CVE-2010-0003

The connected document confirms CVE-2010-0003 affects the Linux kernel (i386) before 2.6.32.4, where the print_fatal_signal path in kernel/signal.c can let local users read arbitrary memory by jumping to an address and reading a log, with potential DoS via the same jump. This is associated with t...

CVE-2010-1085

CVE-2010-1085 affects the Linux kernel before 2.6.32.x/2.6.33-rc4 on the AMD780V chipset. The vulnerability is in the azx_position_ok function in hda_intel.c, where certain inputs can trigger a divide-by-zero and cause a crash (DoS). Public advisories from MiracleLinux and Oracle Linux list this ...

CVE-2010-2946

CVE-2010-2946 affects the Linux kernel via a flaw in fs/jfs/xattr.c where a legacy extended-attributes storage format could let local attackers bypass xattr namespace restrictions using an os2. prefix. Several connected advisories confirm the issue and reference the affected range: Linux kernel v...

CVE-2010-4805

CVE-2010-4805 affects the Linux kernel socket backlog handling in net/core/sock.c prior to 2.6.35, allowing remote DoS via large traffic (backlog management related to sk_add_backlog and sk_rmem_alloc). The entry notes this vulnerability exists due to an incomplete fix for CVE-2010-4251. The conn...

CVE-2012-2100

The CVE-2012-2100 issue affects the Linux kernel before 3.2.2, on x86 (and unspecified other) platforms, via the ext4_fill_flex_info function in fs/ext4/super.c. It allows user-assisted remote attackers to trigger inconsistent filesystem-groups data and potentially cause a denial of service throu...

CVE-2012-2383

CVE-2012-2383 affects the Linux kernel DRM/i915 component: an integer overflow in i915_gem_execbuffer2() within drivers/gpu/drm/i915/i915_gem_execbuffer.c. On 32-bit platforms and prior to kernel 3.3.5, this allows a local user to trigger an out-of-bounds write via a crafted ioctl, leading to a p...

CVE-2013-2895

CVE-2013-2895 affects the Linux kernel HID Logitech DJ driver (drivers/hid/hid-logitech-dj.c) up to version 3.11 when CONFIG_HID_LOGITECH_DJ is enabled. The vulnerability allows physically proximate attackers to cause a denial of service via a NULL pointer dereference and OOPS, or to read sensiti...

CVE-2013-3229

CVE-2013-3229 affects the Linux kernel and is caused by iucv_sock_recvmsg in net/iucv/af_iucv.c not initializing a length variable, enabling local attackers to read kernel stack memory via crafted recvmsg/recvfrom calls. Affected version: kernel builds before 3.9-rc7. Consequences: information di...

CVE-2014-2673

CVE-2014-2673 : Linux kernel TM implementation on PowerPC has a flaw in arch_dup_task_struct interacting with clone/fork. In kernels before 3.13.7, this can allow a local user to trigger a denial of service (Program Check and system crash) by executing instructions while the processor is in Trans...

CVE-2014-9410

The CVE-2014-9410 entry affects the MSM-VFE31 driver for the Linux kernel 3.x (as used in Qualcomm Innovation Center Android contributions). The vulnerability is in vfe31_proc_general, which does not validate a specific id value, enabling a local attacker to gain privileges or cause memory corrup...

CVE-2015-5327

CVE-2015-5327 affects the Linux kernel (4.3-rc1 and later); the flaw is an out-of-bounds memory read in x509_decode_time within x509_cert_parser.c. Impact is partially confidentiality (per CVSS2) and high confidentiality (per CVSS3); the issue is fixed by kernel patches (as noted in referenced ad...

CVE-2015-9004

CVE-2015-9004 affects the Linux kernel up to version 3.18 (pre-3.19). The flaw is in kernel/events/core.c where improper handling of counter grouping enables local privilege escalation via crafted apps, involving perf_pmu_register and perf_event_open. The impact is local Privilege Escalation with...

CVE-2016-3135

CVE-2016-3135 is an integer overflow in xt_alloc_table_info (net/netfilter/x_tables.c) of the Linux kernel up to 4.5.2 on 32-bit platforms, enabling local privilege escalation or heap corruption leading to DoS via IPT_SO_SET_REPLACE. Connected documents corroborate the 32-bit overflow in xt_alloc...

CVE-2018-1095

CVE-2018-1095 concerns the Linux kernel up to 4.15.15, where ext4_xattr_check_entries in fs/ext4/xattr.c fails to validate xattr sizes, causing misinterpretation of a size as an error code. This can enable a crafted ext4 image to trigger a get_acl NULL pointer dereference and crash the system, i....

CVE-2018-14615

CVE-2018-14615 concerns a buffer overflow in the Linux kernel up to version 4.17.10, triggered in truncate_inline_inode() within fs/f2fs/inline.c when unmounting an f2fs image because a length value may be negative. The connected Nessus entries repeat the same description and tie the issue to the...

CVE-2019-18680

Mode C: Affected software is Linux kernel 4.4.x (before 4.4.195). The vulnerability is a NULL pointer dereference in rds_tcp_kill_sock() inside net/rds/tcp.c, which leads to denial of service. Mitigation/workaround: apply the patch from Linux stable 4.4.195 (ChangeLog-4.4.195) or update to a fixe...

CVE-2021-47134

CVE-2021-47134 affects the Linux kernel boot path: if no valid FDT is found, setup_arch() calls efi_init()->efi_get_fdt_params() and initial_boot_params becomes NULL, causing a panic. The patch fixes this by stopping further FDT processing when no valid FDT is found (observed on riscv). Remedi...

CVE-2021-47275

CVE-2021-47275 concerns the Linux kernel w.r.t. the bcache cache-miss path. In cached_dev_cache_miss(), the calculation of the read size for missing cache data can overflow the 16-bit size field embedded in the bkey (via the sectors value), causing oversized inserts into the internal B+ tree. Thi...

CVE-2021-47335

CVE-2021-47335 (Linux kernel, f2fs) : A race on the global fsync_entry_slab across multi filesystem instances caused a use-after-free in the slab cache during f2fs recovery. The root cause is concurrent access to the slab pointer when multiple f2fs mounts exist, leading to a use-after-free during...

CVE-2021-47339

In CVE-2021-47339, the Linux kernel fix targets media: v4l2-core, addressing uninitialized kernel stack data that could be used as input for driver ioctl handlers due to mistakes in compat ioctl implementation. The resolution requires explicitly clearing the entire ioctl input buffer before conve...

CVE-2021-47357

CVE-2021-47357 : In the Linux kernel, the atm: iphase removal path calls del_timer(), which can leave a timer handler running after the driver remove completes, causing a possible use-after-free. The fix uses del_timer_sync() to wait for the timer handler to finish and prevent rescheduling. Conne...

CVE-2021-47368

CVE-2021-47368 concerns a Linux kernel vulnerability in enetc where irq_set_affinity_hit() stores a cpumask_t reference in an irq descriptor, referencing memory on the stack. This leads to illegal accesses when the affinity_hint is read via procfs, potentially causing paging oops. The issue is mi...

CVE-2021-47376

CVE-2021-47376 is a Linux kernel issue where an oversize allocation in kmalloc path could trigger a warning during BPF verification. The provided description and connected advisories indicate the fix adds an oversize check before kvcalloc() via the commit that introduces the guard in mm/kvmalloc(...

CVE-2021-47382

The CVE-2021-47382 entry concerns the Linux kernel component s390/qeth. Root cause: a deadlock risk in qeth_do_reset() where discipline_mutex could be held on an error path, preserving the original deadlock potential when a qeth channel path is offline. The vulnerability arises from a race betwee...

CVE-2021-47395

CVE-2021-47395 : Linux kernel/mac80211 vulnerability where the rate limiting for injected VHT MCS/NSS in ieee80211_parse_tx_radiotap was tightened to fix a syzkaller warning. Affected component: mac80211 (ieee80211_parse_tx_radiotap, ieee80211_rate_set_vht). Reported impact in the public docs is ...

CVE-2021-47399

Technical details about CVE-2021-47399 (ixgbe NULL pointer dereference) are not provided in the supplied documents. Monitor for updates from vendors; no concrete technical details are included here.

CVE-2021-47409

CVE-2021-47409 concerns a Linux kernel vulnerability in the USB: dwc2 subsystem where a NULL return from platform_get_resource() could lead to a NULL pointer dereference. The issue is triggered when the return value is not checked, as described in the CVE entry and echoed in connected advisories ...

CVE-2021-47493

CVE-2021-47493 is a Linux kernel issue affecting ocfs2 where a race between searching chunks and releasing journal_head from a buffer_head can lead to a page fault or panic. The root cause is a race between ocfs2_test_bg_bit_allocatable() and jbd2_journal_put_journal_head(), with bg_bh->b_priv...

CVE-2021-47542

CVE-2021-47542 affects the Linux kernel’s qlcnic logic for certain 83xx devices. In function qlcnic_83xx_add_rings() , the indirect call through ahw->hw_ops->alloc_mbx_args() can return NULL on allocation failure, and the code could dereference this NULL pointer. The patch adds a guard to v...

CVE-2021-47546

CVE-2021-47546 is a Linux kernel vulnerability affecting IPv6 nftables rules. When a fib6_rule_suppress path and a suppress_prefix rule exist, memory leaks occur in ip6_dst_cache per-packet allocations. The root cause is a mismatch between generic FIB_LOOKUP_NOREF and the IPv6-specific RT6_LOOKUP...

CVE-2021-47552

CVE-2021-47552 – Linux kernel : The vulnerability stems from blk-mq dispatch cancellation logic. Previously, blk_mq_quiesce_queue() was not invoked in blk_cleanup_queue(), delaying cancellation to disk_release(), which allowed a race where a scsi_device could be freed before blk_release_queue() r...

CVE-2021-47619

CVE-2021-47619 concerns the i40e Linux kernel XDP path. A PF queue pile fragmentation caused by placing a flow director VSI immediately after the main VSI could prevent the main VSI from resizing its queue allocation when XDP is enabled on systems with many CPUs and an X722 NIC, leading to a NULL...

CVE-2022-1943

CVE-2022-1943 describes an out-of-bounds memory write in the Linux kernel UDF file system, triggered by user-initiated file operations that invoke udf_write_fi(). The flaw could allow a local attacker to crash the system (and, per connected advisories, is associated with Ubuntu and other mappings...

CVE-2022-48744

In CVE-2022-48744, the Linux kernel net/mlx5e driver was made resilient to field-bound checking by avoiding a field-overflowing memcpy() across neighboring fields. The root cause involved copying MLX5E_XDP_MIN_INLINE bytes into a 2-byte inline_hdr.start, causing writes to adjacent data (vlan_tci,...

CVE-2022-48824

CVE-2022-48824 : In the Linux kernel, the scsi myrs driver can crash during error handling. If privdata->hw_init() fails non‑zero, myrs_detect() leaves cs->disable_intr as NULL and myrs_cleanup() dereferences a NULL pointer, causing a kernel crash with a NULL pointer dereference. The issue ...

CVE-2022-48826

Mode C: CVE-2022-48826 affects the Linux kernel drm/vc4, where a deadlock can occur during DSI device attach error when the host device lock is held. Specifically, in the device attach error path, un-registering the host can deadlock with a call trace involving device_del/unregister, mipi_dsi_hos...

CVE-2022-48852

The CVE (CVE-2022-48852) affects the Linux kernel DRM/VC4 HDMI driver. The issue arises because the HDMI codec device is registered on bind but not unregistered on unbind, causing a device leak. Root cause: unbind path does not unregister the HDMI codec device, leaving orphaned device state. The ...

CVE-2022-48959

CVE-2022-48959 affects the Linux kernel net: dsa: sja1105 code path. The root cause is a memory leak when dsa_devlink_region_create fails in sja1105_setup_devlink_regions(), where priv->regions is not released. The vulnerability resolution is a fix in the kernel that releases the leaked memory...

CVE-2022-49061

The CVE-2022-49061 issue affects the Linux kernel net: ethernet: stmmac altr_tse_pcs when using a fixed-link. The driver crashes with a null-pointer dereference because phy_device is not provided to tse_pcs_fix_mac_speed. The patch adds a check for phy_dev before calling tse_pcs_fix_mac_speed() a...

CVE-2022-49089

CVE-2022-49089 (Linux kernel) resolves a race condition in IB/rdmavt code by adding a lock around a call to rvt_error_qp, which the function’s documentation requires both r_lock and s_lock to be held. The issue occurred because a commit in Fixes left the rvt_error_qp call in rvt_ruc_loopback unco...

CVE-2022-49232

CVE-2022-49232 is a Linux kernel vulnerability in the DRM/AMD display path. In amdgpu_dm_connector_add_common_modes(), the code assigns the result of amdgpu_dm_create_common_mode() to mode and then passes it to drm_mode_probed_add(). If amdgpu_dm_create_common_mode() fails, mode may be NULL and d...

CVE-2022-49269

The CVE-2022-49269 issue affects the Linux kernel CAN subsystem: isotp_bind() incorrectly validates CAN IDs, allowing a state machine path that can be reached with non-standard IDs (ex: 0x6000001 and 0xC28001) that map to 11-bit IDs 0x001. The fix sanitizes SFF/EFF CAN ID values before address ch...

CVE-2022-49352

CVE-2022-49352 relates to the Linux kernel ext4: fix warning in ext4_handle_inode_extension, where a write path can trigger inode size accounting inconsistencies under memory pressure. The issue describes an observed sequence where inode.i_size is 4096, but EXT4_I(inode)->i_disksize is set to ...

CVE-2022-49397

CVE-2022-49397 affects the Linux kernel, in the phy: qcom-qmp driver. The vulnerability is a leak of a struct clk (pipe clock reference) on probe errors, including late probe error/deferral paths. The advisory states the fix releases the held pipe clock reference on such errors, i.e., a proper cl...

CVE-2022-49432

CVE-2022-49432 affects the Linux kernel on PowerPC/xics: a refcount leak in icp_opal_init() was fixed. The root cause is that of_find_compatible_node() returns a node pointer with refcount already incremented, and the fix is to call of_node_put() on it when done. The upstream description notes th...

CVE-2022-49438

CVE-2022-49438 : In the Linux kernel, the refcount leak occurs in the path handling for device tree lookups. Specifically, of_find_node_by_path() using of_find_node_opts_by_path() returns a node pointer with an incremented refcount, but the code did not call of_node_put() when done, causing a ref...

CVE-2022-49446

CVE-2022-49446 affects the Linux kernel’s NVDIMM path, describing deadlock risks in CXL/NVDIMM interactions. The advisory notes possible unsafe locking scenarios involving nd_region keys, nvdimm_bus->reconfig_mutex, system_transition_mutex, and cxl_root/acpi_scan_lock chains, triggered by hold...

CVE-2022-49555

The CVE-2022-49555 issue affects the Linux kernel’s Bluetooth hci_qca path. The root cause is use of del_timer() before freeing a timer, risking timer-list corruption; the fix applies del_timer_sync() before freeing and adjusts wake_retrans_timer/work queue destruction by moving the workqueue des...

CVE-2022-49556

The CVE-2022-49556 issue affects the Linux kernel KVM: SVM sev ioctl interfaces. It could cause leakage of uninitialized kernel memory when the length parameter is between SEV_FW_BLOB_MAX_SIZE and the returned data, due to using kmalloc. The fix uses kzalloc for sev ioctl interfaces to allocate c...

CVE-2022-49618

In CVE-2022-49618, the Linux kernel pinctrl: aspeed driver fixes a potential NULL pointer dereference in aspeed_pinmux_set_mux() where pdesc could be null but dereferenced pdesc->name. The patch adds a null check before dereferencing, preventing null pointer access. Connected Astra Linux advis...