13804 matches found
CVE-2024-42155
The CVE-2024-42155 issue affects the Linux kernel on s390 architectures, where the k ey material of protected- or secure-keys should not be visible to the caller. The vulnerability notes that all copies of protected- or secure-keys must be wiped from the stack even if an error occurs. CVSS data p...
CVE-2024-46768
CVE-2024-46768 is rejected/not active. The connected Nessus entry explicitly states that this CVE ID was rejected/withdrawn by its CVE Numbering Authority, so it does not represent an active vulnerability in the published records.
CVE-2024-46776
The CVE-2024-46776 entry corresponds to a Linux kernel flaw in the DRM/AMD display pipeline. The issue arises when the DC_LOG_DC is executed before verifying link_enc, allowing an invalid state that prompted a reported reverse_inull defect; the fix corrects the sequence by running DC_LOG_DC only ...
CVE-2024-56618
CVE-2024-56618 : In the Linux kernel, the pmdomain: imx: gpcv2 handshake delay caused a kernel panic when the handshake ended early. The fix involves waiting longer after the handshake (udelay) due to BUS clock enablement being handled by a separate driver; the observed data suggested udelay(10) ...
CVE-2024-56673
Technical details about CVE-2024-56673 are not provided in the supplied documents. Monitor for updates from the vendors/security advisories for affected products, fixes, and mitigations.
CVE-2024-58091
CVE-2024-58091 – Linux kernel drm_fbdev-dma shadow buffering : The vulnerability arises in DMA areas not always backed by struct page, breaking deferred I/O handling for framebuffer memory. The fix introduces a shadow buffer for drivers requiring deferred I/O and uses it as framebuffer memory, pr...
CVE-2025-21641
CVE-2025-21641 concerns the Linux kernel, where the mptcp: sysctl: blackhole timeout vulnerability could occur from using current->nsproxy. The issue arises from reading net namespace data via the current task, which could be NULL for certain states (e.g., task exiting), risking a null pointer...
CVE-2025-21880
Linux kernel CVE-2025-21880 affects the DRM XE userptr flow (drm/xe/userptr), specifically xe_vm_userptr_pin and EFAULT handling from hmm_range_fault(). The issue arose when EFAULT was treated as non-fatal, which could leave the userptr VMA on the rebind list during preempt_rebind_work_func(), le...
CVE-2025-21902
CVE-2025-21902 affects the Linux kernel (ACPI backends for UCSI). The vulnerability arises from the ucsi core handling of CCI polling and ACPI-opregion synchronization: backends may rely on an unnecessary/unsafe sync, which can be triggered while notifications are disabled and lead to a spurious ...
CVE-2025-22098
CVE-2025-22098 affects the Linux kernel’s DRM for ZynqMP DP. The issue is a deadlock in zynqmp_dp_ignore_hpd_set caused by attempting to lock the same mutex twice; the fix is to lock and unlock it properly (instead of locking twice). The vulnerability was identified by the Clang thread-safety ana...
CVE-2025-22099
CVE-2025-22099 affects the Linux kernel (drm: xlnx: zynqmp_dpsub) where devm_kasprintf() can return NULL and the NULL result wasn’t checked in zynqmp_audio_init(), risking a NULL dereference. The fix adds a NULL check in zynqmp_audio_init() to avoid dereferencing null pointers. Astra Linux securi...
CVE-2025-37827
CVE-2025-37827 affects the Linux kernel’s Btrfs zoned mechanism when a RAID1 block-group has a write-pointer mismatch between disks. Root cause: a NULL pointer dereference in __btrfs_add_free_space_zoned() triggered by converting the metadata profile from DUP to RAID1 on two disks, leading to an ...
CVE-2025-37877
CVE-2025-37877 : Linux kernel iommu-dma cleanup after iommu_device_register() errors may leave devices connected to iommu-dma, risking crashes in iommu-dma. The fix adds cleaning of the dev->dma_iommu flag along with other cleanup when probe/registration fails. Affected component: kernel IOMMU...
CVE-2025-37888
Technical details for CVE-2025-37888 are not provided in the supplied documents; only a high-level description of the Linux kernel fix is shown. Please monitor for vendor advisories for affected products and remediation.
CVE-2025-38007
CVE-2025-38007 affects HID uclogic in the Linux kernel. Root cause: uclogic_input_configured() dereferences a NULL after devm_kasprintf() returns NULL due to allocation failure. Mitigation: a NULL check is added after devm_kasprintf() to prevent the dereference. Described fixes are documented in ...
CVE-2025-38009
CVE-2025-38009 : In the Linux kernel, the wifi driver mt76 initializes and cleans up TX NAPI on removal. A fix disables TX NAPI before deleting the NAPI instance in mt76_dma_cleanup() to prevent a warning observed after commit 9dd05df8403b. The issue arises when driving removal of mt7921e/mt76 dr...
CVE-2025-38010
CVE-2025-38010 – Linux kernel patch replaces a single reference counter for UTMI pad power with a per-pad bitmask (utmi_pad_enabled) to track all four USB2 UTMI PHY pads. The root cause was an unbalanced reference count when suspending with connected USB devices, due to power-downs not validating...
CVE-2025-38219
CVE-2025-38219 affects the Linux kernel F2FS code path. The issue is a downgrade-related negative i_nlink scenario that could trigger a kernel warning; the vulnerability was resolved in the cited upstream code path (f2fs_i_links_write -> f2fs_drop_nlink -> f2fs_unlink), as shown in the conn...
CVE-2025-38239
CVE-2025-38239 affects the Linux kernel megaraid_sas driver. On systems with DRAM interleave enabled, an out-of-bounds access can occur due to an invalid node index in megasas_alloc_irq_vectors during megaraid_sas probing, which triggers UBSAN reports (array-index-out-of-bounds in topology.h: ind...
CVE-2025-38280
CVE-2025-38280 affects the Linux kernel’s BPF/JIT path. When a BPF program is compiled with JIT and CONFIG_BPF_JIT_ALWAYS_ON is not set while bpf_jit_enable is 1, the arch may attempt JIT the program, fail due to FAULT_INJECTION, and incorrectly treat the program as valid, causing a WARN_ON_ONCE ...
CVE-2025-38283
CVE-2025-38283 : In the Linux kernel, a bug in the hisi_acc_vfio_pci live migration path could cause a NULL data address during device data migration when the VF device driver is not loaded in the guest. This leads to access errors on the destination during live migration recovery. The fix disabl...
CVE-2025-38307
CVE-2025-38307 refers to a Linux kernel vulnerability in the ASoC: Intel: avs driver. The issue arises from how parse_int_array() returns content: the first element stores the array length, and if that length is 0, manipulating beyond index 0 can cause a null-ptr-deref. The vulnerability is trigg...
CVE-2025-38335
CVE-2025-38335 concerns a Linux kernel vulnerability in the gpio_keys driver related to PREEMPT_RT. The description states that when PREEMPT_RT is enabled, gpio_keys_irq_timer() can run in hard IRQ context while input_event() uses a spin_lock, which is incompatible with hard IRQ. This leads to a ...
CVE-2025-38459
CVE-2025-38459: Linux kernel ATM CLIP module vulnerability causing Denial of Service via infinite recursion in clip_push(). Root cause: second ATMARP_MKIP ioctl triggers recursion when vcc->old_push is used after first call; mitigation implemented by checking vcc->user_back (clip_vcc) and u...
CVE-2025-38480
CVE-2025-38480 : In the Linux kernel's Comedi subsystem, insn_rw_emulate_bits() may read uninitialized data for INSN_READ/INSN_WRITE when insn->n is 0, causing an incorrect write to digital outputs and potentially corrupting channel state. The fix returns 0 early when insn->n == 0, aligning...
CVE-2025-38497
CVE-2025-38497 (Linux kernel) affects usb gadget configfs: writing an empty string to the qw_sign or landingPage sysfs attributes can dereference page[l-1] before length validation, causing an OOB read. The fix adds an early length check in os_desc_qw_sign_store() and webusb_landingPage_store() t...
CVE-2005-1768
The CVE-2005-1768 issue is a race condition in the Linux kernel’s IA32 (x86) compatibility execve() handling, affecting amd64/Intel EM64T and Itanium platforms. A concurrent thread can increment a pointer count after nargs has counted pointers but before copying from user space to kernel space, l...
CVE-2005-3272
CVE-2005-3272 affects the Linux kernel prior to 2.6.12. The issue lets remote attackers poison the bridge forwarding table with frames that have already been dropped by filtering, causing the bridge to forward spoofed packets. The vulnerability stems from how bridge/frame filtering handling inter...
CVE-2006-6106
The CVE-2006-6106 entry describes several buffer overflows in the Bluetooth driver (net/bluetooth/cmtp/capi.c) of the Linux kernel, specifically in the cmtp_recv_interopmsg function. Affected products/versions include Linux kernel 2.4.22 up to 2.4.33.4 and 2.6.2 up to 2.6.18.5, with 2.6.19.x also...
CVE-2007-2525
CVE-2007-2525 : Memory leak in the Linux kernel PPPoE socket implementation allows a local user to cause a denial of service by creating a socket with connect and releasing it before PPPIOCGCHAN is initialized. Affected: Linux kernel before 2.6.21-git8. Impact: memory consumption leading to DoS. ...
CVE-2008-3831
The CVE-2008-3831 entry concerns the i915 DRM driver in Linux kernel 2.6.24 (notable on Debian GNU/Linux) and OpenBSD. The root cause is that the DRM_I915_HWS_ADDR ioctl is not restricted to the DRM master due to the absence of the DRM_MASTER and DRM_ROOT_ONLY flags in the ioctl configuration. Th...
CVE-2008-4576
CVE-2008-4576 affects the Linux kernel SCTP implementation prior to 2.6.25.18. A remote attacker can trigger a denial of service by sending an INIT-ACK that states the peer does not support AUTH, causing sctp_process_init to clean up active transports and, when the T1-Init timer expires, to trigg...
CVE-2009-0748
CVE-2009-0748 affects the Linux kernel: ext4_fill_super in fs/ext4/super.c fails to validate the superblock configuration, enabling a local attacker to trigger a NULL pointer dereference/OOPS when mounting a crafted ext4 filesystem. Impact is local denial of service. Affected ranges: Linux kernel...
CVE-2009-2909
CVE-2009-2909 affects the Linux kernel ax25 subsystem (ax25_setsockopt in net/ax25/af_ax25.c). The vulnerability arises from a signedness/unsigned check issue in the ax25 sockopt/setsockopt path, enabling a local attacker to cause a kernel OOPS or potentially crash the kernel and execute code. Pu...
CVE-2010-2960
CVE-2010-2960 affects Linux kernel 2.6.35.4 and earlier: the keyctl_session_to_parent function assumes a parent session keyring exists, allowing local users to cause a NULL pointer dereference and system crash (denial of service) via a KEYCTL_SESSION_TO_PARENT argument. Root cause pertains to ses...
CVE-2011-3593
CVE-2011-3593 : The Linux kernel 2.6.32 on Red Hat Enterprise Linux 6 is affected by a vulnerability in the VLAN patch within net/8021q/vlan_core.c (vlan_hwaccel_do_receive). This enables remote attackers to cause a denial of service (system crash) via priority-tagged VLAN frames. Connected advis...
CVE-2012-2745
CVE-2012-2745 affects the Linux kernel prior to 3.3.2. The copy_creds function in kernel/cred.c may provide an invalid replacement session keyring to a child process, allowing local users to cause a denial of service (panic) via a crafted fork. Affected: Linux kernel
CVE-2013-3223
The CVE-2013-3223 issue affects the Linux kernel: the ax25_recvmsg function in net/ax25/af_ax25.c does not initialize a certain data structure, allowing local attackers to read sensitive information from kernel stack memory via crafted recvmsg or recvfrom calls. Affected kernel versions are befor...
CVE-2013-3235
Mitigation-ready summary for CVE-2013-3235: In the Linux kernel, net/tipc/socket.c prior to 3.9-rc7 does not initialize a certain data structure and a length variable, enabling local attackers to read sensitive data from kernel stack memory via crafted recvmsg/recvfrom. Affected scenario is local...
CVE-2013-6431
The CVE-2013-6431 issue affects the Linux kernel’s IPv6 routing code: the fib6_add function in net/ipv6/ip6_fib.c fails to encode error codes correctly in versions before 3.11.5, enabling a local user with CAP_NET_ADMIN to trigger a NULL pointer dereference via an IPv6 SIOCADDRT ioctl, causing a ...
CVE-2013-7027
The CVE-2013-7027 entry concerns the Linux kernel vulnerability in the ieee80211_radiotap_iterator_init function (net/wireless/radiotap.c) prior to 3.11.7. The issue is that the code does not validate whether a frame contains data outside of the header, which may allow an attacker to trigger a de...
CVE-2014-2039
CVE-2014-2039 affects the Linux kernel on s390 where arch/s390/kernel/head64.S mishandles attempts to use the linkage stack, enabling local users to crash the system (denial of service) by executing a crafted instruction. The linked Nessus/MiracleUnity/EulerOS advisories confirm the issue exists ...
CVE-2015-8961
The vulnerability CVE-2015-8961 affects the Linux kernel prior to 4.3.3, specifically the __ext4_journal_stop function in fs/ext4/ext4_jbd2.c. It allows local users to gain privileges or cause a denial of service (use-after-free) by improper access to a certain error field. The issue is resolved ...
CVE-2017-0428
CVE-2017-0428 describes an elevation-of-privilege in the NVIDIA GPU driver that could allow a local malicious application to execute arbitrary code in kernel context on Android devices with Kernel-3.10. The Android entry notes an Android ID (A-32401526) and flags the issue as critical due to pote...
CVE-2018-1000028
CVE-2018-1000028 is a Linux kernel vulnerability affecting kernels released after commit bdcf0a423ea1 (examples: 4.15-rc4+, 4.14.8+, 4.9.76+, 4.4.111+). It describes an Incorrect Access Control flaw in the NFS server (nfsd) that can let remote attackers read or write files they should not access ...
CVE-2020-36789
The CVE-2020-36789 entry pertains to the Linux kernel CAN stack. A driver calling can_get_echo_skb() in hardware IRQ context could trigger WARN_ON(in_irq) in skb_release_head_state() under congestion, risking NULL pointer dereference. Root cause: kfree_skb() used instead of the IRQ-safe path in n...
CVE-2021-47146
CVE-2021-47146 concerns the Linux kernel where mld_newpack could panic when headroom is large because high-order page allocation was disallowed (skb_put() path). The issue is triggered during IPv6 multicast handling in mld_newpack/mld_send_initial_cr and can lead to a kernel crash; the provided t...
CVE-2021-47158
CVE-2021-47158 affects the Linux kernel’s net: dsa: sja1105 code path, specifically sja1105_setup() and its helpers (sja1105_static_config_load(), sja1105_clocking_setup(), sja1105_devlink_setup()). The root cause is missing cleanup when these steps fail, which could lead to memory leaks if the f...
CVE-2021-47241
The CVE-2021-47241 issue is a Linux kernel vulnerability related to ethtool: strset: fix message length calculation. The root cause is that the outer nest for ETHTOOL_A_STRSET_STRINGSETS was not accounted for, which could cause ETHTOOL_MSG_STRSET_GET to emit a warning and potentially trigger a sp...
CVE-2021-47248
CVE-2021-47248 (Linux kernel) : The vulnerability involves a race between close() and udp_abort() in UDP, where both racing functions acquire the socket lock but udp{v6}_destroy_sock() releases it before performing destructive actions. The fix uses the SOCK_DEAD flag to prevent udp_abort from act...