE-2021-47587

CVE-2021-47587 concerns Linux kernel net: systemport descriptor lifecycle. The vulnerability arises from a shared descriptor list across multiple TX queues where the existing per-queue locking fails to serialize writes to WRITE_PORT_{HI,LO}, allowing concurrent producers to corrupt descriptors. C...

CVE-2021-47638

CVE-2021-47638 affects the Linux kernel ubifs implementation. The issue is a double-free of whiteout_ui->data during the rename_whiteout path, caused by freeing whiteout_ui->data and then freeing ui->data in ubifs_free_inode via ubifs_rename/do_rename flow. KASAN reports double-free; the...

CVE-2021-47654

CVE-2021-47654: Linux kernel landlock sandbox fix for a path_list memory leak where path_list allocated in parse_path() is not freed. Description notes a leak warning in sandboxer.c:134 and that path_list is freed by none. No exploitation details or fixes/versions are specified beyond the fix not...

CVE-2022-47942

CVE-2022-47942 affects ksmbd in Linux kernels 5.15–5.19 before 5.19.2. The issue is a heap-based buffer overflow in set_ntacl_dacl triggered by use of SMB2_QUERY_INFO_HE after a malformed SMB2_SET_INFO_HE, potentially exposing memory corruption paths. Public references confirm the vulnerability a...

CVE-2022-48711

The CVE-2022-48711 entry concerns the Linux kernel TIPC protocol. It fixes a size-validation race in tipc_mon_rcv() that processes received domain_record structures from peers. If a domain record carries more than MAX_MON_DOMAIN (64) members, a stack overflow could occur. A defensive patch adds a...

CVE-2022-48739

CVE-2022-48739 affects the Linux kernel ASoC hdmi-codec subsystem. The vulnerability arises from out-of-bounds memory accesses during memcpy(), caused by an incorrect size for the iec_status array. The fix aligns the size of iec_status with the status array of struct snd_aes_iec958, eliminating t...

CVE-2022-49024

CVE-2022-49024 affects the Linux kernel CAN subsystem (m_can PCI). The patch fixes a memleak by calling m_can_class_free_dev() in the remove path and error handling of the probe path, freeing resources allocated by m_can_class_allocate_dev() . Connected advisories (MiracleLinux/RLSA/RHEL/ALSA OSS...

CVE-2022-49100

The CVE-2022-49100 entry concerns the Linux kernel virtio_console subsystem. The vulnerability is resolved by removing anonymous init and exit functions (module_init/module_exit) and assigning unique driver-specific names, to avoid ambiguity in System.map and initcall_debug logs, per the descript...

CVE-2022-49118

CVE-2022-49118 relates to the Linux kernel SCSI driver for Hisilicon SAS v3 hardware. The vulnerability arises when the driver probe fails to request the channel IRQ or a fatal IRQ, causing the driver to free IRQ vectors before freeing the IRQs in free_irq(), which can trigger a kernel BUG. The d...

CVE-2022-49128

The CVE concerns the Linux kernel DRM bridge PM runtime: calling pm_runtime_get_sync() could increment the runtime PM counter even on error, risking a refcount leak. The provided fix replaces this API with pm_runtime_resume_and_get() (which does not change the runtime PM counter on error) and add...

CVE-2022-49174

The CVE-2022-49174 entry concerns the Linux kernel ext4 code: when flex_bg with fast_commit is enabled, ext4_mb_mark_bb() may read the block bitmap buffer_head only for the starting block group, failing to refresh it when an inode extents crosses a block-group boundary. This can cause memory acce...

CVE-2022-49218

CVE-2022-49218 is a Linux kernel vulnerability in the DRM DP driver: an OOB read when handling the Post Cursor2 register due to an undersized link_status array. The fix removes the common helper and replaces the fetch/decode path with an open-coded approach, mirroring the handling in a related DR...

CVE-2022-49285

CVE-2022-49285 affects the Linux kernel iio: accel: mma8452 driver. The root cause was using the wrong device pointer to locate the corresponding iio data; the old logic could end up dereferencing NULL after the iio_device_alloc change. The fix corrects the data retrieval by using the API path: s...

CVE-2022-49315

CVE-2022-49315 concerns a deadlock in the Linux kernel, specifically in the staging driver rtl8192e (rtllib_beacons_stop). The issue arises when rtllib_beacons_stop() holds ieee->beacon_lock while calling del_timer_sync(), while the timer handler (rtllib_send_beacon_cb) needs the same lock, ca...

CVE-2022-49341

The CVE-2022-49341 entry concerns the Linux kernel vulnerability where bpf, arm64 paths could reveal kernel memory via copy_to_user() in bpf_prog_get_info_by_fd() due to incorrect handling of prog->jited_len. The issue arises when prog->jited_len is set (e.g., to 43) but prog->bpf_func i...

CVE-2022-49342

CVE-2022-49342 affects the Linux kernel net/ethernet/bgmac path (bcma_mdio_mii_register) where of_get_child_by_name() increases the node refcount, causing a refcount leak. The root cause is missing of_node_put() on unused nodes. Patches add the missing of_node_put() to prevent leaks. Patched stat...

CVE-2022-49382

CVE-2022-49382 affects the Linux kernel: soc: rockchip: Fix refcount leak in rockchip_grf_init. The issue occurred because of_find_matching_node_and_match returns a node pointer with an incremented refcount, and the patch adds missing of_node_put() when done to avoid the leak. Connected Astra Lin...

CVE-2022-49402

CVE-2022-49402 concerns the Linux kernel ftrace hashing of direct_functions. The issue triggers a general protection fault when register_ftrace_direct fails, due to the entry not being removed from direct_functions. The available connected docs confirm the root cause and the fix: remove the entry...

CVE-2022-49422

CVE-2022-49422: Linux kernel dmaengine idxd vulnerability. Root cause: error path in idxd_cdev_register() for alloc_chrdev_region() failures leaks allocated resources. Impact is local with high availability impact as per the CVE entry. Affected context is the idxd driver in the kernel; remediatio...

CVE-2022-49529

CVE-2022-49529 affects the Linux kernel’s DRM/AMDGPU PM code. Root cause: during context release with software SMU disabled, pp_funcs may be uninitialized, causing a NULL pointer dereference and kernel panic (as shown by the amdgpu_dpm_force_performance_level trace). The vulnerability is resolved...

CVE-2022-49609

CVE-2022-49609 affects the Linux kernel component power/reset for the arm-versatile family. Root cause: of_find_matching_node_and_match() returns a node pointer with refcount incremented and was not balanced with of_node_put() when no longer needed, causing a refcount leak in versatile_reboot_pro...

CVE-2022-49617

The CVE-2022-49617 issue affects the Linux kernel ASoC: Intel sof_sdw driver, where on card-registration failure (often deferred probes) headset codec device properties are not removed, leading to kernel oops in driver bind/unbind tests. Provided connected documents confirm this exact description...

CVE-2022-49649

CVE-2022-49649 affects the Linux kernel under xen_netback, where xenvif_rx_next_skb() can be called with an empty RX queue during repeated iterations in xenvif_rx_action(), risking a kernel NULL pointer dereference. The provided crash trace centers on xenvif_rx_skb() and the related netback loop....

CVE-2022-49679

The CVE-2022-49679 entry concerns a Linux kernel ARM refcount leak in axxia_boot_secondary. The flaw arises because of_find_compatible_node() returns a node pointer with an incremented refcount and is not paired with a corresponding of_node_put(). The connected Astra Linux and Unity/OSV entries r...

CVE-2022-49694

The CVE-2022-49694 vulnerability affects the Linux kernel in the block I/O subsystem, where the elevator is disabled in del_gendisk. The root cause is a use-after-free risk on q->tag_set because the elevator disabling and scheduler tag freeing were performed in disk_release/blk_cleanup_queue t...

CVE-2022-49962

CVE-2022-49962 affects the Linux kernel xHCI driver: the remove path could dereference a null pointer when xHC has only one roothub, attempting to remove both main and shared hcds even if the shared_hcd doesn’t exist. This could trigger a NULL pointer dereference during reboot for affected contro...

CVE-2022-50015

CVE-2022-50015 : In the Linux kernel ASoC: SOF Intel hda-ipc, there is a vulnerability where a firmware could send a reply before the FW_READY message. Since reply_data is allocated after FW_READY, this can cause a NULL pointer dereference. The issue was reported for IPC4 and the same condition e...

CVE-2022-50126

CVE-2022-50126 concerns the Linux kernel, specifically jbd2: fix assertion 'jh->b_frozen_data == NULL' failure when a journal is aborted. The impact is a kernel BUG triggered during journal abort paths in jbd2_journal_dirty_metadata(), as seen in reproducer traces involving ext4 unlink operati...